14372 matches found
CVE-2022-49809
CVE-2022-49809 affects the Linux kernel in the x25 subsystem (net/x25). The vulnerability arises in x25_lapb_receive_frame() where skb_copy() is used to obtain a private copy of skb; if the new skb is not freed in the undersized/fragmented skb error handling path, a memory leak occurs. The provid...
CVE-2022-49507
CVE-2022-49507 affects the Linux kernel regulator driver for the da9121 (regulator/da9121-regulator.c). The issue arises when da9121_assign_chip_model() accesses regmap without it being initialized due to an invalid chip->subvariant_id (set to -EINVAL by a malformed device tree). This leads to...
CVE-2022-49591
CVE-2022-49591 relates to the Linux kernel, specifically the DSA Microchip ksz_common path. The root cause is a refcount leak in ksz_switch_register(): the reference returned by of_get_child_by_name() is not released. The fix is to call of_node_put() on that reference (which has increased the ref...
CVE-2022-49656
The CVE-2022-49656 entry concerns the Linux kernel ARM meson driver, where of_find_compatible_node() returns a node pointer with an incremented refcount. The flaw leads to a refcount leak, fixed by adding of_node_put() after use. Multiple connected advisories reiterate this mitigation (kernel pat...
CVE-2022-49755
CVE-2022-49755 affects the Linux kernelās USB gadget path (usb: gadget: f_fs) and specifically the ffs_ep0_queue_wait flow. The vulnerability arises from a race between ffs_ep0_write/ffs_ep0_read and functionfs_unbind, where ep0req can be freed and there is no NULL check in ffs_ep0_queue_wait, ri...
CVE-2022-49821
CVE-2022-49821 concerns the Linux kernel mISDN subsystem. The vulnerability is described as a memory leak in mISDN_dsp_element_register(), mitigated by a patch that makes the device name allocation dynamic and uses put_device() to release references so the name can be freed in kobject_cleanup(). ...
CVE-2022-49823
In CVE-2022-49823, the Linux kernelās ata_tdev_add() in libata-transport is vulnerable because it does not verify the return value of transport_add_device(). If transport_add_device() fails, the subsequent removal path calls transport_remove_device() and device_del() on a device that may not have...
CVE-2022-49880
CVE-2022-49880 : Linux kernel ext4 inline-data migration may trigger a reliable warning in ext4_da_release_space when a writeback path releases space with to_free=1 but i_reserved_data_blocks==0. The issue is resolved by forbidding inodes with inline data from migration (ext4 inline data handling...
CVE-2022-49913
CVE-2022-49913 concerns a memory leak in the Linux kernelās btrfs backref walking code. During find_parent_nodes() on data extents, if an error occurs while resolving indirect backrefs (resolve_indirect_refs()) or while iterating direct refs in the rbtree, inode lists attached to direct refs not ...
CVE-2022-49973
The CVE-2022-49973 entry concerns a Linux kernel vulnerability in sk_msg_recvmsg triggered by an incorrect last scatter-gather (sg) check. The root cause is a change to the last sg validation (to sg_is_last()) in sk_msg_recvmsg(), but the end of the scatterlist was not marked in sockmap redirecti...
CVE-2022-49991
CVE-2022-49991 is a Linux kernel vulnerability involving mm/hugetlb where, in MCOPY_ATOMIC_CONTINUE with a non-shared VMA, pages from the page cache could be installed into ptes and trigger a corrupted page->mapping due to an erroneous call to hugepage_add_new_anon_rmap. The connected document...
CVE-2022-50076
CVE-2022-50076 concerns the Linux kernel CIFS implementation: a memory leak in the deferred close path has been fixed. The description from multiple sources (NVD entry and connected advisories) shows the issue manifests as a kmemleak report during SMB2/xfstests (xfstests on smb21 report kmemleak)...
CVE-2022-50116
The CVE refers to a Linux kernel flaw in tty n_gsm where deadlocks and link starvation could occur in the outgoing data path under ldisc congestion. The fix adds an additional control-channel data queue and processes it before the user-channel queue in gsm_data_kick(), moving this work to a dedic...
CVE-2022-50124
The CVE-2022-50124 entry concerns the Linux kernel ASoC driver mt6797-mt6351 (mt6797_mt6351_dev_probe). Technical detail: of_parse_phandle() returns a node pointer with a refcount increment; the correct remediation is to call of_node_put() when the node is no longer needed to avoid a refcount lea...
CVE-2022-50196
In the Linux kernel, the vulnerability CVE-2022-50196 affects the soc: qcom: ocmem path. It stems from a refcount leak in of_parse_phandle() where the returned node pointerās refcount isnāt released; a missing of_node_put() caused the leak. The fix adds a proper of_node_put() on the node when it ...
CVE-2022-50215
CVE-2022-50215 : Linux kernel fix for SCSI (sg) behavior when a device is removed during active usage. The issue was that sg previously returned -ENODEV for waiting on active commands after removal, which could cause memory corruption for READs or data corruption on WRITE due to buffers still in ...
CVE-2022-50220
CVE-2022-50220 is a Linux kernel vulnerability in the usbnet subsystem where a use-after-free can occur on disconnect due to linkwatch handling after unregister_netdev. The issue stems from usbnet_deferred_kevent() being awaited in a path that may access freed netdev state, potentially enabling m...
CVE-2023-52681
Summary (CVE-2023-52681) : In the Linux kernel, efivarfs allocated a s_fs_info on filesystem context creation but did not Free it when the superblock is unmounted, leading to a potential resource lifecycle issue. The vulnerability is resolved by ensuring proper cleanup of the s_fs_info structure ...
CVE-2023-52687
CVE-2023-52687 affects the Linux kernel crypto safexcel path. The issue arises when dma_map_sg() can return 0 on error, risking improper handling of DMA mappings. The published patch adds error checks for dma_map_sg() and ensures previously mapped buffers are unmapped via dma_unmap_sg() to preven...
CVE-2023-52705
CVE-2023-52705 is a kernel vulnerability affecting the nilfs2 filesystem code in Linux. The issue is an underflow/incorrect boundary calculation in NILFS_SB2_OFFSET_BYTES that computes the position of the second superblock, which can underflow when the device size is smaller than 4096 bytes. This...
CVE-2023-52739
CVE-2023-52739 affects the Linux kernel; the issue is a race in the memory allocator where the PageHead check in __free_pages can be observed after the page reference is dropped, causing freeing of tail pages and potential page corruption or crashes. Root cause identified from the commit e320d301...
CVE-2023-52787
CVE-2023-52787: Linux kernel vulnerability in blk-mq handling of bio integrity. The issue could cause a kernel panic when queue usage counters arenāt properly held during bio_integrity_prep and bio merge. Fixes in updated kernels require calling bio_integrity_prep() with a reliably grabbed queue ...
CVE-2023-52826
CVE-2023-52826 : In the Linux kernel, a null pointer dereference in the DRM panel path was addressed. Specifically, in drm/panel/panel-tpo-tpg110, tpg110_get_modes() previously assigned the return value of drm_mode_duplicate() to mode and did not check for failure, risking an NP dereference on NU...
CVE-2023-53019
CVE-2023-53019 concerns the Linux kernel: the net/mdio subsystem allowed an out-of-bounds access in mdiobus_get_phy() when an invalid addr is passed (e.g., -1 in stmmac_init_phy). The advisory notes that addr must be validated before use to prevent access to mdio_map. Impact is described as high,...
CVE-2023-53053
CVE-2023-53053 affects the Linux kernel: erspan handling relied on skb_mac_header() in ndo_start_xmit(), with drivers incorrectly assuming skb_mac_header(skb) == skb->data. The issue is fixed by using skb_network_offset() and skb_transport_offset() in erspan_fb_xmit() and ip6erspan_tunnel_xmit...
CVE-2023-53109
CVE-2023-53109 : Linux kernel vulnerability in net: tunnels where IP tunnels may update dev->needed_headroom in the xmit path, causing a data race (KCSAN) in ip_tunnel_xmit and related paths. The patch annotates lockless accesses to dev->needed_headroom for three tunnelsā xmit paths and als...
CVE-2024-26799
The CVE-2024-26799 vulnerability affects the Linux kernel ASoC: qcom driver, where __lpass_get_dmactl_handle could leave dmactl uninitialized when the driver dai_id is invalid. This could allow a garbage value to bypass a null check. It has been fixed by initializing dmactl to NULL (aligned with ...
CVE-2024-36962
CVE-2024-36962 affects the Linux kernel KS8851 driver (net: ks8851). The vulnerability arises when RX packets are queued inside an IRQ handler that is protected by a mutex, which could lead to hanging due to a potential lock conflict with net_rx_action(). The fix replaces BH manipulation (local_b...
CVE-2024-38572
CVE-2024-38572 concerns the Linux kernel wifi driver ath12k. The issue is a missing terminator entry in ath12k_qmi_msg_handlers, which can trigger a global out-of-bounds read in qmi_invoke_handler via KASAN. A fix adds a dummy terminator entry to allow qmi_invoke_handler to traverse to the termin...
CVE-2024-38595
CVE-2024-38595 affects the Linux kernel mlx5 subsystem: a patch changing register devlink flow did not update the peer devlink set logic, triggering a call trace when peer devlink set is done after devl_register. The fix aligns peer devlink set logic with the register flow to prevent the trace. I...
CVE-2024-38617
Technical details about CVE-2024-38617 are not provided in the supplied documents. Monitor for updates from vendor advisories and kernel project commits for affected components and fixed versions.
CVE-2024-38623
CVE-2024-38623 : The issue in the Linux kernel relates to the ntfs3 code using a fixed-size array, leading to a memcpy overflow in ntfs_set_label about uni->name (20 vs 256). The fix is to switch to a variable-length array (fs/ntfs3) to prevent the overflow. Connected Astra Linux advisories co...
CVE-2024-39462
CVE-2024-39462 : Linux kernel vulnerability in bcm clk DV P. Root cause: after commit that annotated clk_hw_onecell_data with __counted_by, hws[] was accessed before ->num was initialized, triggering UBSAN array-index-out-of-bounds (drivers/clk/bcm/clk-bcm2711-dvp.c:59). Impact : potential out...
CVE-2024-46741
The CVE-2024-46741 issue is in the Linux kernelās misc/fastrpc subsystem. The root cause is a double free of the fastrpc buffer in the error path of fastrpc_req_mmap(): the buffer is freed in fastrpc_req_munmap_impl() on a successful unmap, but there is an unconditional call to fastrpc_buf_free()...
CVE-2024-53182
The CVE-2024-53182 issue affects the Linux kernel BFQ Scheduler. A revert of the patch that merged bfq_release_process_ref() into bfq_put_cooperator() caused bic_set_bfqq to operate on a freed bic data structure, yielding a slab-use-after-free detected by KASAN in bic_set_bfqq+0x200/0x230. Impact...
CVE-2024-58091
CVE-2024-58091 ā Linux kernel drm_fbdev-dma shadow buffering : The vulnerability arises in DMA areas not always backed by struct page, breaking deferred I/O handling for framebuffer memory. The fix introduces a shadow buffer for drivers requiring deferred I/O and uses it as framebuffer memory, pr...
CVE-2025-21641
CVE-2025-21641 concerns the Linux kernel, where the mptcp: sysctl: blackhole timeout vulnerability could occur from using current->nsproxy. The issue arises from reading net namespace data via the current task, which could be NULL for certain states (e.g., task exiting), risking a null pointer...
CVE-2025-21746
The CVE-2025-21746 issue affects the Linux kernel Input: synaptics path for enabling a pass-through port. Root cause: when enabling a pass-through port, an interrupt may arrive before the psmouse driver binds, and the synaptics sub-driver may access a psmouse instance not yet attached, potentiall...
CVE-2025-21880
Linux kernel CVE-2025-21880 affects the DRM XE userptr flow (drm/xe/userptr), specifically xe_vm_userptr_pin and EFAULT handling from hmm_range_fault(). The issue arose when EFAULT was treated as non-fatal, which could leave the userptr VMA on the rebind list during preempt_rebind_work_func(), le...
CVE-2025-22114
CVE-2025-22114 affects the Linux kernelās BTRFS subsystem. The root cause is a change in btrfs_validate_super() where a call to validate_sys_chunk_array() clobbers a previously set return value, negating earlier validity checks and potentially allowing mounting of invalid filesystems. The issue h...
CVE-2025-37866
CVE-2025-37866: Linux kernel vulnerability in mlxbf-bootctl where sysfs_emit() is used with a non-page-aligned buffer in secure_boot_fuse_state_show(), triggering a warning on BlueField SOCs. The driver should use sysfs_emit_at() to support non-zero offsets; the issue is mitigated by the patch th...
CVE-2025-37950
CVE-2025-37950 concerns the Linux kernel, specifically the ocfs2 subsystem. The issue arises when the folio array allocation fails (ENOMEM) during an update that converts w_pages to w_folios, and the free-path code expects valid folio pointers or NULLs. If -ENOMEM is encountered, a panic can occu...
CVE-2025-38010
CVE-2025-38010 ā Linux kernel patch replaces a single reference counter for UTMI pad power with a per-pad bitmask (utmi_pad_enabled) to track all four USB2 UTMI PHY pads. The root cause was an unbalanced reference count when suspending with connected USB devices, due to power-downs not validating...
CVE-2025-38020
In the Linux kernel issue CVE-2025-38020, MACsec offload is not supported in switchdev mode for uplink representors. The vulnerability stems from NETIF_F_HW_MACSEC remaining set when switching to the uplink representor profile, allowing a null pointer dereference when offloads are added. The fix ...
CVE-2025-38027
The CVE-2025-38027 entry describes a Linux kernel vulnerability in the regulator max20086 code path. The root cause is that max20086_parse_regulators_dt() uses an on-stack array of struct of_regulator_match for matches and then relies on devm_of_regulator_put_matches(), which allocates a devm_of_...
CVE-2025-38080
The CVE-2025-38080 issue affects the Linux kernel DRM/AMD display path. Root cause: hwss_build_fast_sequence can generate more than 50 steps, overflowing the block_sequence buffer for multi-pipe (e.g., 6-pipe) ASICs and corrupting block_sequence_steps, leading to a crash. Fix: increase the block_...
CVE-2025-38100
CVE-2025-38100 affects the Linux kernel (x86/iopl). The issue arises when a task with TIF_IO_BITMAP set lacks an installed bitmap, causing tss_update_io_bitmap() to dereference NULL. Two problems are fixed: (1) io_bitmap_exit() no longer calls task_update_io_bitmap() for non-current tasks (cleanu...
CVE-2025-38147
Technical details about CVE-2025-38147 (affected software, impact, exploitability, and fix specifics) are not publicly provided in the supplied documents. Please monitor for updates from vendors and security bulletins.
CVE-2025-38149
CVE-2025-38149 ā Linux kernel net: phy: clear phydev->devlink when the link is deleted . The issue causes a crash when disabling and re-enabling a network port because phydev->devlink is not cleared after phy_detach() calls device_link_del(), leaving a stale value that is dereferenced on re...
CVE-2025-38206
CVE-2025-38206 concerns the Linux kernel exfat subsystem, where a double free could occur in the delayed_free pathway during exfat_kill_sb() via exfat_free_upcase_table(). The vulnerability arises when freeing vol_utbl twice due to an error return path in exfat_create_upcase_table() leading to a ...