13804 matches found
CVE-2022-48928
The CVE-2022-48928 issue affects the Linux kernel driver iio: adc, specifically the men_z188_adc component. A resource leak occurs in an error path when iio_device_register() fails, leaving a previously mapped region (ioremap()) unbalanced. The root cause is an unbalanced iounmap() not being call...
CVE-2022-48930
CVE-2022-48930 corresponds to a deadlock in the Linux kernel RDMA/ib_srp path. The fix removes the flush_workqueue(system_long_wq) call, which was deadlock‑prone and redundant with a preceding cancel_work_sync(). The associated Nessus entries reproduce the advisory text and reference kernel-stabl...
CVE-2022-48933
CVE-2022-48933 affects the Linux kernel nf_tables stateful object update path. The issue arises when updating stateful objects from the control plane: a temporary object is created, but its destruction path leaks resources because the update flow does not increment the module refcount. The fix is...
CVE-2022-49117
The CVE-2022-49117 issue is in the Linux kernel (mips/ralink): a refcount leak in ill_acc_of_setup() that requires of_node_put(np) when pdev == NULL. The vulnerability is addressed by applying the fix that ensures proper reference counter management, preventing the leak and potential use-after-fr...
CVE-2022-49149
The CVE-2022-49149 issue concerns the Linux kernel’s rxrpc timer race: a timer in the rxrpc_call structure can be started from packet input paths running under softirq with only the RCU read lock held. This allowed a call to be destroyed concurrently with timer start, potentially restarting a tim...
CVE-2022-49240
The CVE-2022-49240 issue is in the Linux kernel ASoC: mediatek mt8195 driver. The of_parse_phandle() call returns a device_node with refcount incremented, but of_node_put() is not invoked in the error path, causing a refcount leak; a fix ensures of_node_put() is called on the device_node in error...
CVE-2022-49250
CVE-2022-49250 : In the Linux kernel ASoC codecs rx-macro path, the AUX interpolator may access compander data without checking that compander exists, potentially causing an out-of-bounds access in the comp_enabled[] array. The issue is resolved by adding a guard before accessing compander data. ...
CVE-2022-49317
CVE-2022-49317 relates to the Linux kernel’s f2fs code, where an infinite loop could occur while flushing node pages, triggered by certain xfstests/generic/475 scenarios that could yield sustained EIO. The provided documents indicate a resolved issue in f2fs: avoid infinite loop to flush node pag...
CVE-2022-49324
CVE-2022-49324 affects the Linux kernel via a refcount leak in the mips CPC default physical base. The root cause is a missing of_node_put() to release a refcount incremented by of_find_compatible_node(), leading to a leak. The primary fix is to add the missing of_node_put() to release the refcou...
CVE-2022-49384
CVE-2022-49384 is a Linux kernel vulnerability in the md (memory descriptor) subsystem where io_acct_set bioset could be freed twice. The fix relocates allocation/free of io_acct_set to the personality path and removes freeing in md_free and md_stop. Connected advisories (Astra Linux SUSE securit...
CVE-2022-49386
CVE-2022-49386 concerns the Linux kernel net: ethernet: ti: am65-cpsw-nuss driver. The bug leaks refcounts because of_get_child_by_name() returns a node pointer with an incremented refcount and the code fails to call of_node_put() when the node is no longer needed; am65_cpsw_init_cpts() and am65_...
CVE-2022-49439
In CVE-2022-49439, the Linux kernel's powerpc/fsl_rio_setup had a refcount leak: of_parse_phandle() returns a node pointer with refcount incremented, and code failed to call of_node_put() when it was no longer needed. The patch adds the missing of_node_put() to prevent the leak and closes the vul...
CVE-2022-49509
CVE-2022-49509 : In the Linux kernel, the vulnerability arises when removing the max9286 I2C driver, causing a kernel oops due to the I2C client data potentially pointing to a freed v4l2_subdev instead of max9286_priv. The fix updates max9286_remove/max9286_probe/max9286_init so that the driver n...
CVE-2022-49571
CVE-2022-49571 : In the Linux kernel, a data-race around reading sysctl_tcp_max_reordering could occur as the value is updated concurrently while being read. The fix adds READ_ONCE() to the readers of sysctl_tcp_max_reordering. Affected/affected-by notices appear in multiple advisories (EulerOS, ...
CVE-2022-49650
The CVE-2022-49650 entry is a Linux kernel security fix for the dmaengine: qcom: bam_dma path. The root cause described is an unbalanced pm_runtime_get()/pm_runtime_put() when the BAM is controlled remotely, caused by a prior commit; the fix reverts that change and enables pm_runtime in all cases...
CVE-2022-49696
CVE-2022-49696 is a Linux kernel use-after-free in tipc_named_reinit, triggered by a race with workqueue finalization. The issue arises because cancel_work_sync() ordering could allow a destroyed TipC namespace to be accessed by a work item enqueuing later, leading to a read of freed memory (KASA...
CVE-2022-49811
In CVE-2022-49811, the Linux kernel’s DRBD subsystem is affected by a use-after-free in drbd_create_device(), caused when the drbd_destroy_connection() frees the underlying connection while it may still be referenced. The connected documents confirm the fix is to use the safe() iterator to preven...
CVE-2022-49901
CVE-2022-49901 affects the Linux kernel’s block multi-queue (blk-mq) path. It’s tied to a kmemleak issue triggered by modprobe null_blk.ko during queue initialization when an error path does not properly release resources. The description notes that q->ma_ops is set to NULL before blk_release_...
CVE-2022-49913
CVE-2022-49913 concerns a memory leak in the Linux kernel’s btrfs backref walking code. During find_parent_nodes() on data extents, if an error occurs while resolving indirect backrefs (resolve_indirect_refs()) or while iterating direct refs in the rbtree, inode lists attached to direct refs not ...
CVE-2022-50000
CVE-2022-50000 affects the Linux kernel netfilter flowtable cleanup. The issue arises when a flow table entry has pending hardware stats/add work; in that case HW delete work is skipped, causing a race between software/ hardware cleanup and potentially a use-after-free during flowtable teardown. ...
CVE-2022-50191
CVE-2022-50191 affects the Linux kernel regulator subsystem (of:), describing a refcount leak in the handling of of_get_regulation_constraints(). The remedy is a fixed lifecycle management: call of_node_put() on the reference returned by of_get_child_by_name() which had its refcount increased. Co...
CVE-2023-39179
CVE-2023-39179 affects the Linux kernel ksmbd module and is triggered by SMB2 read requests. The vulnerability arises from insufficient validation of user-supplied data, allowing a read past the end of an allocated buffer. Impact is potential disclosure of sensitive information on affected system...
CVE-2023-52701
The CVE-2023-52701 entry concerns Linux kernel net handling: copying skb marks and skb_cb data led to a memory exposure via usercopy checks, observed as a kernel crash on arm64 when CONFIG_HARDENED_USERCOPY=y. Root cause: copying data from skb->cb[] and skb->mark can bypass size checks; pat...
CVE-2023-52780
CVE-2023-52780 concerns the mvneta Ethernet driver in the Linux kernel. The issue arises from calls to page_pool_get_stats in mvneta without proper checks, potentially triggering a kernel NULL pointer dereference when the page pool is unavailable (e.g., port down, unallocated during errors) and c...
CVE-2023-52874
CVE-2023-52874 (Linux kernel, x86/tdx): the vulnerability stems from an omission in the TDX_HYPERCALL path where RSI was not cleared when returning from TDCALL, risking speculation of VMM-provided values after the guest legally shares registers with the untrusted VMM. The issue originates from a ...
CVE-2023-53007
The CVE-2023-53007 issue affects the Linux kernel tracing path, specifically trace_printk(): the vulnerability arises because trace_printk() can be used before the ftrace events are fully registered, leading to missing trace output after a crash if ftrace_dump_on_oops is enabled. The fix register...
CVE-2023-53088
CVE-2023-53088 affects the Linux kernel’s mptcp subsystem, specifically a use-after-free (UaF) in the listener shutdown path caused by a refactor of passive socket initialization. The issue could manifest during shutdown of msk (multipath TCP) listener sockets, with a stack trace involving _raw_s...
CVE-2023-53109
CVE-2023-53109 : Linux kernel vulnerability in net: tunnels where IP tunnels may update dev->needed_headroom in the xmit path, causing a data race (KCSAN) in ip_tunnel_xmit and related paths. The patch annotates lockless accesses to dev->needed_headroom for three tunnels’ xmit paths and als...
CVE-2023-53128
CVE-2023-53128 affects the Linux kernel via a memory-leak in the SCSI mpi3mr driver (throttle_groups). The issue is resolved by adding a missing kfree(), as documented in multiple sources (Linux kernel patch notes and related advisories). The provided materials do not specify affected kernel vers...
CVE-2023-53142
CVE-2023-53142 concerns the Linux kernel ice driver where ice_get_module_eeprom() reads EEPROM in 8-byte blocks, but the last block isn’t safeguarded, allowing a potential buffer issue. The root cause traces to the refactor in commit e9c9692c8a81 (ice: Reimplement module reads used by ethtool), a...
CVE-2024-26690
CVE-2024-26690 affects the Linux kernel stmmac driver: it fixes a race in 64-bit statistics counters by splitting u64_stats_sync into three groups and adding per-CPU stats to avoid mutual-exclusion issues across tx, NAPI, and interrupt contexts. The write side of u64_stats_sync must be serialized...
CVE-2024-35834
CVE-2024-35834 concerns the Linux kernel’s XDP socket path (xsk) where, if the Rx queue is full, a buffer could be recycled incorrectly due to a missing xsk_buff_free() call when __xsk_rcv_zc() fails to enqueue a descriptor to the XSK Rx queue. The description in the connected Astra SUSE page mir...
CVE-2024-36281
CVE-2024-36281 affects the Linux kernel net/mlx5/IPsec rules. The vulnerability arises from rx_create and improper mlx5_modify_header_dealloc usage, which could lead to a NULL pointer dereference and an earlier rule-leak when two status rules are populated. The fix switches to mlx5_ipsec_rx_statu...
CVE-2024-38539
CVE-2024-38539 affects the Linux kernel RDMA subsystem (RDMA/cma and ib_core) with kmemleak-related leakage observed during blktests nvme/rdma when siw is used. The root cause is that kmemleak-detected unreferenced objects can be produced due to rdma_put_gid_attr not being invoked when sgid_attr ...
CVE-2024-38585
CVE-2024-38585 — Linux kernel memory corruption in realloc . The issue arises in tools/nolibc/stdlib where realloc() could copy beyond the allocated region because memcpy() used heap->len instead of the input user_p_len. The vulnerability was resolved by passing user_p_len to memcpy() to preve...
CVE-2024-39461
In Linux kernel CVE-2024-39461, the Raspberry Pi clock code (clk/bcm/clk-raspberrypi.c) accessed the hws array before initializing hws->num, triggering UBSAN array-index-out-of-bounds warnings. The fix moves the initialization of ->num ahead of the first access to ->hws, removing the out...
CVE-2024-40918
CVE-2024-40918 relates to PA-RISC Linux kernels and fixes randomized segmentation faults observed during package builds on PA8800/PA8900 systems. The root causes were memory cache handling and race conditions in page-table entry (PTE) processing during cache flushes and page mapping switches. The...
CVE-2024-42118
CVE-2024-42118 – Linux kernel / drm/amd display : The issue arises in resource_stream_to_stream_idx where an array index can be -1 if not found. The code currently asserts and then returns 0, preventing a negative index and thereby avoiding an OVERRUN and NEGATIVE_RETURNS. Connected sources ident...
CVE-2024-44980
CVE-2024-44980 relates to the Linux kernel’s DRM/ XE opregion handling. The advisory reports a leak in opregion cleanup within xe_display_init_noirq/ intel_opregion_setup, traced to kmemleak_alloc/kmalloc_trace_noprof paths, resulting in an unreferenced object during probe/modprobe cleanup. The b...
CVE-2024-44994
CVE-2024-44994 is a Linux kernel issue in iommu_report_device_fault() where the return path was accidentally removed for partial faults, risking a crash. The problem has a known fix: restoring the missing return in iommu_report_device_fault(), as noted in the kernel commits referenced by the CVE ...
CVE-2024-57839
Technical details for CVE-2024-57839 are not provided in the connected documents. Public info appears limited to the initial description; monitor for official advisories for affected products, impact, and fixes.
CVE-2024-57975
CVE-2024-57975 affects the Linux kernel/Btrfs: when run_delalloc_nocow() fails, the cleanup path may unlock folios without clearing dirty flags, triggering a VM_BUG_ON_FOLIO during extent_unlock_delalloc/writeback and potentially crashing the system (CONFIG_DEBUG_VM enables test generic/476). The...
CVE-2024-58074
Technical details and impact for CVE-2024-58074 are not publicly provided in the supplied documents; monitor for updates.
CVE-2025-23152
CVE-2025-23152 affects the Linux kernel on arm64, where the bug was in arm64/crc-t10dif: out-of-scope array usage in crc_t10dif_arch(). A fix was applied in the kernel, described as correcting an array used outside its scope. Connected advisories/patch references include kernel commits (stable) a...
CVE-2025-37762
CVE-2025-37762 affects the Linux kernel DRM virtio, where prepare_fb() error handling missed dmabuf unpinning, causing resource leaks on error paths. The vulnerability is fixed by correcting error handling in prepare_fb(), as noted in multiple sources (e.g., Astra Linux advisory citing the same d...
CVE-2025-37847
CVE-2025-37847: In the Linux kernel, a deadlock could occur in accel/ivpu during ivpu_ms_cleanup() when runtime resume acquires file_priv->ms_lock, leading to a cold boot path that calls ivpu_ms_cleanup_all(). The issue is resolved by preventing runtime resume after ms_lock is acquired, avoidi...
CVE-2025-37863
CVE-2025-37863 affects the Linux kernel overlayfs (ovl). The issue arises when a data-only layer is pointed to by an upper layer, something not currently used but previously allowed only via the datadir+ feature, which could trigger an Oops. The documented fix disables datadir without a lowerdir,...
CVE-2025-37866
CVE-2025-37866: Linux kernel vulnerability in mlxbf-bootctl where sysfs_emit() is used with a non-page-aligned buffer in secure_boot_fuse_state_show(), triggering a warning on BlueField SOCs. The driver should use sysfs_emit_at() to support non-zero offsets; the issue is mitigated by the patch th...
CVE-2025-38053
Summary: A Linux kernel vulnerability (CVE-2025-38053) affects the idpf_features_check path used to validate TX skb features. The root cause is a NULL vport pointer in the netdev private structure after reset, which can lead to a kernel NULL pointer dereference when comparing skb header length wi...
CVE-2025-38088
CVE-2025-38088 affects the Linux kernel’s memtrace mmap in the PowerPC powernv memory tracing path. The root cause is an out-of-bounds issue when mmap-ing within the memtrace region. The patch fixes this by validating that the requested mapping size does not exceed the allocated memtrace region, ...