14330 matches found
CVE-2022-48849
CVE-2022-48849 affects the Linux kernel (drm/amdgpu) where tiling flag checks were bypassed in the virtual display path. The issue arises in framebuffer initialization when VKMS virtual display is enabled and VKMS does not support FB modifiers, potentially allowing a local attacker to bypass expe...
CVE-2022-48856
CVE-2022-48856 concerns the Linux kernel needing a fix for a refcount leak in the gfar_get_ts_info path used by gianfar/ethtool. The description states that of_find_compatible_node() returns a node pointer with an incremented refcount and that the code must call of_node_put() when done to release...
CVE-2022-48859
CVE-2022-48859 concerns the Linux kernel fix for a refcount leak in the marvell prestera path. The issue arises from a missing of_node_put() return value from of_find_compatible_node(), which increments a node’s refcount; without a corresponding of_node_put(), the reference could leak. The OSV en...
CVE-2022-48928
The CVE-2022-48928 issue affects the Linux kernel driver iio: adc, specifically the men_z188_adc component. A resource leak occurs in an error path when iio_device_register() fails, leaving a previously mapped region (ioremap()) unbalanced. The root cause is an unbalanced iounmap() not being call...
CVE-2022-48933
CVE-2022-48933 affects the Linux kernel nf_tables stateful object update path. The issue arises when updating stateful objects from the control plane: a temporary object is created, but its destruction path leaks resources because the update flow does not increment the module refcount. The fix is...
CVE-2022-49088
CVE-2022-49088 affects the Linux kernel: a refcount leak in dpaa2_ptp_probe where the of_find_compatible_node() result is returned with an incremented refcount. The fix is to call of_node_put() to release the reference and avoid the leak. References point to kernel patches that implement this cor...
CVE-2022-49108
CVE-2022-49108 concerns the Linux kernel Mediatek clock driver, where memory leaks occur on probe due to not freeing memory in error handling paths. The vulnerability is resolved by handling error branches to free allocated memory, addressing a resource leak (Coverity ID 1491825). Connected sourc...
CVE-2022-49172
Summary: CVE-2022-49172 pertains to the Linux kernel parisc line. The root cause was non-access data TLB faults from flush_user_dcache_range_asm and flush_user_icache_range_asm when pages are not present, leading to cache lines not being invalidated and potential memory corruption. Impact details...
CVE-2022-49386
CVE-2022-49386 concerns the Linux kernel net: ethernet: ti: am65-cpsw-nuss driver. The bug leaks refcounts because of_get_child_by_name() returns a node pointer with an incremented refcount and the code fails to call of_node_put() when the node is no longer needed; am65_cpsw_init_cpts() and am65_...
CVE-2022-49450
CVE-2022-49450 relates to the Linux kernel AF_RXRPC listen() backlog handling. The underlying issue is that the backlog can be configured up to 32, but the preallocation ring has 32 slots and one slot is always dead due to the ring using CIRC_CNT(). This caused an oops on socket close when listen...
CVE-2022-49547
CVE-2022-49547 relates to a Linux kernel issue in btrfs where deadlocks can occur when reserving data space for direct IO writes under low free space. The deadlock involves concurrent writes to overlapping file ranges ([0,128K) and [128K,256K)) contending for the inode lock and for ordered extent...
CVE-2022-49571
CVE-2022-49571 : In the Linux kernel, a data-race around reading sysctl_tcp_max_reordering could occur as the value is updated concurrently while being read. The fix adds READ_ONCE() to the readers of sysctl_tcp_max_reordering. Affected/affected-by notices appear in multiple advisories (EulerOS, ...
CVE-2022-49597
In CVE-2022-49597, the Linux kernel tcp code suffers a data-race around sysctl_tcp_base_mss when reading sysctl_tcp_base_mss concurrently. The fix adds READ_ONCE() to the readers to prevent races. Connected advisories (Astra Unity/ EulerOS OSS) echo the same description and reference kernel commi...
CVE-2022-49628
Linux kernel CVE-2022-49628 concerns the net: stmmac driver leaking resources during probe. Connected documents confirm the vulnerability and provide a fix: two error paths in probe are corrected to clean up before returning, addressing leaks in the probe sequence. The affected component is the L...
CVE-2022-49650
The CVE-2022-49650 entry is a Linux kernel security fix for the dmaengine: qcom: bam_dma path. The root cause described is an unbalanced pm_runtime_get()/pm_runtime_put() when the BAM is controlled remotely, caused by a prior commit; the fix reverts that change and enables pm_runtime in all cases...
CVE-2022-49676
CVE-2022-49676 refers to a Linux kernel issue for the Samsung Exynos5422 DMC memory controller where a refcount leak in of_get_dram_timings could occur due to missing of_node_put() in error paths. The bug stems from of_parse_phandle() returning a node pointer with an incremented refcount that was...
CVE-2022-49682
CVE-2022-49682 is a Linux kernel issue: in xtensa, a refcount leak bug in time.c occurred where calibrate_ccount() could return a node with an incremented refcount. The fix requires using of_node_put() when the node is no longer used (to avoid a leak). Connected advisories (Astra Linux and Unity/...
CVE-2022-49800
CVE-2022-49800 is a Linux kernel issue addressed by multiple advisories. The root cause was a memory-leak in the tracing tests (test_gen_synth_cmd and test_empty_synth_event) where allocated buffers were freed only on failure paths; the fix adds kfree(buf) to ensure no leak. The Nessus/OpenVAS en...
CVE-2022-49810
The CVE-2022-49810 issue affects the Linux kernel netfs/xarray iteration under RCUp where missing xas_retry() checks could cause a NULL-pointer dereference in netfs_rreq_unlock and related code paths. Connected documents confirm the root cause in netfslib’s xarray iteration under RCU read lock an...
CVE-2022-49818
CVE-2022-49818 affects the Linux kernel mISDN code. The vulnerability arises from misuse of put_device() in mISDN_register_device(), where a release/reference is performed before device_initialize(), potentially leading to use-after-free-like behavior. The attached advisories (Unity Linux UTSA en...
CVE-2022-49917
CVE-2022-49917 affects the Linux kernel IPVS subsystem (ip_vs_app_net_cleanup and ip_vs_app_net_init). If ip_vs_app fails to be created during init, removal still proceeds, causing the ip_vs_app entry to be missing and a WARNING in fs/proc/generic.c: remove_proc_entry. The issue is demonstrated b...
CVE-2022-49942
CVE-2022-49942 affects the Linux kernel wifi/mac80211 code. The issue occurs when CSA (channel switch announcement) is finalized in IBSS mode while the device is not connected to a channel; the BSS list is empty, cfg80211_get_bss() can return NULL, triggering a WARN_ON() in ieee80211_ibss_csa_bea...
CVE-2022-50012
CVE-2022-50012 affects the Linux kernel on 64-bit PowerPC (powerpc/64). The root cause is that jump_label_init() is invoked in setup_feature_keys() too late, since static keys may be used by subroutines of parse_early_param(), which itself is a subroutine of early_init_devtree(). The result is th...
CVE-2022-50027
CVE-2022-50027 is a Linux kernel issue affecting the SCSI lpfc path, where a missing free for the iocbq on failure to issue the CMF WQE can cause a memory leak. The root cause is that if lpfc_sli4_issue_wqe fails (ret_val non-zero), the iocbq request structure is not consistently freed, leading t...
CVE-2022-50074
CVE-2022-50074 is a Linux kernel vulnerability related to apparmor memleak in aa_simple_write_to_buffer. The issue arises when copy_from_user fails: memory is freed by kvfree, but the management struct and data blob are allocated independently, so freeing only the data via kvfree leaks the memory...
CVE-2022-50092
CVE-2022-50092 affects the Linux kernel dm-thin component. The issue is a use-after-free in dm_pool_register_metadata_threshold called during metadata-threshold registration for a thin-pool, leading to a potential use-after-free in dm_sm_register_threshold_callback. Reproduction involves manipula...
CVE-2022-50102
CVE-2022-50102 affects the Linux kernel’s fbdev arkfb driver. A user-controlled ioctl can cause a divide-by-zero in ark_set_pixclock, e.g. with hdiv=1, pixclock=1, hmul=2, producing (1*1)/2 = 0 and leading to division by zero later in arkfb.c when computing 1000000000 / pixclock. The vulnerabilit...
CVE-2022-50109
The CVE-2022-50109 issue is a Linux kernel vulnerability in the video: fbdev: amba-clcd driver. The root cause is refcount leaks from references returned by of_graph_get_next_endpoint() and of_graph_get_remote_port_parent() in clcdfb_of_init_display(). Mitigation described in the referenced discl...
CVE-2022-50185
In CVE-2022-50185, the Linux kernel drm/radeon path ni_set_mc_special_registers() is vulnerable to a potential buffer overflow. The last case label could write mc_reg_address[j] and mc_data[j] when j equals SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE due to missing bounds checks after the last j++. The f...
CVE-2023-52636
The connected OSV entries confirm CVE-2023-52636 affects the Linux kernel’s libceph OSD client sparse-read path. Specifically, a misbehavior in read_partial_sparse_msg_data() during a short socket read could cause the sparse-read state machine to misinterpret the footer, potentially derailing op ...
CVE-2023-52765
CVE-2023-52765 relates to the Linux kernel mfd: qcom-spmi-pmic revid lookup. The issue caused potential NULL‑pointer dereferences, due to: (1) assuming a sibling base device bound to a driver simply because it is registered; (2) unsafely accessing driver data of a sibling device without locking, ...
CVE-2023-53088
CVE-2023-53088 affects the Linux kernel’s mptcp subsystem, specifically a use-after-free (UaF) in the listener shutdown path caused by a refactor of passive socket initialization. The issue could manifest during shutdown of msk (multipath TCP) listener sockets, with a stack trace involving _raw_s...
CVE-2023-53142
CVE-2023-53142 concerns the Linux kernel ice driver where ice_get_module_eeprom() reads EEPROM in 8-byte blocks, but the last block isn’t safeguarded, allowing a potential buffer issue. The root cause traces to the refactor in commit e9c9692c8a81 (ice: Reimplement module reads used by ethtool), a...
CVE-2024-26765
CVE-2024-26765 concerns the Linux kernel on LoongArch. The issue arises when hotplugging nonboot CPUs: IRQs are disabled before calling init_fn(), intended to silence warnings and avoid interrupts, but this is tied to the rcu_cpu_starting warning path (CPU: 1, pid: 0). The result is a race where ...
CVE-2024-26781
CVE-2024-26781: In the Linux kernel, a deadlock could occur in Multipath TCP (mptcp) subflow diagnostic code due to a circular locking dependency reported by Syzbot/Eric. The issue involves tcp_diag and related subflow diagnostic paths (tcp_diag_put_ulp, tcp_diag_get_aux, inet_diag_dump_icsk) and...
CVE-2024-33619
The CVE-2024-33619 entry concerns a Linux kernel EFI handling bug in libstub: priv.runtime_map could be freed in an error path when it was never allocated (priv.runtime_map is only allocated if efi_novamap is not set; otherwise it is uninitialized). The fix is to Free priv.runtime_map only when i...
CVE-2024-35858
The CVE-2024-35858 issue affects the Linux kernel (net: bcmasp) and is caused by leaking memory when bringing down the TX rings: flushed but not reclaimed packets are not freed from DMA mappings, leading to a memory leak and, in power-management scenarios, tx control block corruption. Connected s...
CVE-2024-38574
CVE-2024-38574 affects the Linux kernel’s libbpf/bpf loading flow. The root cause is a NULL dereference: in bpf_object_load_prog(), obj->btf may be NULL when passed to btf_fd(), and the code path does not guard against NULL. This can cause segmentation faults (e.g., bpftool failing to load pro...
CVE-2024-38585
CVE-2024-38585 — Linux kernel memory corruption in realloc . The issue arises in tools/nolibc/stdlib where realloc() could copy beyond the allocated region because memcpy() used heap->len instead of the input user_p_len. The vulnerability was resolved by passing user_p_len to memcpy() to preve...
CVE-2024-42118
CVE-2024-42118 – Linux kernel / drm/amd display : The issue arises in resource_stream_to_stream_idx where an array index can be -1 if not found. The code currently asserts and then returns 0, preventing a negative index and thereby avoiding an OVERRUN and NEGATIVE_RETURNS. Connected sources ident...
CVE-2024-42146
CVE-2024-42146: Linux kernel DRM/XE vulnerability fixed by adding outer runtime PM protection to xe_live_ktest@xe_dma_buf. The issue arose because kunit tests performing memory access did not use outer runtime_pm protections, leaving inner callers unprotected. Root cause: missing outer runtime PM...
CVE-2024-56560
CVE-2024-56560: In the Linux kernel slab allocator, a too-strict alignment check in kmem_cache_create_args caused a kernel panic on m68k due to io_kiocb slab creation. The issue occurs because the minimum alignment of unsigned long can be 2 bytes on m68k, so assuming a fixed 4/8-byte alignment is...
CVE-2024-56646
Technical details about CVE-2024-56646 are not provided in the supplied documents. Monitor official advisories for affected products, impact, and fixes.
CVE-2025-38053
Summary: A Linux kernel vulnerability (CVE-2025-38053) affects the idpf_features_check path used to validate TX skb features. The root cause is a NULL vport pointer in the netdev private structure after reset, which can lead to a kernel NULL pointer dereference when comparing skb header length wi...
CVE-2025-38067
CVE-2025-38067 : In the Linux kernel, the rseq registration path could segfault if the user-space rseq_cs field is non-zero. The field is supposed to be set to 0 before registration, but this wasn’t enforced, allowing a faulty rseq_cs value to cause a segfault when returning to user-space. The fi...
CVE-2025-38143
CVE-2025-38143 (Linux kernel) is addressed in Azure Linux 3.0 by a patch that fixes a NULL-dereference in backlight pm8941 when devm_kasprintf() returns NULL. The issue occurs in wled_configure() due to a missing NULL check after allocation. The fix adds the necessary NULL check after devm_kaspri...
CVE-2025-38151
Technical details about CVE-2025-38151 are not publicly provided in the supplied documents; no explicit information on affected kernel versions, root cause, impact, or patch is included. Monitor for updates.
CVE-2025-38194
CVE-2025-38194 affects the Linux kernel’s JFFS2 file system. The issue arises when jffs2_sum_write_sumnode does not validate the return value of jffs2_prealloc_raw_node_refs, allowing an preallocation error to propagate into jffs2_link_node_ref and potentially cause a kernel BUG at fs/jffs2/nodel...
CVE-2025-38216
CVE-2025-38216 (Linux kernel) affects iommu/vt-d context entry setup order for aliased PCI devices behind PCIe-to-PCI bridges. The issue arose after commit 2031c469f816 changed domain attach context entry setup from set-and-check to clear-and-reset, regressing PCI aliased devices and causing inpu...
CVE-2025-38222
Summary : CVE-2025-38222 refers to a Linux kernel vulnerability in ext4 inline data handling. When inline_data is enabled, a length parameter (len) is incorrectly treated as an unsigned int, causing a truncation of pos+len in ext4_prepare_inline_data. This leads to an incorrect len being passed t...