14330 matches found
CVE-2004-0177
CVE-2004-0177 affects Linux 2.4.x (before 2.4.26) due to improper initialization of journal descriptor blocks in ext3, causing an information leak where in-memory kernel data could be written to the device and read back via raw-device access. Impact: privileged users could obtain portions of kern...
CVE-2004-0181
The CVE-2004-0181 issue is an information leak in the Linux 2.4.x JFS code where in-memory data could be written to the device, allowing a local user to read sensitive information from the raw device. The relevant connected advisories (RHSA-2005:663, CentOS/CESA-2005:663) document this flaw as ad...
CVE-2004-1237
CVE-2004-1237 : A vulnerability in the system call filtering code of the Red Hat Enterprise Linux 3 audit subsystem could allow a local user to cause a denial of service (system crash) when auditing is enabled. The issue is addressed in the Red Hat kernel security advisory RHSA-2005:043, which up...
CVE-2005-2459
CVE-2005-2459 affects the Linux kernel prior to 2.6.12.5, where the huft_build function in inflate.c of the zlib routines returns the wrong value. This bug allows remote attackers to crash the kernel via a specially crafted compressed file, causing a null pointer dereference (a denial of service)...
CVE-2005-2492
CVE-2005-2492 affects the Linux kernel 2.6 series prior to 2.6.13.1. The raw_sendmsg function can be exploited by a local user to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input. Documented in multiple advisories (e.g., Mandriva MDKSA-2005:235; SU...
CVE-2005-3044
CVE-2005-3044 affects the Linux kernel prior to 2.6.13.2. Vulnerabilities arise from (1) fput in a 32-bit ioctl on 64-bit x86 systems and (2) sockfd_put in the 32-bit routing_ioctl function on 64-bit systems, enabling local attackers to trigger a kernel OOPS and cause a denial of service. Remedia...
CVE-2005-3106
CVE-2005-3106 is a Linux kernel race condition affecting thread management when memory mappings are shared (CLONE_VM). The issue can lead to a local denial of service via deadlock, e.g., by triggering a core dump or waiting-for-exec scenarios. Connected advisories confirm this CVE across multiple...
CVE-2005-3271
CVE-2005-3271 affects the Linux kernel 2.6 series. Description and multiple advisories (SUSE, Debian, Mandriva) show exec() does not properly clear posix-timers in multi-threaded environments, causing a resource leak. This can enable a large number of local users to cause a denial of service by e...
CVE-2006-1343
The connected Debian advisory (DSA-1184-2) confirms CVE-2006-1343 as a local information-leak in the Linux 2.6.8 kernel (kernel-source-2.6.8), caused by an information leak in the getsockopt system call that can let a local user leak potentially sensitive memory to userspace. Affected architectur...
CVE-2006-5158
CVE-2006-5158 affects the Linux kernel’s NFS lockd (nlmclnt_mark_reclaim in clntlock.c). The connected advisories (RHSA-2007-0488, CESAs for RHEL/CentOS, SL) describe a vulnerability in NFS locking daemon that can cause a denial of service (deadlock) or kernel oops via NULL dereference, allowing ...
CVE-2007-0006
The CVE-2007-0006 issue affects Linux kernels 2.6.9 through 2.6.20 in the key_alloc_serial code, where a fault in the key serial number collision avoidance can be triggered by a local user, leading to a crash via a NULL pointer dereference (local DoS). The vulnerability is documented across multi...
CVE-2007-1730
CVE-2007-1730 is a local kernel vulnerability due to an integer signedness error in the DCCP path (do_dccp_getsockopt) affecting Linux kernels 2.6.20 and later. The flaw allows a local user to read kernel memory or trigger a denial of service via a negative optlen. This is confirmed by Red Hat CV...
CVE-2008-5033
The CVE-2008-5033 issue affects the Linux kernel: the chip_command function in drivers/media/video/tvaudio.c is vulnerable in 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and 2.6.27.x before 2.6.27.3, enabling a denial of service via NULL function pointer dereference (OOPS). Patches are r...
CVE-2009-1184
CVE-2009-1184 affects the Linux kernel’s SELinux subsystem: the function security/selinux/hooks.c (selinux_ip_postroute_iptables_compat) omits avc_has_perm checks for the node and port when compat_net is enabled, allowing local users to bypass certain network-traffic restrictions. Impact is parti...
CVE-2010-0741
CVE-2010-0741 affects the Linux kernel in the virtio-net driver when used with qemu-kvm 0.11.0 or KVM, allowing a remote attacker to crash the guest OS by sending a large volume of TCP traffic due to an improper TCP Segment Offloading (TSO) handling in virtio-net. The issue is triggered by a flaw...
CVE-2010-1187
The CVE-2010-1187 issue affects the Linux kernel TIPc (Transparent Inter-Process Communication) implementation, reported for kernel versions 2.6.16-rc1 through 2.6.33 (and potentially other versions). The vulnerability allows a local user to trigger a NULL pointer dereference and cause a kernel O...
CVE-2011-4611
The CVE-2011-4611 entry relates to the Linux kernel on POWERPC where an integer overflow in perf_event_interrupt (arch/powerpc/kernel/perf_event.c) before version 2.6.39 can allow a local user to trigger a denial of service via performance-event handling. Affected: Linux kernel releases prior to ...
CVE-2013-2896
The CVE-2013-2896 issue affects the Linux kernel HID driver: drivers/hid/hid-ntrig.c, applicable when CONFIG_HID_NTRIG is enabled, up to kernel version 3.11. It allows physically proximate attackers to trigger a denial of service (NULL pointer dereference and OOPS) via a crafted HID device. Explo...
CVE-2013-3076
CVE-2013-3076 affects the Linux kernel prior to or up to 3.9-rc8, where the crypto API does not initialize certain length variables. This allows local attackers to read kernel stack memory via crafted recvmsg/recvfrom calls, related to hash_recvmsg (crypto/algif_hash.c) and skcipher_recvmsg (cryp...
CVE-2013-4300
CVE-2013-4300 affects the Linux kernel (pre-3.11). The vulnerability arises from a faulty capability check in scm_check_creds() in net/core/scm.c that uses an incorrect namespace, enabling local users to gain privileges via PID spoofing. Impact: local privilege escalation with complete confidenti...
CVE-2016-5342
The CVE-2016-5342 entry describes a heap-based buffer overflow in the wcnss_wlan_write function of the Linux kernel 3.x wcnss_wlan driver (drivers/net/wireless/wcnss/wcnss_wlan.c) used in Qualcomm QuIC MSM Android contributions. An attacker could trigger a denial of service or potentially other i...
CVE-2017-0523
CVE-2017-0523 is an elevation-of-privilege vulnerability in the Qualcomm Wi‑Fi driver that could allow a local malicious app to execute arbitrary code in the kernel. The CVSS3 vector indicates LOCAL access, high complexity, no privileges required, but user interaction is required; root cause is e...
CVE-2017-1000377
CVE-2017-1000377 concerns a vulnerability in PAX Linux where the default stack guard page is too small and can be bypassed, allowing a bypass of stack protections. The core details indicate this affects PAX Linux kernel versions as of 19 June 2017, originally from GRSecurity and shipped by other ...
CVE-2021-47190
Concrete details from the connected docs show CVE-2021-47190 affects the Linux kernel’s perf/bpf path. The issue is a memory leak in perf_env__insert_btf() when a duplicate BTF id is encountered; code was changed to have perf_env__insert_btf() return a success/error value and to free memory if in...
CVE-2021-47193
CVE-2021-47193 affects the Linux kernel SCSI PM80XX driver (pm80xx) where memory allocated by the module is not fully freed on rmmod, causing a memory leak during driver removal. The vulnerability is resolved in Linux kernel code by properly freeing memory when the module is removed. The CVE has ...
CVE-2021-47204
CVE-2021-47204 affects the Linux kernel’s net: dpaa2-eth driver. The flaw is a use-after-free in dpaa2_eth_remove where access to a freed netdev occurs. The fix moves the debug log to occur before free_netdev(), preventing use-after-free. Public descriptions in connected advisories (AstraLinux, U...
CVE-2021-47242
CVE-2021-47242 affects the Linux kernel and is tied to a fix for an issue in MPTCP subflow error reporting. The root cause was a soft lookup caused when subflow_error_report() attempted to acquire mptcp_data_lock across call paths that could already hold other locks, triggering a soft lockup unde...
CVE-2021-47263
CVE-2021-47263 is a Linux kernel issue in the gpio-wcd934x driver where a shift-out-of-bounds UBSAN error occurred due to using BIT(n-1) for pins 0–4, leading to an out-of-bounds shift in gpio-wcd934x.c:34:14. The vulnerability has been resolved by a patch to correct the bit-mask handling (pins 0...
CVE-2021-47290
CVE-2021-47290 is a Linux kernel vulnerability in the SCSI target path where a NULL dereference could occur during XCOPY completion. The issue arises from CPU affinity changes that allow target_complete_cmd() to queue work on a CPU determined by se_tpg_wwn->cmd_compl_affinity. In the special c...
CVE-2021-47415
CVE-2021-47415 affects the Linux kernel’s iwlwifi mvm code. The vulnerability is a potential NULL pointer dereference in __iwl_mvm_remove_time_event(), mitigated by checking te_data->vif for NULL before dereferencing. The issue is resolved by the kernel patch referenced in the initial descript...
CVE-2022-48663
CVE-2022-48663 affects the Linux kernel, specifically the GPIO mockup debugfs handling. The vulnerability arises when unbinding a driver: debugfs entries are removed globally before platform devices are unregistered, which can lead to a NULL pointer dereference on module exit. The disclosed fix u...
CVE-2022-48718
CVE-2022-48718 concerns a NULL pointer dereference in the Linux kernel’s drm mxsfb driver. The vulnerability arises when drm_atomic_get_new_bridge_state can return a NULL pointer, which mxsfb may dereference. A fix was implemented that avoids dereferencing a NULL by assuming a fixed format instea...
CVE-2022-48727
The CVE-2022-48727 entry concerns a Linux kernel KVM arm64 issue: when non-IRQ exceptions occur, ESR_EL2 is updated and used to detect if an HVC occurred, potentially mis-updating ELR_EL2 if an SError was synchronised and later re-executing guest instructions. The fix ensures ARM_EXCEPTION_CODE()...
CVE-2022-48767
CVE-2022-48767 affects the Linux kernel and relates to a leak of the ceph_string reference after an async create attempt. The description in the initial document states that the reference acquired by try_prep_async_create is leaked and must be put back, and connected sources (Astra Linux bulletin...
CVE-2022-48780
CVE-2022-48780 (Linux kernel) : The vulnerability in net/smc arises from overwriting clcsock callback function pointers during multiple fallbacks, which can create a loop: clcsk->sk_error_report → smc_fback_error_report → smc_fback_forward_wakeup → clcsock_callback overwritten → smc->clcsk_...
CVE-2022-48844
The CVE-2022-48844 entry refers to a Linux kernel Bluetooth issue in the hci_core subsystem: sent_cmd memory is leaked when freeing hci_dev, causing a memory leak. This is a local, low-privilege exposure with high availability impact as per the CVSS data. Connected advisories confirm a fixed fix ...
CVE-2022-48848
CVE-2022-48848 affects the Linux kernel tracing/osnoise workflow. Concrete detail: the issue is caused by unregistering tracepoints twice when stopping tracing (osnoise_workload_stop) and switching tracer to nop, leading to a kernel warning about unregistering an unregistered tracepoint. The conn...
CVE-2022-48899
CVE-2022-48899 is a Linux kernel vulnerability in drm/virtio causing a use-after-free (UAF) during GEM handle creation. An attacker could guess a GEM handle value and race creation with handle close, leading to dereferencing an object after its reference is dropped. The issue's root cause is that...
CVE-2022-49067
CVE-2022-49067 is about a Linux kernel issue where virt_addr_valid() incorrectly returned true for vmalloc addresses in 64-bit Book3E (and related 32-bit behavior). Investigations across multiple advisories (NVD, Red Hat, Debian OSV, Unity/NASL/Nessus plugins) describe the root cause: __pa() can ...
CVE-2022-49069
The CVE-2022-49069 issue affects the Linux kernel’s DRM AMD Display path, where a general protection fault was observed when WebGL Aquarium ran for extended periods. The provided technical details show the root cause as a calculation/validation path in dcn30_internal_validate_bw, leading to fault...
CVE-2022-49184
The CVE-2022-49184 issue affects the Linux kernel under net: sparx5: switchdev, where a NULL pointer dereference could occur if devm_kzalloc() returns NULL and the code dereferences the pointer. The description across connected sources indicates the vulnerability was resolved in the Linux kernel ...
CVE-2022-49210
The CVE-2022-49210 issue is a Linux-kernel memory-leak in the MIPS pgalloc path. The generic pgd_free() freed only one pgd page, but on 64‑bit systems with PAGE_SIZE_4KB and without MIPS_VA_BITS_48 the PGD_TABLE spans two pages; this mismatch leaks memory. MemFree behavior can reveal the leak. Ro...
CVE-2022-49338
CVE-2022-49338 affects the Linux kernel in the Mellanox mlx5 core path: CT cleanup happens after TC ct rules cleanup, risking use-after-free of CT shared resources when uplink cleanup ordering is reversed. The resolved description states the fix is to reverse the cleanup/init order so that TC cle...
CVE-2022-49510
CVE-2022-49510 concerns a Linux kernel issue in the DRM/OMAP driver where a NULL pointer (r_ovl) dereference occurs when accessing ovl->idx, triggering a NULL-deref in omap_overlay.c. The vulnerability stems from a coccicheck warning that was fixed by correcting r_ovl->idx to ovl->idx. T...
CVE-2022-49528
CVE-2022-49528 pertains to the Linux kernel: the dw9714 I2C regulator driver regression during probe could leave the regulator enabled, triggering a warning path in regulator core and a failed probe. The vulnerability arises from not disabling the regulator in error handling, which can lead to a ...
CVE-2022-49786
The CVE-2022-49786 issue affects the Linux kernel’s blk-cgroup subsystem. Root cause: blkcg_css_online incorrectly pinned the parent after a 397c9f46 refactor, pinning the css instead of the parent blkcg, which leads to extra pins and leakage of blkcgs and cgroups. Impact stated: leakage of blkcg...
CVE-2022-49792
CVE-2022-49792 corresponds to a Linux kernel vulnerability in the iio: adc MP2629 driver. The issue is a potential array out-of-bounds access, mitigated by adding a sentinel at the end of maps in the iio core. Affected component is the IIO subsystem’s mp2629 ADC path; root cause is improper bound...
CVE-2022-49797
CVE-2022-49797 concerns the Linux kernel tracing subsystem. The vulnerability is a potential NULL pointer dereference in the kprobe path: when trace_get_event_file() fails, gen_kretprobe_test may be marked as the error code, and if the kprobe_event_gen_test module is removed, a dereference can oc...
CVE-2022-49801
CVE-2022-49801 is a Linux kernel vulnerability tied to the tracing subsystem, specifically a memory leak in tracing_read_pipe() that can trigger a kmemleak-unreferenced-object issue. The linked OpenVAS/Nessus entries and EulerOS advisories (EulerOS-SA-2025-2546, EulerOS-SA-2025-2296, etc.) list t...
CVE-2022-49834
CVE-2022-49834 concerns a use-after-free in nilfs2 when downgrading to read-only and remounting read/write, risking access to a freed nilfs_writer. The issue arises during a race between log-writer detachment and remount/downgrade, potentially allowing a Task1 thread to dereference a freed pointe...