14330 matches found
CVE-2024-44936
CVE-2024-44936 pertains to the Linux kernel driver for rt5033 power supply. The issue arose after reworking the driver to use devm_power_supply_register(), which dropped i2c_set_clientdata (and the remove callback), while other parts of the driver still relied on i2c clientdata, leading to kernel...
CVE-2024-52560
CVE-2024-52560 — Linux kernel ntfs3 handling improved . The vulnerability, resolved in the Linux kernel, involved the NTFS-3G ntfs3 driver marking an inode as bad only after detecting an error in mi_enum_attr(). The fix extends mi_enum_attr()’s interface by adding a new parameter (struct ntfs_ino...
CVE-2024-56676
CVE-2024-56676 affects the Linux kernel, specifically in the thermal testing code. The issue arises when variables annotated with __free() are not initialized if the function can return before they are updated for the first time; upon function return, freeing these uninitialized pointers may cras...
CVE-2024-57976
Summary (CVE-2024-57976) : In the Linux kernel, a race/path in btrfs delalloc handling can trigger a BUG_ON crash after a failed cow_file_range() (often via -ENOSPC in the space reservation code). The issue stems from error cleanup that clears delalloc and dirty flags but may leave pages dirty, l...
CVE-2025-21770
The CVE-2025-21770 entry notes a memory leak in the Linux kernel’s iommu path: iopf_queue_remove_device() fails to release the per-iommu iopf group after responding to hardware, which can leak the group structure for pending iopf objects. The fix is to call iopf_free_group() after the iopf group ...
CVE-2025-21834
Summary (mode C): CVE-2025-21834 relates to the Linux kernel where a seccomp passthrough for uretprobe systemcalls was not filtered. When uretprobes are attached to processes in Docker, the retprobe can cause the traced process to segfault because the default seccomp filters block this kernel-int...
CVE-2025-21882
CVE-2025-21882 concerns the Linux kernel code path net/mlx5: Fix vport QoS cleanup on error. When enabling vport QoS fails, the scheduling node was never freed, causing a leak. The fix adds the missing free and resets the vport scheduling node pointer to NULL. Other connected advisories reference...
CVE-2025-37962
CVE-2025-37962 affects the Linux kernel’s ksmbd code path, specifically a memory leak in parse_lease_state. The root cause: when the created lease context bounds check fails, the function returns NULL without freeing the previously allocated lease_ctx_info, causing a memory leak. The patch fixes ...
CVE-2025-38016
CVE-2025-38016 (Linux kernel, HID: bpf: abort dispatch if device destroyed) is confirmed in connected sources as a HID subsystem issue in the Linux kernel. The vulnerability stems from HID-BPF dispatch when a HID device is destroyed: after hid_bpf_destroy_device(), a cleaned-up SRCU can be access...
CVE-2025-38115
CVE-2025-38115 — Linux kernel net_sched SFQ crash fix A vulnerability in the SFQ qdisc of net_sched allowed a crash when handling gso_skb due to an inflated sch->q.len after a blamed commit. This could enable an enqueue on an already-empty SFQ queue followed by an immediate drop. The issue was...
CVE-2025-38155
CVE-2025-38155: In the Linux kernel, the wifi mt76/mt7915 driver had a NULL pointer dereference in mt7915_mmio_wed_init() because devm_ioremap() can return NULL and this was not checked. The fix adds a NULL check to prevent the dereference, mitigating an potential crash/vector local to the system...
CVE-2025-38385
Summary: CVE-2025-38385 affects the Linux kernel in the LAN78xx USB Ethernet driver, where a WARN can be triggered during USB disconnect when NAPI is still enabled. Root cause (per provided data): In the disconnect path, netif_napi_del() was redundantly called even though unregister_netdev() hand...
CVE-2025-38414
The CVE-2025-38414 entry concerns the Linux kernel wifi driver ath12k for PCIe devices, where GCC_GCC_PCIE_HOT_RST was misdefined for the WCN7850. The issue caused kernel crashes on certain platforms due to divergent register definitions between WCN7850 and QCN9274; the fix moves GCC_GCC_PCIE_HOT...
CVE-2025-38419
In CVE-2025-38419, Linux kernel remoteproc core fixes a resource leak: when rproc_attach() runs with rproc->state = RPROC_DETACHED and rproc_handle_resources() fails, resources allocated by imx_rproc_prepare() were not released. The mitigation is a code change in rproc_attach() to route to cle...
CVE-1999-0431
CVE-1999-0431 affects Linux kernels 2.2.3 and earlier, where a flaw in IP fragment handling lets a remote attacker perform an IP fragmentation attack to cause a denial of service. The Red Hat and CVE records consistently describe the issue as a remote DoS via IP fragmentation. Public details in t...
CVE-2000-0289
Summary: CVE-2000-0289 concerns the Linux kernel IP Masquerade (NAT) feature on 2.2.x, where the UDP DLOOSE behavior can allow an attacker to send arbitrary UDP packets to hosts behind a vulnerable NAT by matching only destination IP/port, potentially affecting existing sessions. What is affected...
CVE-2004-1234
The CVE-2004-1234 entry refers to a vulnerability in the Linux kernel where load_elf_binary for ELF binaries with a NULL interpreter can trigger a denial of service (system crash) on local attackers. This affects Linux kernels prior to 2.4.26. The SUSE security page and related OpenVAS/DSA entrie...
CVE-2005-1765
The CVE-2005-1765 issue is a local denial of service in the Linux kernel on AMD64 when running in 32‑bit compatibility mode, triggered by syscall() with crafted arguments. Public details across connected docs confirm affected software and fixed packages: Debian’s DSA-922-1 (security advisory) lis...
CVE-2005-2709
The CVE-2005-2709 issue affects the Linux kernel's sysctl.c in kernels prior to 2.6.14.1. Local users could exploit a window created by opening an interface file under /proc/sys/net/ipv4/conf/, wait for the interface to unregister, then read/modify function pointers in memory used for the ctl_tab...
CVE-2005-2872
The CVE pertains to the ipt_recent kernel module (ipt_recent.c) in Linux kernels before 2.6.12. On 64-bit CPUs (e.g., AMD64), remote attackers can trigger a kernel panic (DoS) via SSH brute-force-style inputs, due to a length argument based on u_int32_t operating on an array of unsigned long elem...
CVE-2005-2973
CVE-2005-2973 : Linux kernel vn UDPv6 port handling flaw in udp_v6_get_port (in Linux 2.6 before 2.6.14-rc5) allows a local user, when IPv6 is enabled, to trigger an infinite loop and kernel crash (local DoS). Ubuntu advisory USN-219-1 references this CVE and notes kernel updates as remediation. ...
CVE-2005-3105
CVE-2005-3105 affects the Linux kernel 2.6 on Itanium IA-64 Montecito (IA-64) where the mprotect code may lose cache coherency, enabling local users to cause a denial of service and possibly corrupt data by modifying PTE protections. Public advisories in connected documents (e.g., Debian DSA-922,...
CVE-2005-3107
CVE-2005-3107 affects the Linux kernel 2.6 family, where a local attacker tracing a thread that shares the same memory map can cause a denial of service (deadlock) by forcing a core dump when the traced thread is in TASK_TRACED. Public advisories (e.g., RHSA-2006:0437, CESA-2006:0437) document th...
CVE-2006-0038
The CVE-2006-0038 issue is a local kernel vulnerability in Linux 2.6.x where arithmetic in netfilter’s do_replace() can overflow a buffer. Exploitation requires CAP_NET_ADMIN rights and is tied to virtualization environments (e.g., OpenVZ). The advisory notes that this can lead to arbitrary code ...
CVE-2007-2451
CVE-2007-2451 refers to a vulnerability in GEODE-AES (drivers/crypto/geode-aes.c) within the Linux kernel, fixed in kernel version 2.6.21.3. The issue is described as an unspecified vulnerability that could allow attackers to obtain sensitive information via unspecified vectors. The Linux kernel ...
CVE-2008-2137
The CVE-2008-2137 entry describes a Linux kernel vulnerability in the SPARC/SPARC64 mmap checks. Affected are Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, where sparc_mmap_check (arch/sparc/kernel/sys_sparc.c) and sparc64_mmap_check (arch/sparc64/kernel/sys_sparc.c) omit some virtual...
CVE-2008-4302
CVE-2008-4302 affects the Linux kernel splice subsystem specifically fs/splice.c. The root cause is a failure in add_to_page_cache_lru, after which code attempts to unlock a page that was not locked, enabling a local user to trigger a kernel BUG and system crash (denial of service). Public adviso...
CVE-2010-0006
CVE-2010-0006 maps to a Linux kernel IPv6 extension header issue: the ipv6_hop_jumbo check in net/ipv6/exthdrs.c can dereference NULL when processing an invalid IPv6 jumbogram, causing remote denial of service. The affected line set is in kernels before 2.6.32.4, with network namespaces enabled. ...
CVE-2010-1636
The CVE-2010-1636 issue affects the Linux kernel’s btrfs_ioctl_clone path (fs/btrfs/ioctl.c) where cloned file descriptors are not guaranteed to be opened for reading, allowing local users to read from a write-only descriptor. Affected: 2.6.29–2.6.32 (and possibly other versions). Impact: potenti...
CVE-2011-2521
Linux kernel Performance Events vulnerability CVE-2011-2521: the x86_assign_hw_event path in arch/x86/kernel/cpu/perf_event.c miscalculates counter values, allowing a local user to trigger a denial of service (kernel panic) via the perf tool. Affected: Linux kernel before 2.6.39. Root cause: inco...
CVE-2011-2534
CVE-2011-2534 : A buffer overflow in the Linux kernel’s clusterip_proc_write (net/ipv4/netfilter/ipt_CLUSTERIP.c) exists before 2.6.39. A crafted write operation that includes non-terminated string data could allow a local attacker to cause a denial of service and potentially other impact. The ro...
CVE-2014-4157
CVE-2014-4157 affects the Linux kernel on MIPS up to 3.14.8. The fast system-call path does not configure _TIF_SECCOMP checks, letting local attackers bypass PR_SET_SECCOMP restrictions by running a crafted app without trace/audit. Impact: partial confidentiality, integrity, and availability (loc...
CVE-2014-6417
CVE-2014-6417 affects net/ceph/auth_x.c in Ceph usage within the Linux kernel prior to 3.16.3. The issue arises from not handling kmalloc failure, enabling a remote attacker to cause a denial of service (system crash) or potentially other impact via a long unencrypted auth ticket. Public advisori...
CVE-2016-2061
CVE-2016-2061 is described in connected EulerOS/Nessus content as an integer signedness error in the Linux kernel MSM V4L2 video driver (3.x), used in Qualcomm QuIC MSM contributions. It can allow privilege escalation or a denial-of-service via a crafted application that triggers msm_isp_axi_crea...
CVE-2017-8106
The CVE-2017-8106 issue affects the Linux kernel (arch/x86/kvm/vmx.c) in versions 3.12–3.15. The vulnerability arises from the handle_invept path, enabling privileged KVM guest OS users to trigger a NULL pointer dereference via a single-context INVEPT with a NULL EPT pointer, causing a denial of ...
CVE-2018-14656
Summary: CVE-2018-14656 describes a Linux kernel flaw where a missing address check in the callers of show_opcodes() can cause dumping of kernel memory into the dmesg log. The linked connected documents (Unity Linux advisories and OSV entries) confirm this kernel memory disclosure behavior. Affec...
CVE-2021-47088
CVE-2021-47088 concerns the Linux kernel where the DAMON debugfs interface could trigger a use-after-free by destructing monitoring targets without holding the required lock. The root cause was iterating targets in dbgfs_target_ids_read() while also destroying them in dbgfs_before_terminate() wit...
CVE-2021-47174
CVE-2021-47174 refers to a Linux kernel netfilter nft_set_pipapo_avx2 issue. The vulnerability stems from missing irq_fpu_usable() handling in the AVX2 path, triggering a backtrace in nft_pipapo_avx2_lookup and related nft lookups under AVX2. The vulnerability was resolved by adding an irq_fpu_us...
CVE-2021-47199
The CVE-2021-47199 issue in the Linux kernel's mlx5e CT offload layer causes a memleak of mod hdr actions due to CT clear action offload flow handling. Specifically, CT clear action offload adds the same set of mod hdr actions to reset ct_state when an encap action is present, potentially repeati...
CVE-2021-47227
The CVE-2021-47227 issue concerns the Linux kernel x86 fpu path: the non‑compacted slowpath could copy a user XSAVE buffer into kernel space via __copy_from_user(), potentially leaving the kernel XSAVE buffer in an invalid state that XRSTOR could fault on. The identified root cause is improper ha...
CVE-2021-47243
The CVE-2021-47243 issue concerns the Linux kernel's cake_qdisc TCP option parser. Affected code paths cake_get_tcpopt and cake_tcph_may_drop could read one byte out of bounds when processing TCP options, particularly if the option length is 1, leading to a second read for opcodes not equal to TC...
CVE-2021-47272
The CVE-2021-47272 item concerns a Linux kernel issue in the DWC3 gadget path. A failure in dwc3_gadget_init() can leave dwc->gadget dangling and lead to dereferencing an invalid gadget pointer or freeing unmapped DMA memory during mode switches peripheral/host. The root cause is an unsafe ref...
CVE-2021-47300
CVE-2021-47300 – Linux kernel (bpf tail_call_reachable bug) Affects: Linux kernel with BPF tail-call support in interpreter/JIT paths. The issue arises when tail_call_reachable was not properly propagated during JIT/epilogue handling, due to a tracker added in check_max_stack_depth(), causing tai...
CVE-2021-47303
CVE-2021-47303 affects the Linux kernel BPF subsystem. The root cause is improper lifecycle management of the poke descriptor table (aux->poke_tab) associated with BPF prog objects, which can be freed while still referenced by a map’s subprograms. This creates a use-after-free when map_poke_ru...
CVE-2021-47313
The CVE-2021-47313 entry pertains to the Linux kernel cpufreq CPPC path, where a memleak could occur due to resources not being freed on policy->init() failure during cppc_cpufreq_cpu_init. The vulnerability, and its fix, are documented across multiple connected sources (kernel patch reference...
CVE-2021-47336
CVE-2021-47336 affects the Linux kernel via the smackfs path: the function smk_set_cipso() incorrectly handles a bytes-count restriction, due to a mistaken cross-check that applied only to the SMK_FIXED24_FMT path. The issue was addressed in the patch sequence starting with commit 7ef4c19d245f3dc...
CVE-2021-47341
CVE-2021-47341 concerns the Linux kernel KVM mmio path, where a use-after-free flaw in kvm_vm_ioctl_unregister_coalesced_mmio could enable a flawed memory read (8 bytes) via a read access after the object is freed. The issue is in the ARM64 KVM coalesced_mmio code path and Trace shows a use-after...
CVE-2021-47508
CVE-2021-47508 affects the Linux kernel’s btrfs code path. The issue is a memory leak: when qgroup/data reservation fails in btrfs_check_data_free_space() or btrfs_delalloc_reserve_space(), the allocated extent_changeset is not freed. This occurs specifically in the direct IO write path (and rela...
CVE-2021-47532
CVE-2021-47532 concerns a leak in the Linux kernel related to the DRM MSM devfreq OPP reference counter. The vulnerability is described as a local issue in the kernel’s OPP handling that could leak references in the OPP (Operating Performance Point) management path within the drm/msm/devfreq subs...
CVE-2021-47601
CVE-2021-47601 in the Linux kernel fixes a NULL dereference caused by an IS_ERR() vs NULL check in the tee: amdtee path; __get_free_pages() returns NULL, not an error pointer. Affects Linux kernel; fix implemented in kernel updates (Unity Linux UTSA-2025-988866 and SUSE advisories SUSE-SU-2024:29...