13804 matches found
CVE-2023-20841
CVE-2023-20841 affects imgsys and is described as an out-of-bounds write caused by missing valid range checking, enabling local escalation of privileges with System execution privileges needed. User interaction is required for exploitation. Reported patch ID: ALPS07326455 (Issue ID: ALPS07326441)...
CVE-2023-52779
CVE-2023-52779 describes a Linux kernel issue where vfs_getattr_nosec() could end up invoking vfs_getattr() in certain filesystems (notably overlayfs and ecryptfs), which could lead to a NULL pointer dereference due to security_inode_getattr() on a process with no current->fs. The patch introd...
CVE-2023-53067
CVE-2023-53067: Concrete details in connected docs show a LoongArch Linux kernel issue where get_timer_irq() is invoked multiple times in constant_clockevent_init(), causing a sleeping function to be called from an invalid context under CONFIG_DEBUG_ATOMIC_SLEEP=y and CONFIG_DEBUG_PREEMPT=y. The ...
CVE-2024-27406
CVE-2024-27406 refers to a Linux kernel issue where the iov_iter unit test (TEST_IOV_ITER) incorrectly depended on MMU, causing a crash on nommu systems (e.g., qemu kc705-nommu) when vmap() is invoked. The root cause is that vmap() is not supported on nommu, leading to a kernel panic. The vulnera...
CVE-2024-36970
CVE-2024-36970 : In the Linux kernel, the issue affects the iwlwifi subsystem and has been resolved by changing the module load path to use request_module_nowait, which is described as a workaround for a deadlock regression introduced during LED merging in 6.9. The deadlock is observed in systems...
CVE-2024-40985
CVE-2024-40985 concerns the Linux kernel TCP-AO subsystem. The issue is described as: in net/tcp_ao, ao_info could be leaked on error-path, introduced with TCP_AO_CMDF_AO_REQUIRED in patch set version 5. The vulnerability’s root cause is an information leak during error handling in the TCP-AO cod...
CVE-2024-42256
CVE-2024-42256 affects the Linux kernel CIFS client. The issue arises when a subrequest is retried and smb2_async_writev() re-picks the SMB server, causing in_flight accounting to be updated against different servers and leading to misaccounting. The fix removes the repick in smb2_async_writev(),...
CVE-2024-43872
Technical details about CVE-2024-43872 are not provided in the connected documents; only the vulnerability name and a brief fix description exist. Monitor for updates and forthcoming advisories.
CVE-2024-44976
MODE C: CVE-2024-44976 involves the Linux kernel pata_macio driver (ata/pata_macio) where a change to max_segment_size to 64KB caused DMA table overflow on large SG lists, leading to kernel BUGs on 32-bit PowerMacs. The issue arises when oversized requests trigger the split logic, overflowing the...
CVE-2025-21983
CVE-2025-21983 describes a Linux kernel vulnerability where kvfree_rcu used the system_unbound_wq workqueue, potentially triggering a warning in nvme/scsi workflows due to flush_dependency checks. The mitigation documented in the sources is to switch kvfree_rcu to an independent WQ_MEM_RECLAIM wo...
CVE-2025-38008
CVE-2025-38008 affects the Linux kernel: a race in the page allocator’s handling of unaccepted memory across zones due to non-serialized updates to a static key, making the -1/0 boundary vulnerable in concurrent scenarios. The issue is localized to memory management paths (mm/page_alloc) and beco...
CVE-2025-38019
Summary: CVE-2025-38019 describes a use-after-free in the mlxsw spectrum_router driver when deleting GRE net devices, triggered during replay of neighbor configurations after a driver reload. What’s affected: the Linux kernel mlxsw GRE offload path for neighbors built on top of GRE devices; the i...
CVE-2025-38114
CVE-2025-38114 : In the Linux kernel, a deadlock could occur in the e1000 path due to e1000_down calling cancel_work_sync for the e1000_reset_task while RTNL is held. The fix moves cancel_work_sync to happen when the device is being removed (not during normal down), and makes e1000_reset_task a n...
CVE-2025-38273
CVE-2025-38273 corresponds to a Linux kernel fix for a refcount warning in net/tipc: tipc_aead_encrypt, reported when get_net() could be called on a destroying network namespace. The patch replaces get_net() with maybe_get_net(), which checks the refcount and returns -ENODEV if the namespace is b...
CVE-2025-38305
CVE-2025-38305 affects the Linux kernel: the advisory describes removing the ptp->n_vclocks check logic in ptp_vclock_in_use() to avoid a recursive locking scenario. The trigger involves reading ptp->n_vclocks under the n_vclocks_mux while another path holds the same mutex, causing a potent...
CVE-2003-0986
CVE-2003-0986 affects PPC64 on Linux kernels: 2.6 before 2.6.2 and 2.4 before 2.4.24. The issue arises when code copies data from userspace to kernelspace without using copy_from_user, failing to cross security boundaries and enabling local denial of service. Documents indicate a kernel fix/updat...
CVE-2004-2731
CVE-2004-2731 concerns the Linux kernel Sbus PROM driver (drivers/sbus/char/openprom.c) allowing local code execution via integer overflows when a small buffer is passed to copyin_string or a negative size to copyin. It affects 2.4.x (up to 2.4.27) and 2.6.x (up to 2.6.7) and possibly later versi...
CVE-2005-0124
Technical details about CVE-2005-0124 are not provided in the supplied documents. No concrete affected product/version or root cause information is present here; monitor for updates from official advisories.
CVE-2005-0489
CVE-2005-0489 affects Linux kernel 2.4.x prior to 2.4.17, where local attackers can trigger a denial of service by causing an invalid access of freed memory in /proc handling (proc/base.c). The OpenVAS/Debian entries confirm this CVE as part of the 2.4 kernel vulnerabilities and reference Debian ...
CVE-2005-0839
CVE-2005-0839 affects the Linux kernel 2.6 family, where access to the N_MOUSE line discipline for TTYs was not restricted. This allowed a local attacker to inject mouse movements or keystrokes into other user sessions, potentially enabling privilege escalation. The issue is fixed in later kernel...
CVE-2005-1265
CVE-2005-1265 relates to the mmap weakness in Linux kernel 2.6.x (notably around 2.6.10) that allows a local attacker to create memory maps starting beyond the end address, causing a kernel crash (denial of service) and potentially enabling arbitrary code execution. Connected advisories confirm t...
CVE-2005-4881
CVE-2005-4881 is a Linux kernel netlink padding init flaw affecting 2.4.x (pre-2.4.37.6) and 2.6.x (pre-2.6.13-rc1). The issue left padding fields uninitialized in netlink-related structures (e.g., tc_fill_qdisc, tcf_fill_node, inet6_fill_ifinfo, __nlmsg_put, __rta_reserve, etc.), enabling local ...
CVE-2006-0095
CVE-2006-0095 affects dm-crypt in Linux kernel 2.6.15 and earlier, where an internal structure isn’t cleared before freeing, potentially leaking cryptographic key material to local users. Connected advisories (e.g., RHSA-2006:0132 and Debian DSA-1017-1) confirm the issue and describe the fix as a...
CVE-2006-2629
CVE-2006-2629 concerns a race condition in the Linux kernel (versions 2.6.15 to 2.6.17) on SMP systems. An attacker with local access can cause a denial of service (kernel crash) by rapidly creating and exiting a large number of tasks, then querying the /proc entry of an exiting task. This leads ...
CVE-2006-4663
The CVE-2006-4663 entry concerns weak permissions (0666/0777) in the Linux kernel source tarballs for 2.6.16 through 2.6.17.11, potentially allowing a local user to insert Trojan horse source code that could be used when the kernel is next compiled. Primary details from connected documents indica...
CVE-2006-6060
CVE-2006-6060 affects the Linux kernel 2.6.x family (notably up to 2.6.18) where a malformed NTFS file stream can trigger an infinite loop in __find_get_block_slow, causing local CPU exhaustion (DoS). Connected sources confirm this CVE is listed across Debian, SUSE/openSUSE advisories and kernel ...
CVE-2007-6417
The connected Nessus entry links CVE-2007-6417 to the Linux kernel, affecting 2.6.11–2.6.23. The root cause is in shmem_getpage (mm/shmem.c) where allocated memory is not properly cleared in rare tmpfs-related paths, potentially allowing local users to read sensitive kernel data or crash the syst...
CVE-2008-1294
Mode C: CVE-2008-1294 affects the Linux kernel 2.6.x line (notably 2.6.17 and earlier than 2.6.22). The issue is that RLIMIT_CPU is not validated when a user sets it to 0 until after the change is applied, allowing a local user to bypass CPU time limits. Multiple connected advisories cite this CV...
CVE-2008-3534
CVE-2008-3534 affects the Linux kernel tmpfs implementation (shmem.c: shmem_delete_inode). A local attacker could crash the system by a specific sequence of file create/remove/overwrite operations, linked to allocation of “useless pages” and improper maintenance of i_blocks. Public advisories con...
CVE-2009-1914
CVE-2009-1914 affects the Linux kernel on sparc64. The function pci_register_iommu_region in arch/sparc/kernel/pci_common.c in versions prior to 2.6.29 can be abused by a local user to crash the system (denial of service) by reading /proc/iomem, due to uninitialized pointers in the context of the...
CVE-2011-2707
The CVE-2011-2707 entry affects the Linux kernel's arch/xtensa/kernel/ptrace.c, where the ptrace_setxregs() function does not validate user-space pointers. This allows a local user to read kernel memory via a crafted PTRACE_SETXTREGS request, as described for Linux kernel versions before 3.1. Pub...
CVE-2013-2891
The CVE-2013-2891 vulnerability affects the Linux kernel HID subsystem, specifically the file drivers/hid/hid-steelseries.c. When CONFIG_HID_STEELSERIES is enabled, a crafted device can trigger a heap-based out-of-bounds write, allowing a physically proximate attacker to cause aDenial of Service....
CVE-2014-4323
The CVE-2014-4323 issue affects the Linux kernel 3.x MDP display driver (mdp_lut_hw_update in drivers/video/msm/mdp.c) used in Qualcomm QuIC Android MSM contributions. The vulnerability stems from insufficient validation of certain start and length values in an ioctl call, enabling privilege esca...
CVE-2014-6418
Summary of CVE-2014-6418 — firmware/driver component: In Ceph usage within the Linux kernel, net/ceph/auth_x.c handles auth replies and, prior to kernel 3.16.3, fails to properly validate them. This can be triggered by crafted data arriving from a Ceph Monitor IP address, potentially causing a de...
CVE-2016-5856
Technical details for CVE-2016-5856 are not publicly available in the provided documents. Monitor for updates.
CVE-2016-9313
CVE-2016-9313 affects the Linux kernel in security/keys/big_key.c (big_key data type). The issue arises when unsuccessful crypto registration occurs in conjunction with a subsequent key-type registration, enabling local users to trigger a NULL pointer dereference and kernel panic (denial of servi...
CVE-2017-0572
The CVE-2017-0572 entry concerns Broadcom Wi‑Fi driver (bcmdhd) used in Android. The connected analysis provides concrete technical details: in the function dhd_pno_process_anqpo_result, a buffer is allocated as kmalloc(mem_needed,...), but a subsequent memcpy uses bi->SSID_len to copy the SSI...
CVE-2017-0648
CVE-2017-0648 is a local elevation-of-privilege in the Android kernel FIQ debugger. The issue arises from the FIQ debugger and SysRq access enabling arbitrary kernel code execution when exploited by a local attacker via a compromised device. Technical details in the connected sources show the roo...
CVE-2018-10074
CVE-2018-10074 affects the Linux kernel hi3660: hi3660_stub_clk_probe in drivers/clk/hisilicon/clk-hi3660-stub.c (kernel
CVE-2021-47092
Summary: CVE-2021-47092 relates to a Linux kernel KVM VMX issue where setting vmx->fail during emulation_required in L2 nesting was incorrect, potentially causing a VM-Exit/VM-Fail contradiction and a warning during teardown (nested_vmx_vmexit). The fix reverts that change so vmx->fail is n...
CVE-2021-47127
CVE-2021-47127: The Linux kernel AF_XDP copy-mode Tx regression (introduced by commit that removed xsk_buff_pool from VSI) is fixed by adding a bitmap of zero-copy queues. Each bit corresponds to a queue where an xsk pool is configured; the bitmap is updated in ice_xsk_pool_en/disable and consult...
CVE-2021-47151
CVE-2021-47151 affects the Linux kernel interconnect: qcom bcm-voter code. The root cause is a missing of_node_put() in of_bcm_voter_get(), leading to a reference leak. This vulnerability pertains to the bcm-voter path within Qualcomm interconnect and can impact kernel reference handling. A patch...
CVE-2021-47164
CVE-2021-47164 is a Linux kernel vulnerability fixed by correcting a NULL dereference in net/mlx5e related to lag device handling. Explanation: in bond_enslave(), the active/backup slave was set before the upper dev is assigned; a second event with an upper dev can occur, and if lag dev is NULL a...
CVE-2021-47244
CVE-2021-47244 concerns the Linux kernel mptcp TCP option parser. The vulnerability arises in mptcp_get_options, where parsing TCP options could read one byte out of bounds when the option length is 1; after reading the first opcode byte, if it isn’t TCPOPT_EOL or TCPOPT_NOP, the code reads anoth...
CVE-2021-47299
CVE-2021-47299 affects the Linux kernel XDP/BPF path: use-after-free in bpf_xdp_link_release between dev_get_by_index() and dev_xdp_attach_link(). Affected in-kernel code; patches are referenced (ca9ba1de8f09976b45ccc8e655c51c6201992139, a7537dc73e69ad9c0b67ad24ad3ebee954ed0af6, 5acc7d3e8d3428584...
CVE-2021-47317
In the Linux kernel, CVE-2021-47317 relates to the powerpc64 JIT check for BPF atomic instructions. The patch fixes an incorrect scrutiny of the immediate field when distinguishing BPF_XADD/BPF_ATOMIC instructions, ensuring that only allowed immediates (e.g., BPF_ADD) are accepted. Prior to the f...
CVE-2022-48753
CVE-2022-48753 : In the Linux kernel, a memory leak affects the disk Register/IA ranges path. The root cause is an extra reference from kobject_init_and_add() when it fails, leading to allocated memory not being freed. The fix adds a kobject_put() call to ensure proper cleanup and updates the blk...
CVE-2022-48927
CVE-2022-48927 refers to a Linux kernel issue in iio: adc: tsc2046 where memory corruption occurred due to an array overflow. The root cause was a mismatch: indio_dev->num_channels counted physical channels plus a timestamp channel, while the target array was allocated only for physical channe...
CVE-2022-48986
CVE-2022-48986 targets the Linux kernel memory management path for dax. The issue arises because pud_huge() returns true on x86 for dax puds, allowing the gup_pud_range path to behave unexpectedly when hugetlb is not in use, which can trigger a general protection fault and kernel panic in get_use...
CVE-2022-48998
CVE-2022-48998 concerns a PowerPC-specific issue in the Linux kernel’s BPF tail-call handling (powerpc/bpf/32). The available connected documents describe a bug where tail calls to BPF programs with differing stack depths could corrupt stack state, leading to an Oops and kernel data access on wri...