14330 matches found
CVE-2022-48877
In CVE-2022-48877, the Linux kernel f2fs subsystem introduces a fix to avoid a panic when extent_tree is not created. The described crash trace (__lookup_extent_tree+0xd8/0x760; f2fs_do_write_data_page; f2fs_write_cache_pages) occurs during writeback of data pages, potentially leading to kernel p...
CVE-2022-48890
No connected documents with concrete technical details for CVE-2022-48890 beyond the initial description. Technical specifics (affected components/versions/exploit specifics) are not provided here; monitor for updates.
CVE-2022-48892
CVE-2022-48892 : Linux kernel sched/core fix for a use-after-free in dup_user_cpus_ptr(). The vulnerability existed due to dup_user_cpus_ptr() accessing user_cpus_ptr without proper locking, racing with fork() and the clearing of user_cpus_ptr during set_cpus_allowed_ptr_locked(), primarily affec...
CVE-2022-48898
CVE-2022-48898 concerns the Linux kernel drm/msm/dp path where the DP controller’s aux ISR could prematurely complete dp_aux_cmd_fifo_tx() even when the interrupt was not for an aux transfer, causing potential data corruption in EDID transfers during boot and in the host buffer. Multiple connecte...
CVE-2022-48998
CVE-2022-48998 concerns a PowerPC-specific issue in the Linux kernel’s BPF tail-call handling (powerpc/bpf/32). The available connected documents describe a bug where tail calls to BPF programs with differing stack depths could corrupt stack state, leading to an Oops and kernel data access on wri...
CVE-2022-49211
CVE-2022-49211 concerns a Linux kernel issue in the MIPS CDMM code path where of_find_compatible_node() returns a node pointer with an incremented refcount and the code omits of_node_put() to release it. The fixed description states: add the missing of_node_put() to release the refcount. Affected...
CVE-2022-49231
The CVE-2022-49231 entry concerns a Linux kernel issue in the rtw88 driver where memory overrun and memory leaks occurred during hw_scan due to under-allocated buffers. The mitigation is explicit: allocate the correct size and implement a proper deinitialization flow. Connected sources (SUSE Astr...
CVE-2022-49360
CVE-2022-49360 (Linux kernel, f2fs): The issue arises from a root-cause mismatch where ckpt.valid_block_count is inconsistent with the SIT table, causing a panic during garbage collection when the LFS allocator cannot find a free segment despite the filesystem reporting free blocks. The reference...
CVE-2022-49364
CVE-2022-49364 : In the Linux kernel, a f2fs inode eviction bug was fixed. The root cause is that the inode node and the dnode share the same nid, causing dnode truncation to invalidate the NAT entry during f2fs_evict_inode() and leaving the inode marked dirty. The fix clears the dirty flag on th...
CVE-2022-49387
CVE-2022-49387 concerns the Linux kernel watchdog driver rzg2l_wdt. The root cause is a 32-bit overflow in timer_cycle_us that can yield 0, e.g., when a counter like 0xfff is used to compute maxval. The provided connected documents confirm a patch that promotes values to 64-bit by appending ULL t...
CVE-2022-49393
The CVE-2022-49393 issue affects the Linux kernel in the misc: fastrpc: fix list iterator in fastrpc_req_mem_unmap_impl area. The root cause is an incorrect use of the list iterator with list_for_each_entry(), where the iterator value map is not NULL when the list is empty, causing logic that che...
CVE-2022-49582
This CVE-ID (CVE-2022-49582) is associated with the Linux kernel: net: dsa: fix NULL pointer dereference in dsa_port_reset_vlan_filtering. The root cause described in the sources is that the ds iterator variable used in dsa_port_reset_vlan_filtering() -> dsa_switch_for_each_port() overwrites t...
CVE-2022-49706
CVE-2022-49706—zonefs contains a read handling bug in zonefs_iomap_begin() where a readahead to a zone file with an offset equal to the current file size can set iomap type to IOMAP_UNWRITTEN with length 0, triggering a WARN_ON in iomap_iter and causing iomap_readahead() to loop. The patch fixes ...
CVE-2022-49781
CVE-2022-49781 corresponds to a Linux kernel vulnerability in perf/x86/amd where a race between amd_pmu_enable_all and perf NMI/throttling could lead to a NULL event dereference and kernel crash. The issue arises when perf NMI disables/enables all events while amd_pmu_enable_all is in progress, p...
CVE-2022-49919
CVE-2022-49919 : In the Linux kernel, the nf_tables flow rule object release path was fixed. The underlying issue was a use-after-free (UAF) triggered by races with the netlink notifier, observed when the flow rule object is accessed only from the control plane (no data packets traverse it). The ...
CVE-2022-49952
CVE-2022-49952 concerns the Linux kernel. The issue is in the misc: fastrpc path where memory could be corrupted during probe due to a missing sanity check on the probed-session count. When there are more than FASTRPC_MAX_SESSIONS sessions defined in the devicetree, memory could be corrupted beyo...
CVE-2022-49959
The CVE-2022-49959 entry concerns a memory-leak in the Linux kernel related to openvswitch datapath creation. The root cause was that ovs_dp_cmd_new()->ovs_dp_change()->ovs_dp_set_upcall_portids() allocated an array with kmalloc but did not always free dp->upcall_portids when new_vport()...
CVE-2022-49972
In CVE-2022-49972, the Linux kernel vulnerability concerns XDP_SHARED_UMEM mode (with aligned mode) where packets become corrupted for the second and subsequent sockets bound to the same umem; the first socket is unaffected. The root cause was that DMA addresses for the pre-populated xsk buffer p...
CVE-2022-49987
CVE-2022-49987 concerns the Linux kernel md subsystem. The provided documents show the vulnerability arises from md_stop path handling where __md_stop_writes should be stopped earlier to align with normal md-raid and fix a KASAN issue. Multiple advisories (Unity Linux UTSA-2026-004867/992895 and ...
CVE-2022-50142
CVE-2022-50142 : In the Linux kernel, the intel_th: msu component was fixed to account for DMA buffers that may be allocated via vmalloc() after the patch set removing CONFIG_DMA_REMAP, which could disrupt the mmapping code during faults (msc_mmap_fault). The described issue arises from a possibl...
CVE-2022-50171
CVE-2022-50171 is a Linux kernel issue in crypto: hisilicon/sec where a mutex lock is used during softirq, causing scheduling while atomic when kunpeng920 encryption driver processes packets in softirq. Affected component: Linux kernel crypto path for Hisilicon/sec; root cause: sleeping in softir...
CVE-2022-50199
Mode C: The CVE-2022-50199 issue affects the Linux kernel on ARM (OMAP2+). The root cause is a refcount leak in omapdss_init_of: omapdss_find_dss_of_node() calls of_find_compatible_node() which returns a node with a refcount incremented, but of_node_put() is not always called. The fix adds missin...
CVE-2023-3317
CVE-2023-3317 is a use-after-free flaw in the Linux kernel’s MediaTek MT7921E WiFi driver (mt7921_check_offload_capability in drivers/net/wireless/mediatek/mt76/mt7921/init.c). The defect can crash the system after releasing the internal memory for device features and may enable a kernel informat...
CVE-2023-52785
CVE-2023-52785 affects the Linux kernel, specifically the SCSI UFS core. The issue is a race between ufshcd_mcq_abort() and the ISR: when a command timeout occurs and a CQ complete IRQ arrives concurrently, ufshcd_mcq_abort clears lprb->cmd, leading to a NULL pointer dereference in the ISR. Th...
CVE-2023-52839
CVE-2023-52839 describes a Linux kernel vulnerability in perf where broadcasting to other CPUs when starting a counter was removed as part of a fix (commit 3fec323339a4). Root cause: unnecessary broadcast in perf code could lead to a warning and potential instability; fix eliminates the broadcast...
CVE-2023-52848
Summary (CVE-2023-52848) : The issue, reported for the Linux kernel’s f2fs file system, centers on a bug during f2fs_put_super() where the meta_inode page cache is not dropped after an IO error in f2fs_wait_on_all_pages. This can lead to a reference-count leak and a kernel panic during unmount. T...
CVE-2023-52897
CVE-2023-52897 affects the Linux kernel Btrfs quota management (qgroup) accounting. Root cause: after introducing NO_ACCOUNTING, some qgroup records could have old_roots unset (NULL). During a qgroup rescan, NO_ACCOUNTING is cleared and current transaction is committed, which may trigger a WARN_O...
CVE-2023-52981
The CVE-2023-52981 entry concerns the Linux kernel's DRM/i915 path, where GuC-enabled error capture and debugfs dump handling introduced incorrect reference counting for the request object. The issue affects the context-based search and execlist-based search paths, requiring proper get/put refere...
CVE-2024-26850
CVE-2024-26850 concerns the Linux kernel bug in mm/debug_vm_pgtable related to pud_advanced_tests for PUD entries on architectures such as powerpc. Affected code could trigger a kernel panic (BUG_ON) when debug checks are active (CONFIG_DEBUG_VM), with traces pointing to radix_pgtable.c and pgtab...
CVE-2024-39465
CVE-2024-39465 affects the Linux kernel's media: mgb4 path. A double removal of debugfs entries (debugfs_remove_recursive)—removing a parent directory and then its child—could trigger a kernel panic. The connected documents confirm a fix was applied in the Linux kernel to prevent this double-remo...
CVE-2024-41003
The CVE-2024-41003 entry concerns a Linux kernel BPF verifier bug: after a prior OR, line 19 triggers a REG INVARIANTS VIOLATION due to a corrupted fake_reg when reg_set_min_max is applied to a known-constant branch. The issue arises in the BPF subsystem’s handling of register invariants during a...
CVE-2024-41029
CVE-2024-41029 — Linux kernel (nvmem/core) Affected: Linux kernel components handling non-volatile memory (nvmem). Issue: the cell sysfs attribute could expose more access to nvmem data than the main attribute, e.g., when nvme_config::root_only was set, the cell attribute still allowed reads for ...
CVE-2024-41043
The CVE-2024-41043 entry concerns a Linux kernel netfilter nfnetlink_queue issue where a WARN_ON can be triggered when rules are flushed/deleted while a packet is in flight. The root cause is a bogus WARN_ON that existed since v4.14; the fix removes this WARN_ON and uses a more recent fixes tag i...
CVE-2024-42099
The CVE-2024-42099 issue affects the Linux kernel s390/dasd subsystem. It concerns indirect addressing for DASD CCWs (IDAW) where the CCW CDA pointer points to IDAL and must be translated from physical to virtual before use. Dereferencing this pointer can cause a kernel panic in error paths, incl...
CVE-2024-42111
CVE-2024-42111 affects the Linux kernel BTRFS qgroup handling. The root cause was a patch (b5357cb268c4) that skipped the qgroup inherit checks when qgroup is disabled, allowing a malformed btrfs_qgroup_inherit structure to pass. This could lead to a slab-out-of-bounds read (KASAN) during transac...
CVE-2024-44976
MODE C: CVE-2024-44976 involves the Linux kernel pata_macio driver (ata/pata_macio) where a change to max_segment_size to 64KB caused DMA table overflow on large SG lists, leading to kernel BUGs on 32-bit PowerMacs. The issue arises when oversized requests trigger the split logic, overflowing the...
CVE-2024-53235
The CVE-2024-53235 entry documents a Linux kernel issue where erofs file-backed mounts over FUSE caused a null pointer dereference in fuse_read_args_fill during reads (fuse_read_folio path), potentially affecting read I/O that requires valid file pointers on certain network/FUSE filesystems. The ...
CVE-2025-21730
CVE-2025-21730 affects the Linux kernel WiFi driver rtw89. The issue occurs during WoWLAN resume when an interface is re-added without removing the previous entry, causing mgnt_entry list to be initialized twice and leading to list corruption (list_add_tail on an already linked entry). The fix ad...
CVE-2025-21983
CVE-2025-21983 describes a Linux kernel vulnerability where kvfree_rcu used the system_unbound_wq workqueue, potentially triggering a warning in nvme/scsi workflows due to flush_dependency checks. The mitigation documented in the sources is to switch kvfree_rcu to an independent WQ_MEM_RECLAIM wo...
CVE-2025-22006
CVE-2025-22006 affects the Linux kernel net/ethernet ti am65 cpsw driver: registering TX/RX DMA interrupts before their NAPI callbacks can cause a NULL pointer dereference. The issue has been fixed in kernel commits (see kernel.org references) and Astra/Oracle advisories indicate the vulnerabilit...
CVE-2025-38025
The CVE-2025-38025 issue affects the Linux kernel IIO ADC driver for the ad7606 bus. The root cause is a NULL dereference when calling sw_mode_config() because the callback may not be defined on all buses. The vulnerability can lead to a crash via NULL-pointer dereference in vulnerable configurat...
CVE-2025-38047
CVE-2025-38047 : Linux kernel x86/FRED: The system can hang on S4 resume when FRED is enabled. The issue arises because, after loading a hibernation image, the image kernel reuses original page frames while the FRED MSRs may still hold values set by the restore kernel. The image kernel must ensur...
CVE-2025-38114
CVE-2025-38114 : In the Linux kernel, a deadlock could occur in the e1000 path due to e1000_down calling cancel_work_sync for the e1000_reset_task while RTNL is held. The fix moves cancel_work_sync to happen when the device is being removed (not during normal down), and makes e1000_reset_task a n...
CVE-2026-22990
CVE-2026-22990 affects the Linux kernel libceph component, where an overzealous BUG_ON in osdmap_apply_incremental() could misreact to a maliciously corrupted incremental osdmap epoch. The mitigation is to treat such an incongruent incremental osdmap as invalid rather than triggering a BUG. Conne...
CVE-2001-0405
Concrete details: CVE-2001-0405 affects ip_conntrack_ftp inside the Linux 2.4 iptables RELATED connection tracking. A crafted FTP PORT command could cause the firewall to allow an arbitrary IP/port through the RELATED table, bypassing access restrictions. Implication: arbitrary firewall holes for...
CVE-2002-0060
CVE-2002-0060 affects the Linux kernel netfilter IRC DCC connection-tracking helper in 2.4.x (notably 2.4.14–2.4.18-pre8/9). The bug sets an overly broad conntrack mask, causing firewall rules to be more permissive than intended and potentially allowing inbound connections that bypass restriction...
CVE-2005-0530
CVE-2005-0530 is a signedness error in the copy_from_read_buf function in n_tty.c of the Linux kernel (affected: 2.6.10 and 2.6.11rc1) that allows local users to read kernel memory via a negative argument. The vulnerability is documented across multiple advisories, including Red Hat (RHSA-2005:36...
CVE-2005-0839
CVE-2005-0839 affects the Linux kernel 2.6 family, where access to the N_MOUSE line discipline for TTYs was not restricted. This allowed a local attacker to inject mouse movements or keystrokes into other user sessions, potentially enabling privilege escalation. The issue is fixed in later kernel...
CVE-2006-0095
CVE-2006-0095 affects dm-crypt in Linux kernel 2.6.15 and earlier, where an internal structure isn’t cleared before freeing, potentially leaking cryptographic key material to local users. Connected advisories (e.g., RHSA-2006:0132 and Debian DSA-1017-1) confirm the issue and describe the fix as a...
CVE-2006-0741
CVE-2006-0741 affects the Linux kernel before 2.6.15.5 on Intel EM64T/Intel processors. The issue enables a local denial of service via an endlessly recursive fault caused by a bad ELF entry address. The vulnerability is exploited locally (no authentication required). The documented fixes indicat...