14330 matches found
CVE-2017-0451
CVE-2017-0451 describes an information-disclosure vulnerability in the Qualcomm sound driver on Android. The issue enables a local malicious application to access data outside its granted permissions after compromising a privileged process. Affected components include Android kernels around 3.10 ...
CVE-2017-0457
The CVE-2017-0457 entry describes an elevation of privilege in the Qualcomm ADSPRPC driver on Android, allowing a local malicious app to execute arbitrary code in the kernel context. Affected components/versions include Android kernel 3.10 and 3.18 with the ADSPRPC driver as the exploit vector; t...
CVE-2017-0460
CVE-2017-0460 describes a local elevation-of-privilege in the Qualcomm networking driver on Android, allowing a malicious local app to execute code in the kernel. Affected are Android kernels 3.10 and 3.18; the exploit requires compromising a privileged process and does not appear to be remotely ...
CVE-2017-0461
CVE-2017-0461 is an information-disclosure vulnerability in the Qualcomm Wi‑Fi driver affecting Android (kernel 3.10/3.18). The issue could allow a locally malicious app to access data outside its permissions, because exploitation requires compromising a privileged process. The connected document...
CVE-2017-0464
CVE-2017-0464 is a local elevation-of-privilege vulnerability in the Qualcomm Wi‑Fi driver used by Android. The flaw allows a locally malicious application to execute arbitrary code in the kernel context after compromising a privileged process. Public documentation identifies the affected stack a...
CVE-2017-0465
CVE-2017-0465 describes an elevation of privilege vulnerability in the Qualcomm ADSPRPC driver that could allow a local attacker to execute arbitrary code in the kernel context on Android devices. Affected components/versions in the public records include the Android kernel (Kernel-3.10, Kernel-3...
CVE-2017-0534
CVE-2017-0534 describes an information disclosure in the Qualcomm video driver for Android, enabling a local malicious application to access data outside its permission levels. Connected CNVD/NVD entries reiterate the issue and affected component (Qualcomm video driver) but do not provide explici...
CVE-2017-0570
CVE-2017-0570 concerns a local elevation-of-privilege flaw in the Broadcom Wi‑Fi driver used by Android. The connected Seebug entry details a heap overflow in the wl_iw_get_essid ioctl path (SIOCGIWESSID): the driver allocates a 33-byte extras buffer and copies ssid.SSID_len bytes from the dongle...
CVE-2017-0582
CVE-2017-0582 is a moderate-e severity elevation-of-privilege issue affecting the Google Nexus 9 sensor hub. The vulnerability stems from the HTC OEM fastboot command which could allow a local attacker to execute code in the sensor hub context. Technical details from connected sources describe a ...
CVE-2021-47273
CVE-2021-47273 concerns the Linux kernel component for the usb dwc3-meson-g12a PHY glue. When PHY0 is disabled and only PHY1 is used (e.g., Odroid-HC4), regmap initialization erroneously targets the usb2 path, since PHY1 regmap entry isn’t initialized. This can lead to a kernel NULL pointer deref...
CVE-2022-49765
CVE-2022-49765 concerns the Linux kernel 9p transport. The issue arises from inconsistent lock state between p9 client structures and the trans_fd transport path. Specifically, p9_req_put() and p9_tag_remove() interactions cross IRQ contexts but the trans_fd path used a different lock, leading to...
CVE-2022-49876
Summary: CVE-2022-49876 is a Linux kernel vulnerability in wifi/mac80211 that causes a general-protection fault when an interface’s status changes during active transmission. The issue stems from accessing sdata->bss after it is set to NULL during ieee80211_runtime_change_iftype/ieee80211_do_s...
CVE-2022-49896
CVE-2022-49896 relates to the Linux kernel’s cxl/pmem subsystem. The issue: when a cxl_nvdimm object is removed, associated regions were not consistently disabled, because the driver tracked only one region per nvdimm device. This could leak regions and cause cxl_memdev reference leaks. The vulne...
CVE-2023-32246
CVE-2023-32246 refers to a race in ksmbd where rcu_barrier() is not invoked during module unload, potentially allowing unloading with pending RCU callbacks and unintended kernel code execution. Multiple sources indicate the vulnerability has been resolved in the Linux kernel; no exploitation deta...
CVE-2023-52982
CVE-2023-52982 affects the Linux kernel fscache path for relinquished volumes. The root cause is a mismatch between wake_up_bit() and wait_var_event() on different wait-queues, which could prevent a waiter from waking and cause a hang if wake-ups are delayed. The fixes described in the sources sw...
CVE-2023-52987
CVE-2023-52987 affects the Linux kernel ASoC SOF component: ipc4-mtrace code path. The vulnerability arises from an underflow in sof_ipc4_priority_mask_dfs_write() caused by using a signed id that should be unsigned, leading to an array underflow. The available connected documents consistently st...
CVE-2023-53012
CVE-2023-53012 is documented across multiple connected advisories as a Linux kernel vulnerability affecting the thermal subsystem. The issue arises from calling put_device() before a successful device_register(), specifically in __thermal_cooling_device_register(), and is accompanied by unnecessa...
CVE-2024-42255
CVE-2024-42255: The Linux kernel contains a fix for a NULL pointer dereference in the TPM HMAC handling path. Specifically, in tpm_buf_check_hmac_response(), the code previously dereferenced auth after NULL checking, which could crash if tpm2_sessions_init() was not called when TCG_TPM2_HMAC was ...
CVE-2024-46688
CVE-2024-46688 - Linux kernel erofs fix : The issue is an out-of-bound access in erofs when z_erofs_gbuf_growsize() partially fails, potentially causing NULL-pointer dereference or memory leaks if the old gbuf->pages[] array is too small. The documented mitigation is to compare against gbuf-&g...
CVE-2024-46769
CVE-2024-46769 relates to the Linux kernel SPI Intel driver. A check for the pointer returned by devm_kasprintf() in intel_spi_populate_chip() was missing, allowing a NULL pointer to be used for pdata->name. The vulnerability has been resolved in the kernel with the fix described in the linked...
CVE-2024-46837
CVE-2024-46837 affects the Linux kernel component for the DRM panthor uAPI, specifically the group_create path. The vulnerability arose from missing permission checks allowing non-privileged users to create high-priority groups. The underlying fix restricts who can set higher-than-MEDIUM prioriti...
CVE-2024-53186
The CVE-2024-53186 detail describes a Linux kernel race in ksmbd SMB request handling that can cause a use-after-free (UAF). Specifically, ksmbd_conn_handler_loop() waits for conn->r_count to reach zero, while handle_ksmbd_work() decrements r_count and may free conn via ksmbd_conn_free(). Afte...
CVE-2025-21845
Technical details about CVE-2025-21845 are not provided in the connected documents. The initial description summarizes the issue; monitor for updates.
CVE-2025-37941
CVE-2025-37941 affects the Linux kernel ASoC: codecs/wcd937x. The issue is a potential memory leak in wcd937x_soc_codec_probe() when snd_soc_dapm_new_controls() or snd_soc_dapm_add_routes() fail, because the allocated wcd937x->clsh_info is not released. The root cause is missing cleanup in err...
CVE-2025-38021
CVE-2025-38021 affects the Linux kernel in the DRM AMD Display path (drm/amd/display), where update_dchubp_dpp and related code could dereference a null pipe_ctx->plane_state. The issue is a missing null check in the update path that could lead to a null pointer dereference; it is stated to be...
CVE-2025-38207
CVE-2025-38207 : In the Linux kernel, a bug in the uprobe handling during vma expansion could cause the upnode page table entry (pte) to be overwritten, potentially orphaning the upbump page. The issue arises when remapping a vma that includes an uprobe, causing a pte overwrite during the set_pte...
CVE-2025-38576
CVE-2025-38576 affects the Linux kernel PowerPC EEH hotplug path. Root cause: race conditions between the PCIe hotplug driver and the EEH driver can yield kernel oops during unplug/recovery cycles and bus disappearance. Resolution: refactor the EEH module to be PCI rescan and remove safe, with cl...
CVE-2025-38644
CVE-2025-38644 is a Linux kernel issue in the MAC80211 Wi‑Fi code. When a station not yet associated sent NL80211_TDLS_ENABLE_LINK, TDLS was processed before association, leaving sdata->u.mgd.tdls_peer uninitialized and triggering a WARN_ON() in code paths that expected a valid TDLS peer. The ...
CVE-1999-0460
CVE-1999-0460 describes a buffer overflow in the Linux autofs module triggered by excessively long directory names, allowing local users to cause a denial of service. The available connected documents confirm the affected component (Linux autofs module) and the vulnerability class (buffer overflo...
CVE-2001-1394
CVE-2001-1394 is a Linux kernel local vulnerability describing a signedness error in (1) getsockopt and (2) setsockopt prior to kernel version 2.2.19 that allows local users to cause a denial of service. The connected documents confirm the affected component is the Linux kernel and specify the is...
CVE-2002-0704
The CVE-2002-0704 entry concerns Netfilter (iptables) NAT capability leaking translated IP addresses in ICMP error messages for versions 1.2.6a and earlier. Affected component: Netfilter (iptables) NAT feature. Root cause: NAT leaks internal addresses in ICMP error messages. Impact: potential exp...
CVE-2002-2254
The CVE describes a vulnerability in the Linux kernel’s Netfilter/IPTables: the experimental IP packet queuing feature in kernels 2.4 (up to 2.4.19) and 2.5 (up to 2.5.31). If a privileged process exits while traffic is not queued, a later process with the same PID may access network traffic that...
CVE-2004-0626
The CVE-2004-0626 issue affects the Linux kernel 2.6 netfilter subsystem when using iptables with TCP options. Affected code path is tcp_find_option; a large option length can produce a negative value after casting to char, causing an infinite loop that consumes CPU and leads to remote DoS. This ...
CVE-2005-0207
CVE-2005-0207 corresponds to an unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x where NFS clients can trigger a denial of service via NFS client O_DIRECT error handling. The issue is documented in multiple advisories (RHSA-2005:366 / CESA-2005:366) and CentOS/Ubuntu/NVD entries. Aff...
CVE-2005-2617
The CVE-2005-2617 entry describes a vulnerability in Linux kernel 2.6.12 and later on 64-bit x86 where syscall32_setup_pages (syscall32.c) does not check the return value of insert_vm_struct. This can allow local users to trigger a memory leak via a crafted 32‑bit ELF header. Affected component: ...
CVE-2006-0096
CVE-2006-0096 affects the SDLA driver in Linux kernels 2.6.x before 2.6.11 and 2.4.x before 2.4.29, describing lax capability checks for firmware upgrades. The description notes local attack vectors and an unclear impact; later investigation mentions that exploitation may require root privileges ...
CVE-2006-1624
The CVE-2006-1624 entry concerns the Linux sysklogd package (syslogd) where the default configuration does not enable the -x option (disable name lookups). This enables remote attackers to induce a denial of service via traffic amplification using messages with spoofed source IP addresses. The av...
CVE-2006-5331
CVE-2006-5331 affects the Linux kernel on 64-bit PowerPC systems. The altivec_unavailable_exception function mishandles the path where CONFIG_ALTIVEC is defined and the CPU supports Altivec, but Altivec support was not detected by the kernel, enabling a local user to trigger an Altivec instructio...
CVE-2009-3288
The CVE-2009-3288 entry affects the Linux kernel 2.6.28-rc1 through 2.6.31-rc8. It concerns the sg_build_indirect function in drivers/scsi/sg.c, which uses an incorrect variable when accessing an array, allowing a local user to cause a Denial of Service via a kernel OOPS and NULL pointer derefere...
CVE-2009-4306
CVE-2009-4306 concerns the Linux kernel’s ext4 filesystem, specifically the EXT4_IOC_MOVE_EXT (move extents) ioctl in 2.6.32-git6 and earlier. The vulnerability enables local users to trigger a denial of service through filesystem corruption via unknown vectors, and is described as distinct from ...
CVE-2009-4410
The CVE-2009-4410 issue affects the Linux kernel 2.6.29-rc1 through 2.6.30.y, specifically the fuse_ioctl_copy_user path in fs/fuse/file.c. The bug stems from using the wrong variable as an argument to kunmap in the ioctl handler, enabling local users to trigger a denial of service (panic) via un...
CVE-2013-3237
CVE-2013-3237 affects the Linux kernel’s vsock_stream_sendmsg in net/vmw_vsock/af_vsock.c, where a length variable is not initialized prior to use. This can allow local users to read sensitive data from kernel stack memory via crafted recvmsg/recvfrom syscalls. The issue is linked to the kernel v...
CVE-2016-8400
CVE-2016-8400 describes an information-disclosure vulnerability in the NVIDIA librm library (libnvrm) on Android (Kernel 3.18). A local malicious application could read data outside its permission levels due to improper memory handling in LIBNVRM, potentially exposing sensitive data. The vulnerab...
CVE-2017-0449
CVE-2017-0449 describes an elevation-of-privilege in the Broadcom Wi‑Fi driver for Android devices using the 3.10 kernel (e.g., Nexus 6P/Nexus 6). A local, privileged process could be exploited by a malicious user/application to execute arbitrary code in the kernel context. The CNVD entry corrobo...
CVE-2017-0452
CVE-2017-0452 describes an information-disclosure vulnerability in the Qualcomm camera driver on Android (kernel 3.10). The issue could allow a local malicious application to access data outside its permission levels after compromising a privileged process. Affected devices include Nexus 5X, Nexu...
CVE-2017-0453
CVE-2017-0453 : Elevation of privilege in the Qualcomm Wi‑Fi driver could allow a local malicious Android application to execute arbitrary code in the kernel context. Affected: Android on Kernel-3.10. First an attack requires compromising a privileged process. CVSS metrics indicate high impact an...
CVE-2017-0454
CVE-2017-0454 is an elevation-of-privilege vulnerability in the Qualcomm audio driver that allows a local malicious application to execute arbitrary code in the kernel context. Affected product: Android with kernel versions 3.10 and 3.18. Root cause is exploitation within the Qualcomm audio drive...
CVE-2017-0463
CVE-2017-0463 is an elevation-of-privilege in the Qualcomm networking driver affecting Android kernels (Kernel-3.10 and Kernel-3.18). The issue could let a local malicious app run code in kernel context after compromising a privileged process. The available connected sources confirm the vulnerabi...
CVE-2017-0521
CVE-2017-0521 is a local elevation-of-privilege issue in the Qualcomm camera driver that could allow a malicious local app to execute arbitrary code in the kernel. The vulnerability targets Android and is tied to kernel versions 3.10 and 3.18, with referenced impact described as high for a compro...
CVE-2017-0575
An elevation of privilege vulnerability exists in the Qualcomm Wi‑Fi driver on Android. CVE-2017-0575 can allow a local attacker to execute arbitrary code in the kernel context after compromising a privileged process. Affected products/versions include Android with the kernel versions 3.10 and 3....