CVE-2023-20660

CVE-2023-20660 affects the WLAN component in MediaTek devices, with an out-of-bounds read caused by an integer overflow that can lead to local information disclosure. Exploitation requires SYSTEM-level privileges, and no user interaction is needed. A patch is referenced (ALPS07588383 / ALPS075883...

CVE-2023-32249

CVE-2023-32249 affects the Linux kernel ksmbd component. The issue is mitigated by a patch that returns STATUS_NOT_SUPPORTED when the binding session is a guest on multichannel, effectively disallowing guest access for that path. The NVD metrics classify the impact as locally exploitable with low...

CVE-2023-4130

CVE-2023-4130 : In the Linux kernel’s ksmbd SMB2 handling, there is a vulnerability due to wrong next length validation of the ea buffer in smb2_set_ea(). When multiple smb2_ea_info buffers are in FILE_FULL_EA_INFORMATION, ksmbd iterates using NextEntryOffset and validates only with that offset i...

CVE-2023-53115

CVE-2023-53115 refers to a Linux kernel vulnerability affecting the scsi mpi3mr driver, where memory leaks were reported in mpi3mr_init_ioc during IOC reinitialization. The confirmed remediation is a memory-management fix that prevents reallocation when IOC is being reinitialized. Multiple adviso...

CVE-2024-46688

CVE-2024-46688 - Linux kernel erofs fix : The issue is an out-of-bound access in erofs when z_erofs_gbuf_growsize() partially fails, potentially causing NULL-pointer dereference or memory leaks if the old gbuf->pages[] array is too small. The documented mitigation is to compare against gbuf-&g...

CVE-2024-53186

The CVE-2024-53186 detail describes a Linux kernel race in ksmbd SMB request handling that can cause a use-after-free (UAF). Specifically, ksmbd_conn_handler_loop() waits for conn->r_count to reach zero, while handle_ksmbd_work() decrements r_count and may free conn via ksmbd_conn_free(). Afte...

CVE-2024-57987

CVE-2024-57987 is a Linux kernel Bluetooth vulnerability in the btrtl driver. When inserting a USB dongle whose Realtek chip isn’t in ic_id_table, a NULL dereference could trigger a kernel oops. The fix adds a NULL check in btrtl_setup_realtek() to prevent the NULL pointer access. Affected: Linux...

CVE-2025-21769

CVE-2025-21769 affects the Linux kernel: the vmclock misc device lacked the .owner field, allowing a module unload while /dev/vmclock0 is open and causing an oops. The fix adds the .owner field to vmclock_miscdev_fops to prevent unloading during access. Public references indicate the vulnerabilit...

CVE-2025-21788

Technical details for CVE-2025-21788 are not provided in the connected documents; the initial description does not reveal vendor/product/version specifics, affected components, or remediation. Monitor for updates.

CVE-2025-21807

CVE-2025-21807 (Linux kernel) affects the block subsystem. queue_attr_store() previously freezes the device queue before invoking the attribute store operation. For attributes controlling queue limits, the store could lock queue limits via queue_limits_start_update(), creating an ABBA deadlock if...

CVE-2025-21933

CVE-2025-21933: In the Linux kernel (ARM), a NULL pointer dereference can occur in pgtable when update_mmu_cache_range() is invoked with a NULL vmf, causing a NULL dereference in adjust_pte(). The issue is triggered by how PTE locks are acquired; the fix changes the lock decision to be based on w...

CVE-2025-21954

CVE-2025-21954 – Linux kernel netmem: prevent TX of unreadable skbs. Root cause: stable trees support netmem RX but not TX; forwarding unreadable SKBs to TX could cause DMA-mapping APIs to receive invalid DMA addresses, risking device handling. Fix: prevent the xmit of unreadable skbs. Impact (as...

CVE-2025-37939

CVE-2025-37939 affects the Linux kernel in the libbpf component, specifically the BTF.ext core_relo header handling. The issue arises when btf_ext_parse_info() reads fields of the core_relo header without confirming its presence, potentially triggering a buffer read overflow as reported by OSS-Fu...

CVE-2025-37941

CVE-2025-37941 affects the Linux kernel ASoC: codecs/wcd937x. The issue is a potential memory leak in wcd937x_soc_codec_probe() when snd_soc_dapm_new_controls() or snd_soc_dapm_add_routes() fail, because the allocated wcd937x->clsh_info is not released. The root cause is missing cleanup in err...

CVE-1999-0804

CVE-1999-0804 affects Linux 2.2.x kernels, where the vulnerability lies in ICMP handling. Malformed ICMP packets with unusual types, codes and IP header lengths can cause a denial of service. The NVD CVSS v2 base score is 5.0 (Medium), with network attack vector, low attack complexity, and partia...

CVE-2001-1393

CVE-2001-1393 relates to an unknown vulnerability in the Linux kernel classifier code prior to version 2.2.19 that could cause a denial of service (hang). Multiple connected sources (Mandrake/MDKSA-2001:037, Debian/DSA-047-1, OpenVAS entries) describe an off-by-one issue in the CPIA driver within...

CVE-2001-1396

CVE-2001-1396 corresponds to an off-by-one vulnerability in the CPIA driver of the Linux kernel prior to 2.2.19. Connected advisories confirm that this flaw could allow a local attacker to modify kernel memory, potentially impacting confidentiality and integrity (and with related disclosures, DoS...

CVE-2002-1573

CVE-2002-1573 refers to an unspecified vulnerability in the Linux kernel’s pcilynx ieee1394 (pcilynx.c) driver, affected in kernels before 2.4.20 and related to wrap handling. The initial description notes unknown impact and attack vectors; public detail is limited. Public references describe the...

CVE-2003-0418

The vulnerability CVE-2003-0418 affects the Linux 2.0 kernel IP stack, where the ICMP code path miscomputes the size of an ICMP citation. This miscalculation allows ICMP error responses to leak portions of the kernel memory, potentially exposing sensitive data. Affected component: Linux kernel IP...

CVE-2004-0997

CVE-2004-0997 is a local privilege-escalation vulnerability in the MIPS ptrace assembly code of the Linux kernel 2.4.x prior to 2.4.17. The connected Debian advisories (DSA-1067-1 and DSA-1070-1) reference this CVE among a list of kernel vulnerabilities and indicate remediation via updates to ker...

CVE-2005-0177

CVE-2005-0177 relates to the Linux kernel: nls_ascii.c incorrectly sized the translation table (128 vs 256), enabling a buffer overflow that can crash the kernel (DoS). Public references in Ubuntu/SUSE/NVD describe the same issue affecting Linux kernels up to 2.6.8.1, with fixes provided in newer...

CVE-2005-0207

CVE-2005-0207 corresponds to an unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x where NFS clients can trigger a denial of service via NFS client O_DIRECT error handling. The issue is documented in multiple advisories (RHSA-2005:366 / CESA-2005:366) and CentOS/Ubuntu/NVD entries. Aff...

CVE-2005-0916

CVE-2005-0916 affects the Linux kernel 2.6.11 on PPC64/IA64 with CONFIG_HUGETLB_PAGE enabled. A local user can trigger a denial of service (system panic) by running io_queue_init and exiting without io_queue_release, causing exit_aio and is_hugepage_only_range to fail. Connected sources confirm t...

CVE-2005-3808

The CVE-2005-3808 issue affects the Linux kernel (versions 2.6.11–2.6.14). A 32‑bit system executing 64‑bit mmap calls can trigger an integer overflow in invalidate_inode_pages2_range, allowing local users to cause a denial of service (hang). Multiple advisories confirm the vulnerability across d...

CVE-2006-0035

The CVE-2006-0035 entry is supported by connected documents detailing a vulnerability in the Linux kernel (versions 2.6.14 and 2.6.15). The issue occurs in the netlink_rcv_skb function within af_netlink.c, where a crafted nlmsg_len field of 0 can cause a local-user-triggered denial of service via...

CVE-2006-1523

CVE-2006-1523 affects the Linux kernel’s RCU signal handling: the __group_complete_signal function in signal.c may allow local DoS due to an unsafe BUG_ON, guarded by siglock while switch_exit_pids() uses tasklist_lock. Affected version cited is kernel 2.6.16 (and possibly other 2.6.x). The conne...

CVE-2007-3732

The CVE-2007-3732 issue affects Linux 2.6 up to before 2.6.23, involving the TRACE_IRQS_ON function in iret_exc. The root cause is calling a C function without ensuring that processor segments are correctly set, specifically failing to restore the kernel %fs before the call and before enabling in...

CVE-2009-1527

CVE-2009-1527 affects the Linux kernel prior to 2.6.30-rc4, where a race condition in ptrace_attach (kernel/ptrace.c) can let local users escalate privileges during an exec that launches a setuid process. The root cause is locking of an incorrect cred_exec_mutex object, enabling a PTRACE_ATTACH p...

CVE-2010-1446

CVE-2010-1446 affects KGDB in the Linux kernel on PowerPC, where arch/powerpc/mm/fsl_booke_mmu.c does not perform a proper security check for access to a kernel page. Local users could overwrite arbitrary kernel memory. The vulnerability is noted across multiple advisories (e.g., Debian DSA-2053-...

CVE-2014-5332

The CVE-2014-5332 entry affects NVIDIA Tegra Linux Kernel 3.10 and its NVMap driver. A race condition in the NVMAP_IOC_CREATE path can trigger a use-after-free in nvmap_handle during concurrent creation/duplication of handles, enabling a local attacker to escalate privileges (e.g., escaping Chrom...

CVE-2016-10154

CVE-2016-10154 affects Linux kernel 4.9.x prior to 4.9.1. The smbhash function in fs/cifs/smbencrypt.c interacts incorrectly with CONFIG_VMAP_STACK, enabling local users to trigger a denial of service (system crash or memory corruption) or other unspecified impacts by exploiting use of more than ...

CVE-2016-6756

CVE-2016-6756 describes an information-disclosure vulnerability affecting Qualcomm components (including the camera driver and video driver) on Android. The issue could allow a local malicious application to access data outside its permission level, with root cause tied to a privileged-process co...

CVE-2016-8402

Technical details (affected components, root cause, fixes, or in-wild exploit status) for CVE-2016-8402 are not provided in the connected documents. Monitor official advisories and vendor updates for new information.

CVE-2016-8409

CVE-2016-8409 is an information-disclosure vulnerability in the NVIDIA video driver on Android (Kernel-3.10). It could allow a local malicious app with access to a privileged process to read data outside its permission levels on affected devices (e.g., Nexus 9). The issue is labeled Moderate in s...

CVE-2016-8481

CVE-2016-8481 describes an elevation of privilege vulnerability in the Qualcomm sound driver on Android. A local malicious application could potentially execute arbitrary code in the kernel context if it first compromises a privileged process. The issue affects Android devices with affected kerne...

CVE-2017-0327

CVE-2017-0327 affects the NVIDIA crypto driver in the Android/Tegr­a kernel. The connected document notes that the vulnerability arises because an input buffer is copied to an output buffer without validating the input size, which may lead to memory corruption and a denial of service (the NVIDIA ...

CVE-2017-0330

CVE-2017-0330 affects NVIDIA’s Tegra kernel via the NVIDIA crypto driver. The connected NVIDIA security bulletin details that the vulnerability arises from a user-supplied pointer not being correctly validated in the crypto driver, potentially enabling denial of service or privilege escalation. A...

CVE-2017-0333

CVE-2017-0333 : An elevation of privilege in the NVIDIA GPU driver could allow a local malicious Android process to run arbitrary code in the kernel context on devices with Kernel-3.18. This could lead to a local permanent compromise and may require reflashing the OS to repair the device. The pro...

CVE-2017-0434

CVE-2017-0434 affects the Synaptics touchscreen driver in the Android kernel (Kernel-3.18). It is an elevation of privilege vulnerability that could allow a local malicious application to execute arbitrary code within the context of the touchscreen chipset after compromising a privileged process....

CVE-2017-0437

CVE-2017-0437 is an elevation-of-privilege vulnerability in the Qualcomm Wi‑Fi driver on Android. The issue could allow a local malicious app to execute arbitrary code in the kernel context by exploiting the Qualcomm Wi‑Fi driver, with the Android kernel versions cited as Kernel-3.10 and Kernel-3...

CVE-2017-0460

CVE-2017-0460 describes a local elevation-of-privilege in the Qualcomm networking driver on Android, allowing a malicious local app to execute code in the kernel. Affected are Android kernels 3.10 and 3.18; the exploit requires compromising a privileged process and does not appear to be remotely ...

CVE-2017-0462

CVE-2017-0462 describes an elevation-of-privilege vulnerability in the Qualcomm Seemp driver that could allow a local malicious Android application to execute arbitrary code in the kernel context. Affected product is Android with Kernel-3.18; Android ID A-33353601. The base impact is high, requir...

CVE-2017-0528

CVE-2017-0528 is described as an elevation-of-privilege vulnerability in the Android kernel security subsystem (kernel 3.18) that could allow a local malicious application to run code in the context of a privileged process. The initial documentation specifies Android/Kernel-3.18 and Android ID A-...

CVE-2017-0583

CVE-2017-0583 describes an elevation of privilege vulnerability in the Qualcomm CP access driver on Android, enabling a local malicious application to execute arbitrary code in the kernel context. Affected components include the Qualcomm CP access driver within Android kernel versions such as 3.1...

CVE-2017-8066

Affected software/component: Linux kernel drivers/net/can/usb/gs_usb.c in 4.9.x and 4.10.x prior to 4.10.2. Root cause: Interaction with CONFIG_VMAP_STACK allows a local attacker to cause a denial of service or memory corruption by leveraging multiple virtual pages for a DMA scatterlist. Impact: ...

CVE-2019-12818

CVE-2019-12818 affects the Linux kernel prior to 4.20.15. The issue is in the NFC LLCP code: nfc_llcp_build_tlv in net/nfc/llcp_commands.c may return NULL, and if the caller neglects to check, a NULL pointer dereference can occur, leading to denial of service. The vulnerability impacts nfc_llcp_b...

CVE-2022-48782

In the Linux kernel, CVE-2022-48782 concerns a use-after-free in the MCTP route logic. Specifically, after mctp_key_add() fails, the freed key is later used in trace_mctp_key_acquire(), creating memory-safety issues. A fix is described as adding an else branch to use the key only when mctp_key_ad...

CVE-2022-49030

The CVE-2022-49030 issue affects the Linux kernel component libbpf, specifically a size overflow in ringbuf mmap when mapping producer and data pages. The root cause is an overflow of the 32-bit read/write region size (max 2GB ringbuf on x86-64) due to computing 2 * max_entries, which can overflo...

CVE-2022-49808

CVE-2022-49808 concerns the Linux kernel net: dsa teardown path where tagger-owned storage could leak on unbind. The provided description explains the root cause: in the dsa switch teardown path, tag_ops->disconnect was not properly dismantled during normal driver teardown, risking use-after-f...

CVE-2022-49820

CVE-2022-49820 concerns the Linux kernel mctp i2c flow release logic. The issue arises when release_count > i2c_lock_count, triggering a WARN_ONCE due to expiring a flow before sending the first packet and not pairing the release increment with the i2c lock operation. The fix adds a guard: onl...