14330 matches found
CVE-2022-48882
CVE-2022-48882: In the Linux kernel, a macsec null-dereference could occur in the net/mlx5e hw-offload path when updating a SecY with extended packet number (epn) enabled. The macsec SA initialization would fetch salt and ssci from the rx_sa context, which may be unavailable during SecY property ...
CVE-2022-48964
The CVE-2022-48964 entry concerns a use-after-free in the Linux kernel ravb_rx_gbeth() path. The vulnerability arises when a socket buffer (skb) is freed by napi_gro_receive(), and later dereferenced, leading to potential memory corruption. The connected sources consistently describe this as a fi...
CVE-2022-48965
CVE-2022-48965 concerns a refcount leak in rockchip_gpiolib_register() within linux-5.x kernels. The root cause is a missing of_node_put() for the parent node after obtaining it with of_get_parent(). The fix adds of_node_put() at the end of of_pinctrl_get() to balance the refcount. Multiple advis...
CVE-2022-49079
CVE-2022-49079 involves the Linux kernel Btrfs zoned code. Root cause: btrfs_can_activate_zone() could be invoked with fs_devices->device_list_mutex already held, risking deadlock through a long call chain (insert_dev_extents -> find_free_extent -> can_allocate_chunk etc.). Mitigation de...
CVE-2022-49758
The CVE-2022-49758 entry concerns a Linux kernel issue in the uniphier-glue path where a call to resource_size(res) may dereference NULL if platform_get_resource() returns NULL. This is a local, low-privilege issue with high availability impact as described in the CVE (CVSS: AV:L/AC:L/PR:L/UI:N/S...
CVE-2022-49782
CVE-2022-49782 affects the Linux kernel perf subsystem, where __perf_event_overflow incorrectly handled missing SIGTRAP, allowing a scenario where hrtimer/irq work could re-enter kernel space before returning to user space. The fix introduces a 32‑bit hash of the current IP into pending_sigtrap t...
CVE-2022-49854
CVE-2022-49854 concerns the Linux kernel: a resource leak in the mctp_init() error path when mctp_neigh_init() returns an error. The issue is resolved by ensuring route resources are released in the error handling path, preventing leaks. Affected component: mctp subsystem in the kernel; impact is...
CVE-2022-49867
CVE-2022-49867 : In the Linux kernel IOSM driver (net: wwan: iosm), the device was registered without setting needs_free_netdev and free_netdev() was not called on unregister, causing a memory leak. The published patch enables needs_free_netdev to true at registration, so the netdev subsystem wil...
CVE-2022-49876
Summary: CVE-2022-49876 is a Linux kernel vulnerability in wifi/mac80211 that causes a general-protection fault when an interface’s status changes during active transmission. The issue stems from accessing sdata->bss after it is set to NULL during ieee80211_runtime_change_iftype/ieee80211_do_s...
CVE-2022-49912
CVE-2022-49912 is a Linux kernel vulnerability affecting btrfs qgroup self tests, where the old_roots ulist could leak on error paths when failing to add tree refs or remove extent data. The fix ensures the ulist is freed (ulist_free) before returning from the test paths, mitigating the leak. No ...
CVE-2023-52908
CVE-2023-52908 (Linux kernel): In drm/amdgpu, a potential NULL dereference could occur when the resource manager is NULL while printing debug information. The entry states this was fixed in the Linux kernel (drm/amdgpu: Fix potential NULL dereference). Concrete details in the connected docs point...
CVE-2023-53012
CVE-2023-53012 is documented across multiple connected advisories as a Linux kernel vulnerability affecting the thermal subsystem. The issue arises from calling put_device() before a successful device_register(), specifically in __thermal_cooling_device_register(), and is accompanied by unnecessa...
CVE-2023-53127
In CVE-2023-53127, the Linux kernel SCSI MPI3MR driver had a leak in the mpi3mr_remove() cleanup path (expander node leak) due to a missing resource cleanup. The fix adds the missing cleanup in .remove(), mitigating an information/resource leak with a Local attack vector and, per the NVD entry, a...
CVE-2024-38626
CVE-2024-38626 is a Linux kernel vulnerability related to FUSE. The issue occurs when a READ-INIT request is resent via a USE_NOTIFY_RESEND, causing the INIT request to be moved from processing to pending and potentially triggering a warning in fuse_request_end. The documented fix is to clear the...
CVE-2024-42266
CVE-2024-42266 relates to the Linux kernel btrfs module. The issue stems from the cow_file_range_inline() path not honoring the folio lock state on error, which can lead to an assertion panic or kernel bug when a folio becomes unlocked during buffered write handling in __extent_writepage()/extent...
CVE-2024-46690
The CVE-2024-46690 issue in the Linux kernel concerns nfsd4_deleg_getattr_conflict when a third‑party lease is present. The root cause was unsafe dereferencing of fl->c.flc_owner without verifying that fl->fl_lmops is the expected manager, leading to incorrect delegation handling. A patch r...
CVE-2024-56666
In Linux kernel, drm/amdkfd: Dereference null return value in pqm_uninit occurs when pdd = kfd_get_process_device_data could be NULL and is dereferenced without NULL-checking. This is a local, low-privilege issue with MEDIUM impact per CVSS v3.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). The CVE is m...
CVE-2024-56668
The CVE-2024-56668 issue affects the Linux kernel iommu/vt-d path where qi_batch could be NULL for nested parent domains, risking a kernel NULL pointer dereference and a potential memory leak due to lack of locking around domain->qi_batch allocation. The root cause is that qi_batch was not all...
CVE-2024-57877
The CVE is a Linux kernel arm64 flaw in ptrace NT_ARM_POE handling (poe_set): a temporary ctrl value is not initialized, so a zero-length SETREGSET can write an uninitialized value into target->thread.por_el0, potentially leaking up to 64 bits from the kernel stack. The patch fixes this by ini...
CVE-2024-57987
CVE-2024-57987 is a Linux kernel Bluetooth vulnerability in the btrtl driver. When inserting a USB dongle whose Realtek chip isn’t in ic_id_table, a NULL dereference could trigger a kernel oops. The fix adds a NULL check in btrtl_setup_realtek() to prevent the NULL pointer access. Affected: Linux...
CVE-2024-58022
CVE-2024-58022 relates to a NULL vs IS_ERR() handling bug in the Linux kernel’s mailbox th1520 path. The vulnerable code used to treat NULL returns from devm_ioremap() as errors consistent with IS_ERR() checks, which is incorrect since devm_ioremap() returns NULL on failure. The fixed description...
CVE-2025-21777
CVE-2025-21777 affects the Linux kernel ring-buffer metadata validation. The vulnerability stems from the subbuf index array (reader page and subbuffer order) potentially containing duplicates, which the validator did not check. If duplicates exist on the writer side, the ring buffer link list co...
CVE-2025-21788
Technical details for CVE-2025-21788 are not provided in the connected documents; the initial description does not reveal vendor/product/version specifics, affected components, or remediation. Monitor for updates.
CVE-2025-21813
CVE-2025-21813 affects the Linux kernel timers/migration code. The root cause is an off-by-one mis-count during the migration of the top CPU group to a new root, where the old root is pre-accounted as a child of the new root. After attaching the upcoming CPU’s top group, the expected children cou...
CVE-2025-21933
CVE-2025-21933: In the Linux kernel (ARM), a NULL pointer dereference can occur in pgtable when update_mmu_cache_range() is invoked with a NULL vmf, causing a NULL dereference in adjust_pte(). The issue is triggered by how PTE locks are acquired; the fix changes the lock decision to be based on w...
CVE-2025-38036
The CVE-2025-38036 entry describes a Linux kernel issue in drm/xe/vf where GuC communication required GT MMIO to be initialized. Root cause: gt->mmio was initialized late due to recent refactoring, causing GuC calls to xe_mmio_read|write() to crash with an NPD when attempting to access MMIO ad...
CVE-2025-38041
CVE-2025-38041 concerns Linux kernel code: clk: sunxi-ng: h616 reparents the GPU clock to the GPU1 clock during frequency changes to mitigate panfrost OoOps and GPU hangs when performing device DVFS on the GPU. The vulnerability is effectively a local issue with the GPU clock DVFS pathway; the ex...
CVE-2025-38125
The CVE (CVE-2025-38125) affects the Linux kernel’s net: stmmac driver, where a 0 ptp_rate could propagate to EST configuration, causing a division by zero. The fix adds a guard to ensure ptp_rate is non-zero before configuring EST, with an error path if zero is encountered. According to SUSE/Ope...
CVE-2025-38137
Technical details about CVE-2025-38137 (Linux kernel PCI/pwrctrl use-after-free due to rescan handling) are not provided in the connected documents. Public disclosures here list the CVE but do not elaborate affected versions, root cause, or fixes. Monitor for updates.
CVE-2025-38274
The CVE-2025-38274 issue affects the Linux kernel FPGA subsystem, specifically fpga_mgr_test_img_load_sgt(). The root cause was an allocation of sgt with kunit_kzalloc() without verifying success; later __sg_alloc_table() called memset() on sgt, causing a NULL pointer dereference if allocation fa...
CVE-2025-38527
CVE-2025-38527 affects the Linux kernel smb client (cifs_oplock_break). A race during unmount can lead to a use-after-free of cinode when the superblock is deactivated. The vulnerability occurs because cifs_oplock_break() may access cinode after the last superblock reference is released, triggeri...
CVE-2026-31413
CVE-2026-31413 — Linux kernel BPF verifier flaw (CVE-joined info from multiple sources) The issue arises in maybe_fork_scalars() when handling ARSH plus AND/OR with a constant in the BPF verifier. The code forks the verifier state; the pushed path previously used env->insn_idx + 1, so it re-ex...
CVE-2026-46317
CVE-2026-46317 concerns the Linux kernel KVM on arm64. A traversal of the array kvm->arch.nested_mmus[] occurs under kvm->mmu_lock, while kvm_vcpu_init_nested() reallocates the array and frees the old buffer with only kvm->arch.config_lock held. The fix moves the allocation outside the m...
CVE-1999-0195
Summary (CVE-1999-0195) : This is a DoS in the RPC portmapper where attackers can register/unregister RPC services or spoof services using a spoofed source IP (e.g., 127.0.0.1). Multiple connected records corroborate the behaviour, including Red Hat and SUSE advisories. The exact affected product...
CVE-2000-0227
The CVE-2000-0227 entry concerns the Linux 2.2.x kernel where the number of Unix domain sockets is not restricted by the wmem_max parameter. This allows a local attacker to cause a denial of service by requesting a large number of sockets. The linked sources confirm the affected platform and vuln...
CVE-2001-1056
The CVE affects the ip_masq_irc IP masquerading module 2.2. A remote attacker can bypass firewall restrictions by inducing the target to send a DCC SEND to a malicious server listening on port 6667, which may cause the module to treat that traffic as valid and permit the connection to the port sp...
CVE-2001-1396
CVE-2001-1396 corresponds to an off-by-one vulnerability in the CPIA driver of the Linux kernel prior to 2.2.19. Connected advisories confirm that this flaw could allow a local attacker to modify kernel memory, potentially impacting confidentiality and integrity (and with related disclosures, DoS...
CVE-2001-1400
CVE-2001-1400 describes a local denial-of-service issue in the Linux kernel before 2.2.19 where UDP port allocation could deadlock a system. Connected advisories confirm the vulnerability affects the Linux kernel up to 2.2.18 and are corrected in the 2.2.19 release (e.g., Mandrake MDKSA-2001:037 ...
CVE-2001-1551
Summary: CVE-2001-1551 affects the Linux kernel 2.2.19. The issue arises because CAP_SYS_RESOURCE is enabled for setuid processes, allowing local users to exceed disk quota restrictions during execution of setuid programs. What’s affected: Linux kernel 2.2.19 (setuid/process context). Impact (as ...
CVE-2002-0704
The CVE-2002-0704 entry concerns Netfilter (iptables) NAT capability leaking translated IP addresses in ICMP error messages for versions 1.2.6a and earlier. Affected component: Netfilter (iptables) NAT feature. Root cause: NAT leaks internal addresses in ICMP error messages. Impact: potential exp...
CVE-2002-1571
CVE-2002-1571 affects the Linux 2.4 kernel pre-2.4.19. The root cause is that the fninit instruction is assumed to clear all registers, which can cause an information leak on processors that do not clear all relevant SSE registers. The practical impact is potential leakage of information (partial...
CVE-2005-0177
CVE-2005-0177 relates to the Linux kernel: nls_ascii.c incorrectly sized the translation table (128 vs 256), enabling a buffer overflow that can crash the kernel (DoS). Public references in Ubuntu/SUSE/NVD describe the same issue affecting Linux kernels up to 2.6.8.1, with fixes provided in newer...
CVE-2005-1764
CVE-2005-1764 is a kernel vulnerability affecting Linux 2.6 on 64-bit x86 (x86_64). The issue arises because the 47‑bit address page guard is not used, leaving the system vulnerable to local DoS via AMD K8 bug exploitation. Documents confirm the flaw and note that updates/patches were released (e...
CVE-2005-2708
CVE-2005-2708 details: a flaw in Linux 2.4 kernel on 64‑bit x86 where exec.c’s search_binary_handler fails to check a return code under low virtual memory, enabling local users to trigger a denial of service (panic). Public discussions in Ubuntu/Bash contexts confirm the issue affects 64‑bit x86,...
CVE-2006-0555
Vulnerability: CVE-2006-0555 affects the Linux kernel prior to 2.6.15.5, where NFS client operations using O_DIRECT can cause the kernel to panic and crash (local denial of service). Affected product is the Linux kernel; root cause relates to direct I/O handling for NFS. Public advisories from Re...
CVE-2006-1523
CVE-2006-1523 affects the Linux kernel’s RCU signal handling: the __group_complete_signal function in signal.c may allow local DoS due to an unsafe BUG_ON, guarded by siglock while switch_exit_pids() uses tasklist_lock. Affected version cited is kernel 2.6.16 (and possibly other 2.6.x). The conne...
CVE-2006-2446
CVE-2006-2446 describes a race condition between kfree_skb and __skb_unlink in Linux kernel socket buffer handling (Linux kernel 2.6.9 and possibly others) that can allow remote attackers to cause a denial of service (crash) as demonstrated by TCP stress tests in the LTP suite. Connected document...
CVE-2009-1243
The issue affects the Linux kernel prior to 2.6.29.1, where an unlocking step in the udp seq_file infrastructure can be triggered under certain conditions. This allows local users to cause a denial of service (panic) by reading zero bytes from /proc/net/udp (and unspecified other files). Root cau...
CVE-2010-1446
CVE-2010-1446 affects KGDB in the Linux kernel on PowerPC, where arch/powerpc/mm/fsl_booke_mmu.c does not perform a proper security check for access to a kernel page. Local users could overwrite arbitrary kernel memory. The vulnerability is noted across multiple advisories (e.g., Debian DSA-2053-...
CVE-2011-4112
CVE-2011-4112 affects the Linux kernel net subsystem prior to 3.1. The issue arises from improper restriction of the IFF_TX_SKB_SHARING flag, enabling local users with CAP_NET_ADMIN to access /proc/net/pktgen/pgctrl and, using the pktgen package with a bridge device for a VLAN interface, trigger ...