CVE-2022-49847

CVE-2022-49847 concerns a segmentation fault in the Linux kernel's ti_am65 cpsw Ethernet driver (am65_cpsw_nuss) during module removal. The fix changes the cleanup sequence: am65_cpsw_nuss_phylink_cleanup() is moved to run after am65_cpsw_nuss_cleanup_ndev(), ensuring phylink remains valid while ...

CVE-2022-49854

CVE-2022-49854 concerns the Linux kernel: a resource leak in the mctp_init() error path when mctp_neigh_init() returns an error. The issue is resolved by ensuring route resources are released in the error handling path, preventing leaks. Affected component: mctp subsystem in the kernel; impact is...

CVE-2022-49857

CVE-2022-49857 – Linux kernel (Marvell Prestera) : A memory leak in prestera_rxtx_switch_init() was fixed. When prestera_sdma_switch_init() failed, the memory pointed to sw->rxtx wasn’t released. The connected documents confirm a fix was implemented to properly release resources; no exploitati...

CVE-2022-49859

CVE-2022-49859 concerns the Linux kernel net: lapbether vulnerability where if lapb_register() fails during the first up event, NAPI is not disabled and an invalid opcode can occur when the device goes up the second time. Public sources (Red Hat, Debian OSV, UBUNTU/Ubuntu OSV, Nessus/NASL, NVD/NV...

CVE-2022-50214

CVE-2022-50214 affects the Linux kernel coresight subsystem. Vulnerability: coresight_remove_match() does not clear the fwnode field when dropping references, causing a use-after-free and extra refcount drops if a device is removed after its peer. Impact: potential local use-after-free conditions...

CVE-2023-20661

CVE-2023-20661 affects the wlan component (MediaTek-related stack) and is caused by an out-of-bounds write resulting from an integer overflow. The vulnerability can lead to local privilege escalation with System execution privileges required and does not require user interaction. Reported impact ...

CVE-2023-52982

CVE-2023-52982 affects the Linux kernel fscache path for relinquished volumes. The root cause is a mismatch between wake_up_bit() and wait_var_event() on different wait-queues, which could prevent a waiter from waking and cause a hang if wake-ups are delayed. The fixes described in the sources sw...

CVE-2023-53127

In CVE-2023-53127, the Linux kernel SCSI MPI3MR driver had a leak in the mpi3mr_remove() cleanup path (expander node leak) due to a missing resource cleanup. The fix adds the missing cleanup in .remove(), mitigating an information/resource leak with a Local attack vector and, per the NVD entry, a...

CVE-2023-53136

CVE-2023-53136 concerns a Linux kernel af_unix memory leak in OOB support. The root cause is that queue_oob() may hold a reference on a pid via maybe_add_creds(), while skb->destructor is not set (directly or via unix_scm_to_skb()), allowing the reference to be leaked when the skb is freed. Sy...

CVE-2024-36976

MODE C CVE-2024-36976 concerns a Linux kernel issue that arose from a change in media: v4l2-ctrls related to log_status. The vulnerability is described as a deadlock risk introduced by the patch that attempted to show all owned controls in log_status, which has since been reverted. The provided d...

CVE-2024-56666

In Linux kernel, drm/amdkfd: Dereference null return value in pqm_uninit occurs when pdd = kfd_get_process_device_data could be NULL and is dereferenced without NULL-checking. This is a local, low-privilege issue with MEDIUM impact per CVSS v3.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). The CVE is m...

CVE-2024-57995

CVE-2024-57995 affects the Linux kernel’s wifi ath12k driver. In ath12k_mac_assign_vif_to_vdev(), if arvif is created on a different radio it is later freed via ath12k_mac_unassign_link_vif(), and a subsequent check on arvif could read freed memory (read-after-free). The fix relocates the check t...

CVE-2025-38036

The CVE-2025-38036 entry describes a Linux kernel issue in drm/xe/vf where GuC communication required GT MMIO to be initialized. Root cause: gt->mmio was initialized late due to recent refactoring, causing GuC calls to xe_mmio_read|write() to crash with an NPD when attempting to access MMIO ad...

CVE-2025-38237

CVE-2025-38237 pertains to the Linux kernel, specifically the media: platform: exynos4-is code path. The issue arises in fimc_is_hw_change_mode(), where camera mode changes occur without waiting for hardware completion, risking data corruption or system hangs if subsequent operations race with ha...

CVE-2025-38515

CVE-2025-38515 concerns a race in the Linux kernel’s DRM scheduler. The description states a small race between drm/sched spsc_queue_push and the run-job worker, where spsc_queue_push may return not-first while the worker has idled due to the job count reaching zero. The consequence is that job s...

CVE-2001-1395

CVE-2001-1395 is a vulnerability described as unknown in sockfilter for Linux kernel before 2.2.19. Connected sources corroborate an off-by-one issue in the CPIA driver that could allow a local kernel-memory write and potentially expose or compromise kernel integrity; remediation in practice is t...

CVE-2005-0179

CVE-2005-0179 affects the Linux kernel 2.4.x and 2.6.x, allowing a local user to cause a denial of service (CPU/memory exhaustion) and bypass RLIM_MEMLOCK via mlockall. Connected advisories (RHSA-2005:663, CentOS/CESA-2005:663) document kernel updates that fix this and related flaws; remediation ...

CVE-2006-3085

CVE-2006-3085 affects the Linux kernel’s SCTP handling in xt_sctp within netfilter, where an SCTP chunk of length 0 can trigger a DoS either by an infinite loop (or crash in some reports). The vulnerability is listed as applicable to kernels before 2.6.17.1. Public references from multiple source...

CVE-2007-0997

CVE-2007-0997 describes a race condition in the Linux kernel 2.6.17 through 2.6.17.6 affecting the tee (sys_tee) system call. The issue could allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified ve...

CVE-2008-0163

The CVE affects Linux kernel 2.6 in vserver setups, where a symlink issue in /proc allows local attackers to access resources across vservers (CVE-2008-0163). Public advisories confirm affected packages and indicate fixes: Debian DSA-1494-1/2 address linux-2.6 vulnerabilities and upgrade to a pat...

CVE-2008-3911

The CVE-2008-3911 issue affects the Linux kernel 2.6.26.3, specifically the proc_do_xprt function in net/sunrpc/sysctl.c, which does not validate the length of a user-supplied buffer when reading /proc/sys/sunrpc/transports. This can allow local users to overflow a stack-based buffer and cause un...

CVE-2010-5328

The CVE affects the Linux kernel, specifically signals targeting a process group ID of zero reaching the swapper due to a flaw in include/linux/init_task.h prior to 2.6.35. This allows a local user to trigger a denial of service (system crash). The vulnerability is caused by insufficient filterin...

CVE-2013-3233

CVE-2013-3233 affects the Linux kernel NFC subsystem: llcp_sock_recvmsg in net/nfc/llcp/sock.c does not initialize a length variable and a data structure, enabling local users to leak kernel-stack information via crafted recvmsg/recvfrom calls. The flaw is in kernels before 3.9-rc7. Impact is loc...

CVE-2015-8019

The CVE-2015-8019 entry concerns the Linux kernel up to at least versions 3.14.54 and 3.18.22, where skb_copy_and_csum_datagram_iovec does not enforce a length argument. Root cause: a missing length argument in the function affects data handling in datagram processing, enabling local users to tri...

CVE-2016-6755

CVE-2016-6755 is an elevation-of-privilege vulnerability in the Qualcomm camera driver for Android, affecting Kernel-3.10 and Kernel-3.18. It allows a local attacker to execute arbitrary code in kernel context after compromising a privileged process. Affected devices include Nexus 5X, Nexus 6, Ne...

CVE-2016-6780

CVE-2016-6780 is described as an elevation-of-privilege in the HTC sound codec driver that could allow a local malicious application to execute arbitrary code in the kernel context on Android (kernel-3.10). Affected product/any specifics beyond Android and Nexus 9 are not provided in the Initial ...

CVE-2016-8466

CVE-2016-8466 is an elevation of privilege vulnerability in the Broadcom Wi‑Fi driver affecting Android with kernel components (Kernel-3.10, Kernel-3.18). The issue allows a local malicious application to execute arbitrary code in the kernel context after compromising a privileged process. The en...

CVE-2016-8480

CVE-2016-8480 is an elevation-of-privilege issue in the Qualcomm Secure Execution Environment Communicator driver on Android. It could allow a local malicious application to execute arbitrary code in the kernel context after compromising a privileged process. Affected components/conditions: Andro...

CVE-2017-0307

Summary (CVE-2017-0307) : A vulnerability in the NVIDIA Tegra kernel DRM driver can trigger an integer overflow while calculating memory to allocate, causing a smaller-than-needed allocation and a potential buffer overflow. This may lead to denial of service or possible privilege escalation withi...

CVE-2017-0432

CVE-2017-0432 describes an elevation of privilege in the MediaTek driver for Android, allowing a local malicious application to execute arbitrary code in the kernel context. The issue is tied to the MediaTek driver within Android’s kernel (Kernel-3.10) and is considered High severity because it r...

CVE-2017-0442

CVE-2017-0442 describes an elevation-of-privilege in the Qualcomm Wi‑Fi driver on Android, allowing a local malicious app to execute arbitrary code in the kernel context. The vulnerability, affecting Android devices with Qualcomm Wi‑Fi components, is mitigated by requiring compromise of a privile...

CVE-2017-0447

CVE-2017-0447 describes an elevation-of-privilege flaw in the HTC touchscreen driver that could allow a local malicious application to execute arbitrary code in the kernel context on Android devices. The vulnerability is tied to the Android kernel (Kernel-3.18) and affects Android devices leverag...

CVE-2017-0457

The CVE-2017-0457 entry describes an elevation of privilege in the Qualcomm ADSPRPC driver on Android, allowing a local malicious app to execute arbitrary code in the kernel context. Affected components/versions include Android kernel 3.10 and 3.18 with the ADSPRPC driver as the exploit vector; t...

CVE-2017-0519

CVE-2017-0519 describes an elevation-of-privilege vulnerability in the Qualcomm fingerprint sensor driver for Android (kernel 3.18). A local attacker could exploit this to execute arbitrary code in the kernel context by compromising a privileged process. The entry remains focused on Android and k...

CVE-2017-0611

CVE-2017-0611 is an elevation of privilege in the Qualcomm sound driver on Android that could allow a local attacker to run code in kernel context. Affected: Android devices using Kernel-3.10 and Kernel-3.18 (Android ID A-35393841). The entry is listed in multiple sources (NVD/NVD list and CVE re...

CVE-2017-0623

CVE-2017-0623 describes an elevation-of-privilege vulnerability in the HTC bootloader that could allow a local malicious app to execute arbitrary code within the bootloader context. Affected software is Android on Kernel-3.18, with device-specific impact noted for Pixel and Pixel XL in the CVE li...

CVE-2017-0651

CVE-2017-0651 is an information-disclosure vulnerability in the Android kernel ION subsystem (Kernel-3.18). A local malicious application could access data outside its permissions after compromising a privileged process. The issue is listed as Low severity in the 2017-06-05 patch level, with Andr...

CVE-2017-8061

The CVE-2017-8061 issue affects Linux kernels 4.9.x and 4.10.x prior to 4.10.7, where dvb-usb-firmware.c mishandles CONFIG_VMAP_STACK, allowing local users to trigger a denial of service or memory corruption by using more than one virtual page for a DMA scatterlist. Root cause: incorrect interact...

CVE-2017-8065

CVE-2017-8065 affects the Linux kernel (4.9.x and 4.10.x up to 4.10.12). The issue arises from how crypto/ccm.c interacts with CONFIG_VMAP_STACK, enabling a local attacker to cause a denial of service (system crash or memory corruption) by leveraging use of more than one virtual page for a DMA sc...

CVE-2017-8070

CVE-2017-8070 affects the Linux kernel 4.9.x prior to 4.9.11. The issue is in drivers/net/usb/catc.c where interaction with CONFIG_VMAP_STACK allows a local user to trigger denial of service (system crash or memory corruption) by exploiting use of more than one virtual page for a DMA scatterlist....

CVE-2022-3630

The CVE-2022-3630 entry concerns the Linux kernel, specifically the fs/fscache/cookie.c component used by IPsec. The vulnerability is described as a memory leak resulting from a manipulation in that code path. A patch is recommended to fix the issue, and the vulnerability is associated with VDB-2...

CVE-2022-48750

Summary (CVE-2022-48750): The issue is in the Linux kernel hwmon driver for the nct6775 (clear_caseopen). It can crash with a NULL pointer dereference when clearing the chassis intrusion alarm, as the code path passes the hwmon device (not the platform device) and the platform data isn’t set. The...

CVE-2022-49745

The CVE-2022-49745 issue relates to the Linux kernel, specifically the fpga: m10bmc-sec component. The vulnerability centers on improper handling of probe error rollbacks, with the fix designed to prevent leaks during probe rollback paths. Public documents confirm the issue was resolved by addres...

CVE-2022-49851

CVE-2022-49851 — Linux kernel (RISC-V) reserved memory setup Vulnerability context: The issue arises in how RISC-V sets up reserved memory using the early device-tree copy. The pointer to reserved memory regions can be an early, pre-virtual-memory address when accessed via of_reserved_mem_lookup(...

CVE-2022-49852

Summary (CVE-2022-49852) : In the Linux kernel (riscv), thread_struct::s[12] may leak random kernel memory to userspace, exposing confidential data and impacting availability. The fix clears s[12] in thread_struct during fork, and it is advised to also clear s[12] for kthread cases. Affected: Lin...

CVE-2022-49876

Summary: CVE-2022-49876 is a Linux kernel vulnerability in wifi/mac80211 that causes a general-protection fault when an interface’s status changes during active transmission. The issue stems from accessing sdata->bss after it is set to NULL during ieee80211_runtime_change_iftype/ieee80211_do_s...

CVE-2023-20679

CVE-2023-20679 affects MediaTek WLAN in which a missing bounds check allows an out-of-bounds read, enabling local escalation of privilege without user interaction. Impact: confidentiality impact listed as high; privilege requirement is high with local attack vector, no UI interaction needed. Root...

CVE-2023-20712

CVE-2023-20712 affects MediaTek WLAN code (wlan module) and is due to a missing bounds check, enabling an out-of-bounds write that can yield local privilege escalation to System level. Exploit requires LOCAL access with HIGH privileges and no user interaction. Patch: ALPS07796914 (Issue ALPS07796...

CVE-2023-53069

CVE-2023-53069 concerns the Linux kernel octeontx2-vf driver: missing free for alloc_percpu leading to a memory leak in vf->hw.lmt_info. The fix adds free_percpu for the allocated structure, mirroring the existing pf->hw.lmt_info cleanup in otx2_pf.c. This change reduces a local memory leak...

CVE-2024-56612

CVE-2024-56612 describes a Linux kernel vulnerability in mm/gup where unpin_user_pages() may dereference NULL pages in the pages** array when using pofs. The flaw was triggered by a configuration like x86 with numa=fake=2 movablecore=4G on Linux 6.12, leading to a kernel NULL pointer dereference ...