14330 matches found
CVE-2017-0432
CVE-2017-0432 describes an elevation of privilege in the MediaTek driver for Android, allowing a local malicious application to execute arbitrary code in the kernel context. The issue is tied to the MediaTek driver within Android’s kernel (Kernel-3.10) and is considered High severity because it r...
CVE-2017-0442
CVE-2017-0442 describes an elevation-of-privilege in the Qualcomm Wi‑Fi driver on Android, allowing a local malicious app to execute arbitrary code in the kernel context. The vulnerability, affecting Android devices with Qualcomm Wi‑Fi components, is mitigated by requiring compromise of a privile...
CVE-2017-0516
CVE-2017-0516 is described as an elevation of privilege in the Qualcomm input hardware driver that could enable a local malicious app to execute code in the kernel context on Android devices. Public sources consistently list affected products as Android with kernel versions 3.10 and 3.18; Android...
CVE-2017-0519
CVE-2017-0519 describes an elevation-of-privilege vulnerability in the Qualcomm fingerprint sensor driver for Android (kernel 3.18). A local attacker could exploit this to execute arbitrary code in the kernel context by compromising a privileged process. The entry remains focused on Android and k...
CVE-2017-0526
CVE-2017-0526 describes an elevation-of-privilege vulnerability in the HTC Sensor Hub Driver affecting Android on Kernel-3.10. The issue could allow a local, malicious application to execute arbitrary code within the kernel context after compromising a privileged process. The Android ID is A-3389...
CVE-2017-0606
CVE-2017-0606 is an elevation-of-privilege flaw in the Qualcomm sound driver affecting Android kernels 3.10 and 3.18. The vulnerability could allow a local malicious app to execute arbitrary code in the kernel context via the Qualcomm sound subsystem (e.g., /dev/voice_svc driver). The issue is cl...
CVE-2017-0611
CVE-2017-0611 is an elevation of privilege in the Qualcomm sound driver on Android that could allow a local attacker to run code in kernel context. Affected: Android devices using Kernel-3.10 and Kernel-3.18 (Android ID A-35393841). The entry is listed in multiple sources (NVD/NVD list and CVE re...
CVE-2017-0622
CVE-2017-0622 targets the Goodix touchscreen driver in Android, enabling local elevation of privilege to execute code in the kernel via a compromised privileged process. Public details specify Android kernel 3.10 and the Goodix driver as the vulnerable component, with high impact (kernel context ...
CVE-2017-0623
CVE-2017-0623 describes an elevation-of-privilege vulnerability in the HTC bootloader that could allow a local malicious app to execute arbitrary code within the bootloader context. Affected software is Android on Kernel-3.18, with device-specific impact noted for Pixel and Pixel XL in the CVE li...
CVE-2017-8065
CVE-2017-8065 affects the Linux kernel (4.9.x and 4.10.x up to 4.10.12). The issue arises from how crypto/ccm.c interacts with CONFIG_VMAP_STACK, enabling a local attacker to cause a denial of service (system crash or memory corruption) by leveraging use of more than one virtual page for a DMA sc...
CVE-2022-3630
The CVE-2022-3630 entry concerns the Linux kernel, specifically the fs/fscache/cookie.c component used by IPsec. The vulnerability is described as a memory leak resulting from a manipulation in that code path. A patch is recommended to fix the issue, and the vulnerability is associated with VDB-2...
CVE-2022-49744
The CVE-2022-49744 entry concerns a Linux kernel mm/uffd issue: when forking, the dst_vma may not inherit VM_UFFD_WP even if the src has it, leading to a stale pte marker and potential access to a corrupted page. The fix is a two‑patch series under “mm: Fixes on pte markers” that hardens pte mark...
CVE-2022-49817
Summary of CVE-2022-49817 (Linux kernel) : The MHI network driver (mhi_net_dellink) leaked memory because it registered a net device without setting needs_free_netdev and did not call free_netdev on unregister. The concrete remediation is a patch that adds free_netdev() usage since netdev_priv is...
CVE-2022-49820
CVE-2022-49820 concerns the Linux kernel mctp i2c flow release logic. The issue arises when release_count > i2c_lock_count, triggering a WARN_ONCE due to expiring a flow before sending the first packet and not pairing the release increment with the i2c lock operation. The fix adds a guard: onl...
CVE-2022-50058
CVE-2022-50058 affects the Linux kernel's vdpa_sim_blk: a missing initialization of nas and ngroups can cause a kernel NULL pointer dereference when creating a new vdpa_sim_blk device, leading to a panic in vhost_iotlb_add_range_ctx. The issue arises from commit changes adding nas/ngroups to vdpa...
CVE-2023-20659
CVE-2023-20659 concerns a local out-of-bounds write in the WLAN path of a MediaTek/ALPS component, caused by a missing bounds check. The issue can lead to local privilege escalation with System execution privileges needed; exploitation does not require user interaction. The patch reference provid...
CVE-2023-20679
CVE-2023-20679 affects MediaTek WLAN in which a missing bounds check allows an out-of-bounds read, enabling local escalation of privilege without user interaction. Impact: confidentiality impact listed as high; privilege requirement is high with local attack vector, no UI interaction needed. Root...
CVE-2023-52934
The CVE-2023-52934 entry concerns the Linux kernel MADV_COLLAPSE path in mm/madvise. A commit changing find_pmd_or_thp_or_none() from returning SCAN_PMD_NULL when !pmd_present(pmde) to returning SCAN_PMD_NONE when pmd_none(pmde) was introduced to better distinguish none-pmd vs absent/present-pmd ...
CVE-2023-52980
The CVE-2023-52980 issue affects the Linux kernel ublk driver, specifically the SPDK ublk target when assigning very large queue depths. The root cause is that UBLK_MAX_QUEUE_DEPTH is 4096, and the calculation sizeof(struct ublk_queue) + depth * sizeof(struct ublk_io) can exceed 65535 when depth ...
CVE-2023-53055
CVE-2023-53055 : In the Linux kernel, fscrypt_destroy_keyring() must be called after all potentially-encrypted inodes are evicted, specifically after security_sb_delete(), because inodes in-use by the Landlock LSM are not evicted until that point. If called earlier, a WARN_ON may lead to a NULL d...
CVE-2024-57914
CVE-2024-57914 : In the Linux kernel, a NULL pointer dereference can occur in the usb: typec: tcpci code when two Type‑C ports share one IRQ. The tcpci_irq() handler may dereference a NULL regmap if an interrupt arrives for the second port before its tcpci_register_port() completes, leading to an...
CVE-2024-58004
CVE-2024-58004 affects the Linux kernel’s media: intel/ipu6 path. The issue arises when a cpu latency QoS request is not removed on the error path, causing a corruption in the cpu latency QoS list (list_add corruption). The kernel log excerpt illustrates a corrupted list prev/next pointers during...
CVE-2025-21771
CVE-2025-21771 affects the Linux kernel sched_ext subsystem. It stems from incorrect autogroup migration detection in the cgroup/migration path where scx_move_task() could misclassify a non-root cgroup migration as autogroup root migration, triggering a warning. The fix changes the call path by a...
CVE-2025-38440
CVE-2025-38440 : In the Linux kernel, a race between disabling DIM and net_dim() in mlx5e can cause a NULL pointer dereference of rq->dim/sq->dim. The fix calls synchronize_net() before freeing the DIM context to ensure in-flight NAPI callbacks complete before the pointer is cleared, preven...
CVE-2025-38546
CVE-2025-38546 (Linux kernel: ATM clip memory leak) The vulnerability is in the ATM subsystem’s clip code. The ioctl ATMARPD_CTRL path assigns NULL to vcc->push(), which breaks the expected cleanup path and leaks memory for the allocated struct clip_vcc during ATMARP handling. The root cause i...
CVE-2025-38561
The CVE-2025-38561 entry describes a race condition in ksmbd (Linux kernel) where Preauh_HashValue could race if a client sends multiple session setup requests. The provided documents confirm the vulnerability and its fix: the Preauh_HashValue value should not be freed during the session setup ph...
CVE-2025-38671
CVE-2025-38671 affects the Linux kernel i2c: qup driver. Root cause: timeout handling only set a return value and did not exit the loop when a client keeps the bus active, enabling kernel hang (observed with PCA953x GPIO extender). Fix: change the logic to return via -ETIMEDOUT, jumping out of th...
CVE-2025-38678
The CVE-2025-38678 vulnerability affects the Linux kernel’s netfilter nf_tables: a chain/flowtable update can contain duplicated devices in the same batch, leaving the second (duplicate) device unregistered and its hook not removed. This can occur during batch processing of device updates and is ...
CVE-2026-31661
The CVE-2026-31661 issue affects the Linux kernel brcmsmac Wi‑Fi driver where dma_free_coherent() may free a size different from what dma_alloc_consistent() allocated (size may change for alignment). The fix changes the free size to the allocation size. Descriptions across multiple advisories (NV...
CVE-1999-0245
CVE-1999-0245 concerns Linux systems using NIS+ where certain configurations allowed an attacker to log in as the user "+". The connected sources consistently describe a login-as-+ issue arising from NIS+ configuration on Linux, but do not provide precise technical details such as affected versio...
CVE-1999-0414
The vulnerability CVE-1999-0414 affects Linux prior to 2.0.36, where remote attackers could spoof a TCP connection and pass data to the application layer before the three-way handshake completes. The root issue is the TCP connection handling that allows data to be injected prior to full establish...
CVE-2002-1572
CVE-2002-1572 describes a signed integer overflow in the Linux kernel’s bttv_read function of the bttv-driver.c (pre-2.4.20). The CVE entry notes the impact as unknown. Connected sources indicate a Red Hat kernel update (RHSA-2002:227) addressing kernel vulnerabilities, suggesting a remediation v...
CVE-2003-0187
The CVE pertains to the Netfilter connection-tracking core in Linux 2.4.20 where CONFIG_IP_NF_CONNTRACK or ip_conntrack causes DoS. Technical details in the connected records show a change in the linked-list API handling that affects UNCONFIRMED connections: Netfilter could fail to identify such ...
CVE-2005-3809
The CVE-2005-3809 vulnerability affects the Linux kernel (2.6.14 up to 2.6.14.3) in nfattr_to_tcp (ip_conntrack_proto_tcp.c) within ctnetlink. The issue allows an attacker to cause a denial-of-service (kernel oops) by sending an update message without private protocol information, triggering a nu...
CVE-2006-3085
CVE-2006-3085 affects the Linux kernel’s SCTP handling in xt_sctp within netfilter, where an SCTP chunk of length 0 can trigger a DoS either by an infinite loop (or crash in some reports). The vulnerability is listed as applicable to kernels before 2.6.17.1. Public references from multiple source...
CVE-2008-3077
The CVE-2008-3077 issue affects the Linux kernel (arch/x86/kernel/ptrace.c) on x86_64 before version 2.6.25.10. The function sys32_ptrace leaks task_struct references, enabling local attackers to trigger a denial of service (system crash) and potentially other impacts via unknown vectors, possibl...
CVE-2008-3247
Technical details for CVE-2008-3247 are not provided in the supplied documents. Monitor for updates.
CVE-2009-3888
CVE-2009-3888 affects the Linux kernel up to version 2.6.31.5; the vulnerability is in do_mmap_pgoff in mm/nommu.c when an MMU is absent. Local users can trigger a denial of service (OOPS) by allocating a large amount of memory. A patch released in 2.6.31.6 fixes the issue; updating to 2.6.31.6 o...
CVE-2010-2243
CVE-2010-2243 applies to the Linux kernel code path kernel/time/clocksource.c on non-GENERIC_TIME systems; triggering an OOPS when reading /sys/devices/system/clocksource/clocksource0/current_clocksource. The vulnerability is described for kernels before version 2.6.34. Connected sources confirm ...
CVE-2012-6543
The CVE-2012-6543 issue affects the Linux kernel (pre-3.6) in net/l2tp/l2tp_ip6.c, where l2tp_ip6_getname does not initialize a structure member. This uninitialized member can allow local attackers to read sensitive kernel stack memory via a crafted user-space application, constituting local info...
CVE-2016-10287
CVE-2016-10287 describes an elevation-of-privilege vulnerability in the Qualcomm sound driver within Android’s kernel. The issue could let a local malicious application execute arbitrary code in the kernel context, requiring prior compromise of a privileged process. Affected components/versions i...
CVE-2016-8398
CVE-2016-8398 affects Android on kernels up to 3.18, where unauthenticated NAS messages can be processed by the UE when no EPS security context exists. This is a network-exploitable issue (no user interaction) with high impact to confidentiality, integrity, and availability (CVSSv3: AV:N/AC:L/PR:...
CVE-2016-8427
CVE-2016-8427 affects the NVIDIA Tegra kernel driver (NVHOST). The connected NVIDIA bulletin entry for CVE-2016-8427 notes a memory-after-free vulnerability in NVHOST that can lead to denial of service or escalation of privileges, enabling a local attacker to execute code in kernel context. The i...
CVE-2016-8428
CVE-2016-8428 affects NVIDIA Tegra kernel driver (NVMAP). The issue allows reading/writing memory outside the intended buffer boundary, potentially enabling a local attacker to escalate privileges or cause a denial of service. Impact is kernel context level on affected Android kernels; CVSS vecto...
CVE-2016-8457
CVE-2016-8457 is a vulnerability in the Broadcom Wi‑Fi driver on Android. It enables a local, malicious application to gain elevated privileges by executing arbitrary code in the kernel context. The issue requires compromising a privileged process and is classified as High severity (CVSSv3.0: Loc...
CVE-2016-8459
CVE-2016-8459 (Android) describes a possible buffer overflow in the storage subsystem, triggered by bad parameters in RPMB listener responses. The issue affects Android kernel 3.18 and is associated with the RPMB command handling, potentially leading to a write/overflow condition in kernel memory...
CVE-2016-8475
CVE-2016-8475 describes an information-disclosure vulnerability in the HTC input driver on Android platforms running kernel 3.18. A local malicious application could access data outside its normal permission set after compromising a privileged process. The issue is documented as affecting Android...
CVE-2017-0438
CVE-2017-0438 is a local elevation-of-privilege issue in the Qualcomm Wi‑Fi driver for Android, enabling a local malicious app to run code in the kernel context. The vulnerability is tied to the Qualcomm Wi‑Fi stack and is listed under Android kernel versions 3.10 and 3.18 with Android IDs A-3240...
CVE-2017-0535
CVE-2017-0535 is an information disclosure in the HTC sound codec driver for Android hosted on Kernel-3.10. The issue permits a local attacker, after compromising a privileged process, to access data outside its permissions, implying a confidentiality risk limited to the affected kernel/device co...
CVE-2017-0577
CVE-2017-0577 is an elevation-of-privilege vulnerability in the HTC touchscreen driver for Android kernels (kernel 3.18) that could let a local malicious app execute code in the kernel context. The issue is triggered by compromising a privileged process and does not require network access or user...