14330 matches found
CVE-2022-48996
CVE-2022-48996 affects the Linux kernel DAMON subsystem. The vulnerability stems from damon_sysfs_set_schemes() making assumptions that the DAMON context has no schemes, leading to incorrect creation of schemes during online tuning and a higher memory footprint. The fix, described in the commit t...
CVE-2017-0610
CVE-2017-0610 is a local privilege-escalation in the Qualcomm sound driver on Android, enabling a malicious local app to run arbitrary code in the kernel context. Affected software:Android kernel versions 3.10 and 3.18 with the Qualcomm sound subsystem. Root cause centers on elevation of privileg...
CVE-2017-8071
CVE-2017-8071 affects the Linux kernel: the file drivers/hid/hid-cp2112.c in 4.9.x before 4.9.9 uses a spinlock that does not account for sleeping during a USB HID request callback, allowing a local attacker to cause a denial of service via deadlock. The vulnerability is specific to the HID CP210...
CVE-2022-49791
The CVE-2022-49791 entry is about a Linux kernel issue in io_uring where a multishot accept request can leak if REQ_F_POLLED is set and the code misclassifies the operation as multishot from the polling path. The problem could lead to leaking the request by a skip-completion path, and the remedia...
CVE-2022-49798
CVE-2022-49798 describes a race in the Linux kernel tracing eprobes where the event’s triggers could be invoked before the event record is populated, risking a NULL dereference. This is caused by a flag set for eprobes after enabling the eprobe, potentially triggering at the start of the event wh...
CVE-2022-49904
The CVE-2022-49904 entry documents a Linux kernel vulnerability in net/neigh: a null-ptr-deref in neigh_table_clear() that occurs when IPv6 initialization fails and cleanup calls pneigh_queue_purge() with a NULL device. The fix, as described, is to pass NULL to pneigh_queue_purge() in neigh_ifdow...
CVE-2022-50014
CVE-2022-50014 is a Linux kernel issue resolved by removing FOLL_COW and tightening COW handling in mm/gup. The advisories state that FOLL_FORCE could cause a read-only, shared page to become writable, enabling local exploitation similar to Dirty COW, particularly via exclusive anonymous pages an...
CVE-2022-50096
CVE-2022-50096 – Linux kernel (x86/kprobes) : The issue arises from kprobes not correctly updating the kcb status flag after single-stepping, which could cause a kernel panic if another INT3 user runs immediately after due to misinterpretation of INT3 as kprobe single-stepping. The connected docu...
CVE-2022-50223
CVE-2022-50223 affects the Linux kernel on LoongArch where, when CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS are enabled, cpu_max_bits_warn() could trigger a runtime warning during /proc/cpuinfo display. The issue arises from iterating CPUs using NR_CPUS and is fixed by using nr_cpu_ids...
CVE-2023-52942
CVE-2023-52942 affects the Linux kernel’s cgroup/cpuset subsystem. The root cause was an incorrect check in update_parent_subparts_cpumask() that could allow a parent cpuset to be left with no effective CPUs even when there are tasks in it, potentially causing a system panic. The fix alters the e...
CVE-2023-53261
CVE-2023-53261 : Linux kernel coresight memory leak in acpi_buffer->pointer. The leak occurs because the temporary buffer is not freed before returning from acpi_get_dsd_graph(); the fix moves buf to acpi_coresight_parse_graph() and frees it prior to function return. Affected: Linux kernel (as...
CVE-2024-38631
The CVE-2024-38631 entry concerns the Linux kernel vulnerability in iio: adc: PAC1934 where an out-of-bounds array index could affect average current/voltage measurements. The hardware device supports 4 channels, but sysfs exposes additional “fake” channels for averages, which is the root cause. ...
CVE-2024-42233
CVE-2024-42233 concerns a Linux kernel issue in filemap_fault_recheck_pte_none() where a stale PTL could lead to a use-after-free after pte_unmap(). The fix replaces pte_offset_map() with pte_offset_map_nolock(), removing reliance on the PTL to protect the page table. Exploitation details are not...
CVE-2024-57991
CVE-2024-57991: Linux kernel WiFi driver rtW89 gating logic in rtw89_entity_recalc_mgnt_roles() caused a spurious soft lockup. The code’s for_each_entry loop attempted to abort only the inner loop with break; the outer loop continued, allowing the normalization to proceed and trigger a CPU stall ...
CVE-2024-58021
Technical details about CVE-2024-58021 (affected components, root cause, impact, and fix specifics) are not provided in the supplied documents; monitor for updates.
CVE-2025-38261
CVE-2025-38261 affects the Linux kernel on riscv. The root cause is improper handling of the SR_SUM CSR during task switches, where a sleeping function passed to put_user() could clear SR_SUM and trigger a crash under heavy load (e.g., with syz-stress). The patch adds saving and restoring SR_SUM ...
CVE-2025-38295
Consolidated data shows CVE-2025-38295 affects the Linux kernel Amlogic Meson DDR PMU driver (meson_ddr_pmu_create) where smp_processor_id() was used in a preemptible context. This caused kernel warnings during module loading. The root cause is unsafe CPU-ID retrieval in preemptible code; the fix...
CVE-2025-38322
CVE-2025-38322: Linux kernel perf/x86/intel crash fix. The issue caused a hard-lockup on Raptor Lake when perf metrics were invoked on cores not supporting perf, due to the is_topdown_event() function being used in place of is_topdown_count() during sample read after a regression introduced by co...
CVE-2025-38330
CVE-2025-38330 affects the Linux kernel, specifically a KUnit test path in firmware: cs_dsp_ctl_cache_init_multiple_offsets that could trigger an out-of-bounds read. root cause: mock_coeff_template.length_bytes used for register value allocations, later overridden to 8 bytes, causing incorrect te...
CVE-2025-38408
CVE-2025-38408 resolves a Linux kernel issue in genirq/irq_sim where the simulation work context pointers were not initialized safely. The root cause is using kmalloc() to allocate the simulation work context, which could leave pointers with random content and lead to invalid dereferences. The fi...
CVE-2025-38591
CVE-2025-38591 affects the Linux kernel and is resolved by a patch in the BPF verifier. The issue involved a narrowing context access check in BPF, where a program attempted to read a pointer field (offset 169) in __sk_buff (field sk at offset 168). The verifier incorrectly allowed this “narrower...
CVE-2025-38597
CVE-2025-38597 (Linux kernel, drm/rockchip): A vulnerability in vop2 binding for video-ports could dereference a null primary plane. The code binding a vop2 to a window searches for a primary-plane usable by the target port, but no check ensured a primary-plane was found before calling drm_crtc_i...
CVE-2025-39866
CVE-2025-39866 concerns a use-after-free in the Linux kernel’s fs writeback path, specifically __mark_inode_dirty() when the inode’s wb switching occurs. The root cause is a race during switching inode_writeback backends (wb) which can lead to use-after-free via wb_wakeup_delayed() accessing a fr...
CVE-2026-23455
TL;DR : CVE-2026-23455 is a Linux kernel vulnerability in netfilter nf_conntrack_h323, fixed by adding a check so the decoded length remains positive after subtracting the protocol discriminator. Affected component : Linux kernel, nf_conntrack_h323 DecodeQ931() UserUserIE path. Root cause : The d...
CVE-2026-43501
CVE-2026-43501 - Linux kernel IPv6 SRH headroom bug : The issue occurs in ipv6_rpl_srh_rcv() when decompressing and recompressing RFC 6554 Source Routing Headers, where the recompressed IPv6 header can grow beyond the received header. The root cause is an unsafe headroom handling in pskb_expand_h...
CVE-2026-45852
Summary of CVE-2026-45852 (Linux kernel RDMA/rxe): A double-free vulnerability exists in the rxe_srq_from_init path of the RDMA subsystem. The queue pointer is temporarily assigned to srq->rq.queue before copy_to_user(), so if copy_to_user() fails, cleanup frees the same memory twice when the ...
CVE-2026-53269
The CVE-2026-53269 issue exists in the Linux kernel’s netfilter synproxy path, where concurrent registration of hooks could race, affecting refcount blocks. A mutex was added to serialize access to refcount control blocks in frontends, mitigating the race. Connected OSV entries report patches for...
CVE-1999-0171
The CVE-1999-0171 issue is described in multiple connected sources as a denial-of-service in syslogd (notably on IRIX). SGI’s advisory attributes a buffer overrun in the syslogd binary that can crash the service, potentially enabling remote exploitation and DoS. The advisory states this vulnerabi...
CVE-2001-0907
CVE-2001-0907 affects Linux kernel 2.2.1–2.2.19 and 2.4.1–2.4.10. Local users can cause a denial of service by triggering a series of deeply nested symlinks, causing the kernel to spend excessive time when accessing the link. The provided documents do not specify a concrete remediation or patched...
CVE-2001-1399
CVE-2001-1399 refers to an off-by-one/byte-copy bug in the Linux kernel prior to 2.2.19 on x86 that could allow a local attacker to modify kernel memory. Public references in 2001 advisories (Mandrake MDKSA-2001:037, Debian DSA-047-1, Debian/OpenVAS entries) describe the CPIA driver and related x...
CVE-2002-1574
CVE-2002-1574 describes a buffer overflow in the ixj telephony card driver of Linux kernels prior to 2.4.20. Connected sources confirm the issue affects the ixj driver in Linux, and Red Hat advisories (RHSA-2004:044, RHSA-2004:106) reference this and indicate that updated kernel packages contain ...
CVE-2004-0596
The vulnerability CVE-2004-0596 affects the Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7. The root cause is a null dereference triggered when a non-existent device name is used, leading to local denial of service. Affected component: eql.c within...
CVE-2005-0767
CVE-2005-0767 is documented in multiple advisories as a race condition in the Radeon DRI driver. The vulnerability affects systems using the Linux kernel with Radeon DRI hardware accelerated graphics, where a local user with DRI privileges could potentially gain root privileges due to a race in t...
CVE-2009-2584
CVE-2009-2584 affects the SGI GRU driver in Linux kernels up to and including 2.6.30.2, on ia64 and x86 platforms. The vulnerability is an off-by-one error in the options_write function of drivers/misc/sgi-gru/gruprocfs.c that may allow a local user to overwrite arbitrary kernel memory via a craf...
CVE-2009-3043
The CVE-2009-3043 entry affects Linux kernel 2.6.31-rc before 2.6.31-rc8. The tty_ldisc_hangup function in drivers/char/tty_ldisc.c allows local users to trigger a denial of service (system crash, sometimes with a NULL pointer dereference) and may enable privilege escalation via certain pseudo-te...
CVE-2009-3280
The CVE-2009-3280 issue affects the Linux kernel CFG80211 code. Specifically, an Integer signedness error in the find_ie function inside net/wireless/scan.c can be triggered by malformed packets, leading to a denial of service (soft lockup). Affected version range is before 2.6.31.1-rc1. Multiple...
CVE-2013-1957
CVE-2013-1957 affects the Linux kernel: the clone_mnt function in fs/namespace.c on kernels before 3.8.6 does not correctly restrict changes to the MNT_READONLY flag, enabling local users to bypass a filesystem’s read-only property via a separate mount namespace. The issue is fixed in the 3.8.6 u...
CVE-2016-10289
CVE-2016-10289 is an elevation-of-privilege in the Qualcomm crypto driver that could allow a local malicious app to run arbitrary code in the kernel. Affected: Android devices using Kernel-3.10/3.18; impact described as high since exploitation requires a privileged process, plus user interaction ...
CVE-2016-8391
CVE-2016-8391 is an elevation-of-privilege in the Qualcomm sound driver on Android kernels (3.10, 3.18) that could allow a local malicious app to execute arbitrary kernel code. The issue requires compromising a privileged process. Public exploit details are not provided in the documents. The Andr...
CVE-2016-8395
CVE-2016-8395 - NVIDIA Camera driver (Android) : A stack-allocated buffer overwrite in the NVIDIA Camera component of the Tegra/Android kernel can allow a local attacker to cause a permanent local DoS or privilege escalation. The vulnerability is local (AV:L, PR:H) with high impact on availabilit...
CVE-2016-8442
CVE-2016-8442 describes a memory access vulnerability in the Android kernel (version 3.18) allowing a local attacker to access hypervisor memory due to insufficient input validation. Impact is local and memory confidentiality/integrity/availability can be affected. Mitigation is via Android secur...
CVE-2016-8456
CVE-2016-8456 describes an elevation of privilege vulnerability in the Broadcom Wi‑Fi driver used by Android on devices such as Nexus/Pixel families. The issue allows a local malicious application to execute arbitrary code in the kernel context, and it is rated High because an attacker must first...
CVE-2016-8468
CVE-2016-8468 is a local elevation-of-privilege vulnerability in Android’s Binder IPC mechanism. The issue could allow a locally malicious application to run arbitrary code with the privileges of a privileged process, requiring initial compromise of that privileged process. Affected are Android d...
CVE-2017-0335
CVE-2017-0335 affects the NVIDIA GPU driver on Android (Kernel-3.18) with a local elevation of privilege that could allow a malicious app to execute code in the kernel. Public details in the Android 2017-03-01/03-05 security bulletins indicate this vulnerability is addressed by patches delivered ...
CVE-2017-0337
CVE-2017-0337 describes a local privilege-escalation in the NVIDIA GPU driver affecting Android on Kernel-3.18. The vulnerability could let a local malicious process execute code in kernel context, potentially enabling a permanent device compromise that might require a OS reflashing to repair. Th...
CVE-2017-0458
CVE-2017-0458 is an elevation of privilege in the Qualcomm camera driver affecting Android on kernel-3.18. The vulnerability allows a local malicious application to run arbitrary code in kernel context, requiring compromise of a privileged process to exploit. Public references in CNVD/NVD indicat...
CVE-2017-0459
CVE-2017-0459 describes an information-disclosure vulnerability in the Qualcomm Wi‑Fi driver on Android (kernel 3.18). The flaw could allow a local malicious application to access data outside its permissions, and is categorized as Moderate because exploitation requires compromising a privileged ...
CVE-2017-0508
CVE-2017-0508 is an elevation-of-privilege flaw in the Android kernel’s ION subsystem (kernel version 3.18) that could allow a local malicious app to run arbitrary code in kernel context, potentially leading to permanent device compromise. The primary affected component is the kernel ION memory m...
CVE-2017-0533
CVE-2017-0533 corresponds to an information-disclosure vulnerability in the Qualcomm video driver on Android (kernel 3.18). The issue could allow a local malicious app to access data beyond its permissions, requiring initial compromise of a privileged process and user interaction per CVSS3 metric...
CVE-2017-0567
CVE-2017-0567 refers to an elevation-of-privilege flaw in the Broadcom Wi‑Fi driver on Android, allowing a local malicious app to run arbitrary code in the kernel context. The issue is triggered after compromising a privileged process and affects Android devices with kernel versions 3.10 and 3.18...