CVE-2005-3527

CVE-2005-3527 describes a race condition in the Linux 2.6 kernel’s do_coredump (signal.c) that can cause a denial of service when a core dump is triggered in one thread while another thread has a pending SIGSTOP. The vulnerability is a kernel-level issue affecting 2.6-series kernels as cited by m...

CVE-2005-3805

CVE-2005-3805 describes a locking issue in the POSIX timer cleanup on exit for Linux kernel 2.6.10–2.6.14 on SMP systems, enabling local users to cause a denial of service (deadlock) related to process CPU timers. Affected products/versions are Linux kernel 2.6.10–2.6.14 on SMP; the root cause is...

CVE-2005-4635

CVE-2005-4635 affects the Linux kernel via nl_fib_input in fib_frontend.c, where lack of validation for header and payload lengths allows remote attackers to trigger a denial of service (invalid memory reference) with malformed fib_lookup netlink messages. Affected lineage is kernels before 2.6.1...

CVE-2006-1862

The CVE-2006-1862 vulnerability affects the Linux kernel 2.6.x virtual memory implementation. It enables a local user to cause a denial of service (panic) by repeatedly running lsof, which can generate a heavy system load. Related advisories (RHSA-2006:0493 / CESA-2006:0493) document this issue a...

CVE-2009-3234

Affected software: Linux kernel 2.6.31-rc1. The vulnerability is a buffer overflow in the perf_copy_attr function of kernel/perf_counter.c, exploitable via perf_counter_open. Local attackers can crash the kernel (denial of service) and may execute arbitrary code. No exploitation status or patch d...

CVE-2010-2653

CVE-2010-2653 concerns a race condition in the Linux kernel’s hvc_close function (drivers/char/hvc_console.c). The vulnerability affects Linux kernels before 2.6.34 and can enable a local attacker to cause a denial of service or potentially other impact by closing a Hypervisor Virtual Console dev...

CVE-2011-2906

The issue is an integer signedness error in the Linux kernel's pmcraid_ioctl_passthrough under drivers/scsi/pmcraid.c, affecting pre-3.1 kernels. It may allow local attackers to cause denial of service via a negative size value in an ioctl call, typically in environments with a privileged program...

CVE-2013-1957

CVE-2013-1957 affects the Linux kernel: the clone_mnt function in fs/namespace.c on kernels before 3.8.6 does not correctly restrict changes to the MNT_READONLY flag, enabling local users to bypass a filesystem’s read-only property via a separate mount namespace. The issue is fixed in the 3.8.6 u...

CVE-2016-10289

CVE-2016-10289 is an elevation-of-privilege in the Qualcomm crypto driver that could allow a local malicious app to run arbitrary code in the kernel. Affected: Android devices using Kernel-3.10/3.18; impact described as high since exploitation requires a privileged process, plus user interaction ...

CVE-2016-8397

CVE-2016-8397 affects the NVIDIA Tegra kernel driver (NVMAP) with an information-disclosure vulnerability: uninitialized stack memory may be leaked to user space, enabling data exposure from local, unprivileged contexts. CVSSv3 base score is 5.5 (LOCAL, LOW complexity, UI REQUIRED; confidentialit...

CVE-2016-8398

CVE-2016-8398 affects Android on kernels up to 3.18, where unauthenticated NAS messages can be processed by the UE when no EPS security context exists. This is a network-exploitable issue (no user interaction) with high impact to confidentiality, integrity, and availability (CVSSv3: AV:N/AC:L/PR:...

CVE-2016-8414

CVE-2016-8414 is an information-disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator affecting Android. It permits a local attacker with a compromised privileged process to access data outside its permissions. Affected components are the Android kernel (Kernel-3.10 a...

CVE-2016-8421

CVE-2016-8421 is an elevation-of-privilege vulnerability in the Qualcomm Wi‑Fi driver on Android. A local malicious app could execute arbitrary code in the kernel context by exploiting this driver vulnerability. Affected components/versions noted in provided docs include the Qualcomm Wi‑Fi driver...

CVE-2016-8428

CVE-2016-8428 affects NVIDIA Tegra kernel driver (NVMAP). The issue allows reading/writing memory outside the intended buffer boundary, potentially enabling a local attacker to escalate privileges or cause a denial of service. Impact is kernel context level on affected Android kernels; CVSS vecto...

CVE-2016-8434

CVE-2016-8434 is a local elevation-of-privilege vulnerability in the Qualcomm GPU driver that could allow a malicious local app to execute arbitrary code in the kernel context on Android with Kernel-3.10. The impact is a potential local root compromise. The vulnerability is documented in NVD with...

CVE-2016-8440

CVE-2016-8440 details (Android kernel 3.18): A buffer overflow in the SMMU system call, caused by improper input validation in the ADSP SID2CB system call, may lead to hypervisor memory overwrite. The vulnerability affects Android on Kernel 3.18 and is described with a high-severity impact (poten...

CVE-2016-8449

CVE-2016-8449 is an elevation-of-privilege vulnerability in the NVIDIA Tegra GPU/NVMAP kernel driver. The issue arises from referencing memory after it has been freed in NVMAP, which can allow a local attacker to escalate privileges and potentially execute code in kernel context. Affected platfor...

CVE-2016-8468

CVE-2016-8468 is a local elevation-of-privilege vulnerability in Android’s Binder IPC mechanism. The issue could allow a locally malicious application to run arbitrary code with the privileges of a privileged process, requiring initial compromise of that privileged process. Affected are Android d...

CVE-2017-0585

Technical details about CVE-2017-0585 are not provided in the connected documents; the inputs describe an information disclosure in the Broadcom Wi‑Fi driver affecting Android kernels but lack concrete exploit, affected versions, or fixes in these sources.

CVE-2017-0614

CVE-2017-0614 describes an elevation of privilege in the Qualcomm Secure Execution Environment Communicator driver on Android. The issue could allow a local malicious application to execute arbitrary code in the kernel context. Affected software/components: Android devices using Kernel-3.10 and K...

CVE-2017-0619

The CVE-2017-0619 entry describes an elevation-of-privilege vulnerability in the Qualcomm pin controller driver on Android kernels (Kernel-3.10). A local malicious app could execute arbitrary code in the kernel context. The CVSS indicates LOCAL access with HIGH impact on confidentiality, integrit...

CVE-2017-0628

CVE-2017-0628 is an information-disclosure vulnerability in the Qualcomm camera driver. The issue could allow a local malicious application to access data outside its permissions, requiring compromise of a privileged process. Affected: Android devices using Kernel-3.10 or Kernel-3.18 with Qualcom...

CVE-2017-0633

CVE-2017-0633 affects the Broadcom Wi‑Fi driver in Android. The Seebug entry details a information disclosure in the Broadcom bcmdhd driver where the host’s ioctl buffers to the dongle over SDIO are not cleared of unused memory before wldev_ioctl is invoked, causing uninitialized memory (includin...

CVE-2022-48897

CVE-2022-48897 affects the Linux kernel arm64 memory management, specifically a bug where pmd_leaf could be considered valid even when the PMD is invalid due to pmd_present_invalid. This caused file_map_count to be decremented and then incremented in multiple code paths, ultimately triggering a B...

CVE-2022-49798

CVE-2022-49798 describes a race in the Linux kernel tracing eprobes where the event’s triggers could be invoked before the event record is populated, risking a NULL dereference. This is caused by a flag set for eprobes after enabling the eprobe, potentially triggering at the start of the event wh...

CVE-2022-49849

CVE-2022-49849 fixes a Linux kernel flaw in the Btrfs dev_args_match_device path. When devid is set to (u64)-1 via ioctl, the match of devid may be skipped and device matching may succeed incorrectly. The issue was introduced by a patch that added the function used to match devices; the two match...

CVE-2022-50096

CVE-2022-50096 – Linux kernel (x86/kprobes) : The issue arises from kprobes not correctly updating the kcb status flag after single-stepping, which could cause a kernel panic if another INT3 user runs immediately after due to misinterpretation of INT3 as kprobe single-stepping. The connected docu...

CVE-2023-53178

The CVE-2023-53178 issue affects the Linux kernel zswap writeback path. A race in zswap can swap out a page (A) and later swap in a different page (B) for the same swap slot, potentially causing memory corruption. The published fix ensures that once the swap page cache is allocated, zswap-shrink ...

CVE-2024-57909

CVE-2024-57909 – Linux kernel iio bh1745 information leak : The vulnerability occurs in the IIO light driver (bh1745) where the ‘scan’ local struct used to push data to userspace from a triggered buffer is not initialized for inactive channels, since the code only uses iio_for_each_active_channel...

CVE-2025-21896

CVE-2025-21896 affects the Linux kernel fuse readahead path. The issue arose when converting readahead to folios: folio references were dropped after locking, breaking the expected reference on ap->folios during splice operations, risking use-after-free in readpages. The fix reverts to __reada...

CVE-2025-38041

CVE-2025-38041 concerns Linux kernel code: clk: sunxi-ng: h616 reparents the GPU clock to the GPU1 clock during frequency changes to mitigate panfrost OoOps and GPU hangs when performing device DVFS on the GPU. The vulnerability is effectively a local issue with the GPU clock DVFS pathway; the ex...

CVE-2025-38140

CVE-2025-38140 concerns a Linux kernel vulnerability in the dm (device-mapper) layer affecting devices with zone write plugs. The issue in dm_revalidate_zones() could cause the device’s zoned settings to diverge from the new table, and if zone write plug resources are present, reading bdev_zone_i...

CVE-2025-38270

CVE-2025-38270: In the Linux kernel, netdevsim with netpoll could trigger a napi_complete-related issue if napi_complete() is called from netpoll. The fix disables napi_complete() in netpoll paths for netdevsim to prevent premature SCHED state handling, addressing a warning observed in napi_compl...

CVE-2025-38408

CVE-2025-38408 resolves a Linux kernel issue in genirq/irq_sim where the simulation work context pointers were not initialized safely. The root cause is using kmalloc() to allocate the simulation work context, which could leave pointers with random content and lead to invalid dereferences. The fi...

CVE-2025-38413

CVE-2025-38413 : In the Linux kernel virtio-net XDP path (xsk RX), len passed to buf_to_xdp did not consistently account for virtio header length for the first buffer, risking an incorrect frame size check. The fix differentiates the first buffer from subsequent ones by introducing an extra param...

CVE-2025-38440

CVE-2025-38440 : In the Linux kernel, a race between disabling DIM and net_dim() in mlx5e can cause a NULL pointer dereference of rq->dim/sq->dim. The fix calls synchronize_net() before freeing the DIM context to ensure in-flight NAPI callbacks complete before the pointer is cleared, preven...

CVE-2025-38561

The CVE-2025-38561 entry describes a race condition in ksmbd (Linux kernel) where Preauh_HashValue could race if a client sends multiple session setup requests. The provided documents confirm the vulnerability and its fix: the Preauh_HashValue value should not be freed during the session setup ph...

CVE-2025-38678

The CVE-2025-38678 vulnerability affects the Linux kernel’s netfilter nf_tables: a chain/flowtable update can contain duplicated devices in the same batch, leaving the second (duplicate) device unregistered and its hook not removed. This can occur during batch processing of device updates and is ...

CVE-2026-22992

Mode C: The CVE-2026-22992 issue affects the Linux kernel’s libceph stack. Root cause: mon_handle_auth_done() no longer propagates errors from ceph_auth_handle_reply_done(), so a failure during authentication could be misinterpreted by higher layers while msgr2 proceeds with session setup. Potent...

CVE-2026-31402

CVE-2026-31402 affects the Linux kernel NFSv4.0 server (nfsd) via the LOCK replay cache. A large lock owner in a denied LOCK can cause a slab-out-of-bounds write into the 112-byte replay buffer, corrupting adjacent heap memory. The issue can be triggered remotely by two cooperating NFSv4.0 client...

CVE-1999-0780

CVE-1999-0780 affects KDE klock. The vulnerability allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. The available connected documents confirm this specific behavior and do not provide additional technical details (e.g., root cause, affected versi...

CVE-1999-0782

KDE kppp is affected by CVE-1999-0782. Local users can create a directory in an arbitrary location by manipulating the HOME environment variable. The core issue is the use of HOME to determine user directories, enabling an attacker with local access to create files/directories outside their inten...

CVE-2002-0499

The CVE relates to the Linux kernel vulnerability where the d_path function truncates long pathnames without error in Linux kernel versions 2.2.20 and earlier, and 2.4.18 and earlier. This behavior can cause local users to cause programs to operate on incorrect directories, potentially enabling i...

CVE-2005-0977

The CVE-2005-0977 entry concerns the Linux kernel 2.6 tmpfs shmem_nopage function, where the address argument is not properly verified in shmem.c. This allows a local user to trigger a denial of service (kernel crash) via an invalid address. Public advisories (RHSA-2005:366 / CESA-2005:366) indic...

CVE-2006-6057

CVE-2006-6057 affects the Linux kernel (2.6.x up to 2.6.18) and possibly other OSes, notably Fedora Core 6, with a vulnerability in the GFS2 file system driver. The issue is triggered by a malformed gfs2 file stream that leads to a NULL pointer dereference in the init_journal function, causing a ...

CVE-2006-6128

The CVE-2006-6128 entry describes a local-denial-of-service vulnerability tied to the ReiserFS implementation in Linux kernel 2.6.18 (and possibly other versions). The issue arises when a malformed ReiserFS filesystem triggers memory corruption during a sync operation, enabling local users to cau...

CVE-2009-2584

CVE-2009-2584 affects the SGI GRU driver in Linux kernels up to and including 2.6.30.2, on ia64 and x86 platforms. The vulnerability is an off-by-one error in the options_write function of drivers/misc/sgi-gru/gruprocfs.c that may allow a local user to overwrite arbitrary kernel memory via a craf...

CVE-2016-10283

CVE-2016-10283 is an elevation-of-privilege flaw in the Qualcomm Wi‑Fi driver for Android that allows a local malicious app to execute arbitrary code in the kernel context after compromising a privileged process. The issue affects Kernel-3.10/3.18 Android builds (Android 5.x–7.x era devices inclu...

CVE-2016-10291

CVE-2016-10291 involves an elevation of privilege in the Qualcomm Slimbus driver affecting Android kernels (Kernel-3.10). The issue allows a local malicious app to execute arbitrary code in the kernel context via this driver. Public exploitation details are not provided in the supplied documents....

CVE-2016-6760

CVE-2016-6760: Elevation of privilege in Qualcomm Media Codecs affecting Android. A local malicious app could execute arbitrary code in a privileged process via the Qualcomm Media Codecs component. Affected products/versions include Android devices with Kernel 3.10 and 3.18. The issue is categori...