13690 matches found
CVE-2022-0168
CVE-2022-0168 is a Linux kernel local DoS in smb2_ioctl_query_info in fs/cifs/smb2ops.c caused by an incorrect return from memdup_user, allowing a privileged (CAP_SYS_ADMIN) local attacker to crash the system. Public details in connected sources reaffirm the same kernel-level flaw affecting CIFS ...
CVE-2009-1385
CVE-2009-1385 describes an integer underflow in the e1000/e1000e drivers of the Linux kernel (drivers/net/e1000/e1000_main.c) that can be triggered by a crafted frame size. Affects Linux kernel versions before 2.6.30-rc8 (and the e1000e driver) and Intel Wired Ethernet (e1000) before 7.5.5. Explo...
CVE-2019-16231
CVE-2019-16231 affects Linux kernel 5.2.14 through a NULL pointer dereference caused by failing to check the return value of alloc_workqueue in drivers/net/fjes/fjes_main.c. The description specifies this root cause and the potential impact (remote kernel crash) but does not provide details on af...
CVE-2021-20317
The connected documents confirm CVE-2021-20317 as a Linux kernel timerqueue race condition: a corrupted timer tree in timerqueue_add can cause wakeups to be missed, enabling a local attacker with special privileges to cause a denial of service (system hang/crash) while the system runs. No explici...
CVE-2023-4207
CVE-2023-4207 is a use-after-free in the Linux kernel net/sched cls_fw component leading to local privilege escalation. The flaw occurs when fw_change() copies the entire tcf_result into a new filter instance; on update, tcf_unbind_filter() runs on the old instance, decrementing the bound class’s...
CVE-2019-14897
CVE-2019-14897 affects the Linux kernel (kernel-2.6.32) Marvell WiFi chip driver. A stack-based buffer overflow in this driver can allow a remote attacker to cause a denial of service (system crash) or possibly execute arbitrary code when a STA operates in IBSS mode and connects to another STA. T...
CVE-2020-11609
CVE-2020-11609 affects the Linux kernel, specifically the stv06xx USB video driver family. The issue arises from mishandling of invalid USB device descriptors in the stv06xx.c and stv06xx_pb0100.c code paths, leading to a NULL pointer dereference. This can allow a locally‑present attacker with ac...
CVE-2021-28375
The CVE-2021-28375 issue affects the Linux kernel up to 5.11.6, specifically fastrpc_internal_invoke in drivers/misc/fastrpc.c, which does not prevent user-space processes from sending kernel RPC messages. This is a local, privilege-escalation risk (as indicated by related CVE-2019-2308) that cou...
CVE-2021-38199
CVE-2021-38199 concerns the Linux kernel’s NFSv4 client. The vulnerability arises from incorrect connection-setup ordering in fs/nfs/nfs4client.c, which can be triggered by remote NFSv4 servers during trunking detection, potentially causing a denial of service by hanging mounts. Connected advisor...
CVE-2022-38096
CVE-2022-38096 is a NULL pointer dereference in the vmwgfx GPU driver (vmxgfx_execbuf.c) of the Linux kernel, exploitable locally via the /dev/dri/renderD128 rendering device to gain elevated privileges and cause DoS. The primary affected component is the vmwgfx path in the Linux kernel’s GPU sub...
CVE-2023-6240
CVE-2023-6240 is documented as a Marvin vulnerability side-channel leakage in the Linux kernel RSA decryption operation. The connected Nessus entries confirm this CVE is listed among multiple advisories, referencing the same vulnerability block and associating it with Linux Kernel RSA decryption ...
CVE-2021-26930
CVE-2021-26930 affects the Xen PV backend: Linux kernel 3.11–5.10.16 Ker-branch Xen blkback.c grants mapping references from the frontend and may discard errors or fail to update internal state, causing the caller to access unmapped space. The result is potential denial of service, information le...
CVE-2024-26587
The CVE-2024-26587 issue in Linux kernel netdevsim could crash when destroying a netdevsim with VFs instantiated. The root cause was that PHC gets initialised in nsim_init_netdevsim() (only called for PF ports), but mock_phc_destroy() was not placed there, leading to a NULL pointer dereference du...
CVE-2017-6074
CVE-2017-6074 affects the Linux kernel up to 4.9.11, where dccp_rcv_state_process in net/dccp/input.c mishandles DCCP_PKT_REQUEST data in LISTEN state. This can allow a local user to gain root privileges or trigger a denial of service (double free) via an application using IPV6_RECVPKTINFO setsoc...
CVE-2019-15219
This CVE (CVE-2019-15219) affects the Linux kernel prior to 5.1.8. Description confirms a NULL pointer dereference caused by a malicious USB device in drivers/usb/misc/sisusbvga/sisusb.c, enabling local hardware interaction to crash the system. Connected advisories (Unity Linux UTSA-2026-003808 a...
CVE-2021-28038
CVE-2021-28038 is a Linux kernel issue (through 5.11.3 with Xen PV) where the netback driver mishandles grant mapping errors, leaving memory allocation/error conditions untreated. In a Xen PV setup, a misbehaving networking frontend driver can trigger a host OS denial of service (Dom0 crash) from...
CVE-2017-7895
CVE-2017-7895 affects the Linux kernel NFSv2/v3 server (fs/nfsd/nfs3xdr.c, fs/nfsd/nfsxdr.c). A remote attacker can craft requests that bypass end-of-buffer checks, triggering pointer-arithmetic errors or other unspecified impacts. Affected kernels include up to 4.10.13; remediation is to upgrade...
CVE-2019-3896
CVE-2019-3896 is described in connected documents as a kernel flaw: a double-free can occur in idr_remove_all() inside lib/idr.c of the Linux kernel 2.6 branch. An unprivileged local attacker could exploit this for privilege escalation or to crash the system (DoS). The affected component is the L...
CVE-2025-4598
The CVE-2025-4598 entry concerns a race condition in systemd-coredump that can let a local attacker read a crashed SUID process’s core dump. Affected component is systemd and its coredump handling; root cause is a kill-and-replace race where the kernel recycles a PID before systemd-coredump can a...
CVE-2014-0101
The CVE-2014-0101 issue affects the Linux kernel up to version 3.13.6, where the function sctp_sf_do_5_1D_ce in net/sctp/sm_statefuns.c does not validate certain auth_enable/auth_capable fields before sctp_sf_authenticate. This can enable a remote attacker to cause a denial of service by sending ...
CVE-2023-52445
The CVE-2023-52445 vulnerability (Linux kernel, media: pvrusb2) stems from a use-after-free when a context is disconnected during module load; a kthread may call pvr2_context_destroy and free the context before usb hub_event notification. The patch adds a sanity check to prevent the invalid read ...
CVE-2017-1000407
CVE-2017-1000407 affects the Linux kernel when built with KVM support, where an attacker can flood the diagnostic port 0x80 and trigger a kernel crash. Root cause: improper validation of user-supplied input at the diagnostic port, enabling denial of service via port flooding. Impact per public ad...
CVE-2020-25645
Summary: CVE-2020-25645 describes a confidentiality flaw in the Linux kernel’s GENEVE tunnel code when IPsec is used to encrypt traffic for the tunnel’s UDP port. In kernels before 5.9-rc7, traffic between two Geneve endpoints may be left unencrypted, allowing an attacker between the endpoints to...
CVE-2021-26932
CVE-2021-26932 affects Linux kernels 3.2 through 5.10.16 when used with Xen PV backends. The issue arises in grant-mapping error handling during batch hypercalls, where errors can be ignored or misreported, causing improper unmapping and potential downstream impact. Affected components include ar...
CVE-2018-8781
CVE-2018-8781 affects the Linux kernel udl_fb_mmap() in udl_fb.c, with an integer overflow from kernel 3.4 up to 4.15. It allows a local user with udldrmfb driver access to obtain full read/write permissions on kernel physical pages, enabling kernel-space code execution. No patch/version remediat...
CVE-2019-12455
CVE-2019-12455 affects the Linux kernel code path sunxi_divs_clk_setup in sunxi/clk-sunxi.c (through 5.1.5). The issue is an unchecked kstrndup of derived_name, which could lead to a NULL pointer dereference and system crash (DoS). A vendor/field note in the description mentions the problem is di...
CVE-2019-19075
The CVE-2019-19075 entry maps to a memory leak in the Linux kernel ca8210_probe() implementation (drivers/net/ieee802154/ca8210.c) that can cause memory exhaustion and DoS by triggering ca8210_get_platform_data() failures. Affected is the kernel before 5.3.8; mitigation is upgrading to kernel 5.3...
CVE-2020-14305
Mode C: CVE-2020-14305 is a Linux kernel vulnerability described in connected documents as an out-of-bounds memory write affecting the Voice Over IP H.323 connection tracking for ipv6 port 1720. An unauthenticated remote attacker could crash the system, causing DoS, with high impact on confidenti...
CVE-2022-1015
CVE-2022-1015: A local out-of-bounds write in Linux kernel nf_tables_api.c (netfilter/nf_tables) is reported. Connected Astra/Linux documents confirm the vulnerability and recommend updating to a later kernel version (e.g., via vendor/KMS updates) to mitigate. Exploitation details are not provide...
CVE-2023-4273
CVE-2023-4273 affects the Linux kernel exFAT driver. The vulnerability arises from how file name reconstruction copies file name data into a stack variable, enabling a local privileged attacker to overflow the kernel stack. Connected advisories confirm real-world impact and list affected kernels;...
CVE-2024-42230
In CVE-2024-42230, the Linux kernel on pseries PowerPC is affected by a scv instruction crash when kexec is used. The root cause is that kexec on pseries disables AIL (reloc_on_exc), required for scv instruction support, before all CPUs have been shut down, allowing scv instructions to execute af...
CVE-2023-4459
CVE-2023-4459 is rejected/not used; this CVE record does not represent an active vulnerability entry.
CVE-2024-53150
The CVE-2024-53150 issue affects the Linux kernel USB-audio (ALSA: usb-audio). The root cause is that the driver does not validate the bLength field of descriptors while traversing clock-related descriptors, allowing a bogus shorter descriptor to cause out-of-bounds reads. The public patch adds s...
CVE-2019-20095
CVE-2019-20095 affects the Linux kernel mwifiex driver (drivers/net/wireless/marvell/mwifiex/cfg80211.c). The description states that certain error-handling paths do not free allocated hostcmd memory, causing a memory leak that can lead to a denial of service. The issue is fixed in kernel version...
CVE-2021-28971
The CVE-2021-28971 vulnerability affects the Linux kernel: specifically, intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c can mishandle PEBS status on Haswell-era CPUs, potentially causing a system crash when userspace tools (e.g., perf-fuzzer) access performance events. The issue exists in...
CVE-2023-6606
CVE-2023-6606 is an out-of-bounds read in smbCalcSize of the Linux kernel SMB client (fs/smb/client/netmisc.c). It allows a local attacker to crash the system or leak internal kernel information. Public advisories note fixes via kernel updates/livepatches (e.g., Amazon Linux 2 ALAS advisories and...
CVE-2019-3460
CVE-2019-3460 affects the Linux kernel and is a heap data information leak in multiple locations, including L2CAP_PARSE_CONF_RSP, reported as present in builds before 5.1-rc1. The issue arises from a heap information leak in L2CAP handling; the advisory notes updates to address it in kernel relea...
CVE-2021-3715
CVE-2021-3715 affects the Linux kernel Traffic Control routing classifier. The flaw is a use-after-free in route4_change() within net/sched/cls_route.c, triggered by changes to classification filters, enabling a local unprivileged user to escalate privileges. The issue is addressed by a kernel fi...
CVE-2022-4662
CVE-2022-4662 is a Linux kernel USB core subsystem vulnerability describing improper access control when a user attaches a USB device. A local attacker could trigger a crash by exploiting the flawed USB device handling. The connected IBM bulletin for Spectrum Protect Plus notes a remediation: fix...
CVE-2019-15921
CVE-2019-15921 : In the Linux kernel prior to 5.0.6, a memory leak occurs in genl_register_family() when idr_alloc() fails (net/netlink/genetlink.c). This can lead to resource leakage in affected systems. Root cause is a failure path not freeing partial allocations; impact is limited to memory/re...
CVE-2020-11565
CVE-2020-11565: Linux kernel through 5.6.2 contains a stack-based out-of-bounds write in mpol_parse_str (mm/mempolicy.c) when an empty nodelist is encountered during mount option parsing. Affected by a disclosed mitigation note (some security community members dispute it as a vulnerability). Conn...
CVE-2023-23559
CVE-2023-23559 affects the Linux kernel rndis_wlan.c (rndis_query_oid) up to version 6.1.5. The vulnerability arises from an integer overflow in an addition, which may lead to a buffer overflow. Connected sources corroborate the issue and reference updates/mitigations in related advisories (e.g.,...
CVE-2018-10322
CVE-2018-10322 affects the Linux kernel (up to 4.16.3) via the XFS inode verification path: xfs_dinode_verify in fs/xfs/libxfs/xfs_inode_buf.c can trigger an xfs_ilock_attr_map_shared invalid pointer dereference, allowing a local attacker to cause a denial of service. Exploitation status is not d...
CVE-2018-7757
The CVE-2018-7757 issue affects the Linux kernel (up to version 4.15.7) and is caused by a memory leak in the sas_smp_get_phy_events function located at drivers/scsi/libsas/sas_expander.c. The vulnerability can lead to a denial of service due to memory consumption when a local attacker performs m...
CVE-2019-19059
CVE-2019-19059 affects the Linux kernel’s iwlwifi PCIe ctxt-info-gen3 code path (drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c). The issue is described as multiple memory leaks in iwl_pcie_ctxt_info_gen3_init() that can be triggered when iwl_pcie_init_fw_sec() or dma_alloc_coherent() f...
CVE-2024-0641
CVE-2024-0641 describes a denial-of-service vulnerability in the Linux kernel’s TIPC subsystem, specifically in tipc_crypto_key_revoke in net/tipc/crypto.c. The flaw allows guests with local user privileges to trigger a deadlock, potentially crashing the system. Connected sources (Astra Linux bul...
CVE-2024-53163
The CVE refers to a Linux kernel crypto/qat/qat_420xx path where an off-by-one in uof_get_name() can cause an out-of-bounds access via the fw_objs[] array. The bug is triggered in uof_get_name_420xx() when computing the number of objects and using a comparison that should be >= instead of >...
CVE-2020-25671
CVE-2020-25671 is a Linux kernel vulnerability in the NFC LLCP implementation where a refcount leak in llcp_sock_connect() can cause a use-after-free, potentially enabling privilege escalation or system crash via local access. Affected: Linux kernel NFC LLCP path; impact parameter: local attacker...
CVE-2016-10905
CVE-2016-10905: A use-after-free in Linux kernel fs/gfs2/rgrp.c (pre-4.8) is caused by gfs2_clear_rgrpd and read_rindex_entry. Several Nessus/OpenVAS/SUSE/F5 advisories reference this CVE and map it to vulnerable kernel versions and affected distributions; the public text confirms the flaw but do...
CVE-2019-20908
CVE-2019-20908 affects the Linux kernel up to 5.3: in drivers/firmware/efi/efi.c, efivar_ssdt ACPI variable permissions can be too permissive, enabling local attackers to bypass lockdown or secure boot restrictions. Affected: Linux kernels prior to 5.4 (as referenced by Unity Linux and MiracleLin...