14330 matches found
CVE-1999-1442
The CVE-1999-1442 entry describes a bug in AMD K6 processors running Linux 2.0.x and 2.1.x kernels where a specific sequence of instructions can be used by a local attacker to trigger a denial of service (kernel crash). Affected component: AMD K6 processor in these Linux kernel versions; root cau...
CVE-2001-1384
CVE-2001-1384 affects the Linux kernel in 2.2.x up to 2.2.19 and 2.4.x up to 2.4.9. The vulnerability is a local privilege escalation: a local user can gain root by ptracing a setuid/setgid process that itself executes an unprivileged program (e.g., newgrp). The provided documents do not specify ...
CVE-2002-0570
CVE-2002-0570 : The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, allowing local users to modify encrypted data without knowing the key. The affected component is the loop device encryption code in these kernels. The provided do...
CVE-2003-1161
The CVE-2003-1161 entry concerns the Linux kernel 2.6-test9-CVS where exit.c, as stored on kernel.bkbits.net, was modified to include a backdoor. This backdoor could allow local users to elevate privileges by passing __WCLONE|__WALL to the sys_wait4 function, enabling local privilege escalation. ...
CVE-2005-3527
CVE-2005-3527 describes a race condition in the Linux 2.6 kernel’s do_coredump (signal.c) that can cause a denial of service when a core dump is triggered in one thread while another thread has a pending SIGSTOP. The vulnerability is a kernel-level issue affecting 2.6-series kernels as cited by m...
CVE-2006-1862
The CVE-2006-1862 vulnerability affects the Linux kernel 2.6.x virtual memory implementation. It enables a local user to cause a denial of service (panic) by repeatedly running lsof, which can generate a heavy system load. Related advisories (RHSA-2006:0493 / CESA-2006:0493) document this issue a...
CVE-2006-6128
The CVE-2006-6128 entry describes a local-denial-of-service vulnerability tied to the ReiserFS implementation in Linux kernel 2.6.18 (and possibly other versions). The issue arises when a malformed ReiserFS filesystem triggers memory corruption during a sync operation, enabling local users to cau...
CVE-2016-10288
CVE-2016-10288 is an elevation-of-privilege flaw in the Qualcomm LED driver that could allow a local attacker to execute arbitrary code in the kernel context on affected Android devices. The issue targets the Android kernel (Kernel-3.18) via the LED driver, requiring compromising a privileged pro...
CVE-2016-6758
CVE-2016-6758 is an elevation of privilege vulnerability in Qualcomm Media Codecs on Android. The issue allows a local malicious application to execute arbitrary code in the context of a privileged process via exploitation of the Qualcomm media codecs component (kernel 3.10/3.18 lineage). Affecte...
CVE-2016-8393
CVE-2016-8393 describes an elevation of privilege in the Synaptics touchscreen driver that could let a local malicious Android application execute arbitrary code in kernel context. Affected product: Android (kernel 3.10). Root cause: a vulnerability in the Synaptics touchscreen driver enabling co...
CVE-2016-8440
CVE-2016-8440 details (Android kernel 3.18): A buffer overflow in the SMMU system call, caused by improper input validation in the ADSP SID2CB system call, may lead to hypervisor memory overwrite. The vulnerability affects Android on Kernel 3.18 and is described with a high-severity impact (poten...
CVE-2017-0520
CVE-2017-0520 is an elevation-of-privilege vulnerability in the Qualcomm crypto engine driver that could allow a local malicious Android app to execute code in the kernel context. Affected components: Qualcomm crypto engine driver; vulnerable against Android kernels 3.10 and 3.18. Trigger require...
CVE-2017-0585
Technical details about CVE-2017-0585 are not provided in the connected documents; the inputs describe an information disclosure in the Broadcom Wi‑Fi driver affecting Android kernels but lack concrete exploit, affected versions, or fixes in these sources.
CVE-2017-0609
CVE-2017-0609 is an elevation-of-privilege vulnerability in the Qualcomm sound driver on Android, enabling a local malicious app to execute code in the kernel context. Affected: Android devices with Kernel-3.10/3.18 (Qualcomm sound subsystem). Root cause: not explicitly detailed in the provided d...
CVE-2017-0628
CVE-2017-0628 is an information-disclosure vulnerability in the Qualcomm camera driver. The issue could allow a local malicious application to access data outside its permissions, requiring compromise of a privileged process. Affected: Android devices using Kernel-3.10 or Kernel-3.18 with Qualcom...
CVE-2022-49805
CVE-2022-49805 – Linux kernel (lan966x): The issue occurs in lan966x_stats_init(), which calls create_singlethread_workqueue() without validating the return value. If it returns NULL, a later queue_delayed_work path dereferences a null workqueue pointer, causing a null-pointer dereference. The re...
CVE-2023-20674
The CVE-2023-20674 issue affects the WLAN component in MediaTek devices, caused by an out-of-bounds read due to a missing bounds check. This vulnerability could allow local information disclosure and may enable system-level execution privileges, with no user interaction required. Multiple feeds (...
CVE-2024-43874
CVE-2024-43874 affects the Linux kernel crypto CCP/SEV path. The vulnerability is a NULL pointer dereference in __sev_snp_shutdown_locked triggered when psp_device or sev_device are uninitialized due to DEBUG_TEST_DRIVER_REMOVE. The fix returns early from __sev_snp_shutdown_locked() if these stru...
CVE-2025-21952
CVE-2025-21952 relates to the Linux kernel and affects the corsair-void subsystem. The issue occurs when corsair_void_process_receiver is invoked from an interrupt context, where it previously locked battery_mutex, risking a kernel panic. The fix relocates the critical section into its own work i...
CVE-2025-38101
CVE-2025-38101 is publicly addressed in the openSUSE/SUSE advisory for the Linux kernel. The issue concerns the ring-buffer subsystem, specifically the function ring_buffer_subbuf_order_set(), where the critical section was enlarged to ensure error handling runs with the per-buffer mutex held, pr...
CVE-2025-38199
The connected Astra/Linux kernel advisory describes CVE-2025-38199 as a memory leak in wifi/ath12k where arsta->rx_stats was allocated each time a station was added, including repeated additions for the same station. The root cause is redundant allocations when ath12k_mac_station_add() is call...
CVE-2025-38208
CVE-2025-38208 is resolved in the Linux kernel: smb client adds a NULL check in automount_fullpath to prevent NULL dereference when tcon->origin_fullpath is set. The issue was a missing null check in __build_path_from_dentry_optional_prefix for the case when origin_fullpath is present. Affects...
CVE-2025-38284
CVE-2025-38284 affects the Linux kernel wifi driver rtW89 via PCI config DAC handling. The issue: 36-bit DMA support depends on a chip‑proprietary bit accessible through PCI config API or DBI; when mmap is NULL, a page fault occurs and the kernel trace shows a BUG in rtw89_pci_ops_write16 leading...
CVE-2025-38306
CVE-2025-38306 – Linux kernel race in fs/fhandle.c: may_decode_fh() calls has_locked_children() without holding locks, causing an oopsable race. Patch renames has_locked_children() to __has_locked_children(), makes it static, and redirects callers to it; the public wrapper now calls the inner fun...
CVE-2025-38540
CVE-2025-38540 relates to the Linux kernel HID quirk handling for two Chicony Electronics HP 5MP Cameras (USB IDs 04F2:B824 and 04F2:B82C). The vulnerability arises because the HID sensor interface is non-functional by design, and attempting to access it via iio_info can cause the system to hang ...
CVE-2025-38574
CVE-2025-38574 affects the Linux kernel PPTP transmit path (pptp_xmit). A missing bound check on skb length could allow reading uninitialized data in pptp_xmit(), similar to changes made for ppp_sync_txmunge. The issue is fixed by the upstream commit aabc6596ffb3 and related bound-checking change...
CVE-2025-38670
CVE-2025-38670 affects ARM64 Linux kernel. The vulnerability arises in cpu_switch_to() and call_on_irq_stack() where masking and saving the DAIF state and SCS pointers are not atomic across stack switches, allowing a race during task/IRQ stack transitions. Interrupts (SErrors/Debug Exceptions) ca...
CVE-2026-23003
CVE-2026-23003 : In the Linux kernel’s IPv6 tunnel receive path (ip6_tunnel, __ip6_tnl_rcv), VLAN encapsulations were not handled correctly due to a failed VLAN-aware pull in the decapsulation path. The fix substitutes skb_vlan_inet_prepare() for pskb_inet_may_pull() to properly accommodate VLAN-...
CVE-2026-31405
CVE-2026-31405 : Linux kernel media/dvb-net vulnerability — OOB read in ULE extension header tables due to 255-element lookup arrays; bounds check added for htype to ensure out-of-range SNDU is discarded. This resolves a kernel-wide issue and is reflected in OSV advisories (e.g., Root: Debian 11/...
CVE-2026-43198
CVE-2026-43198 is a Linux kernel race in IPv6 TCP socket handling. The issue occurs in tcp_v6_syn_recv_sock() where the child socket becomes visible before IPv6 state is initialized, allowing other CPUs to access it and potentially triggering instability. The fix moves the problematic code into t...
CVE-2026-46281
CVE-2026-46281 affects the Linux kernel vmalloc path used by vrealloc when a new allocation is forced (wrong NUMA node or alignment). The code copies old_size bytes into a newly allocated buffer of size bytes during a shrink request, which can cause an out-of-bounds write. The fix bounds the copy...
CVE-1999-0782
KDE kppp is affected by CVE-1999-0782. Local users can create a directory in an arbitrary location by manipulating the HOME environment variable. The core issue is the use of HOME to determine user directories, enabling an attacker with local access to create files/directories outside their inten...
CVE-1999-1166
CVE-1999-1166 affects Linux 2.0.37 and is caused by not properly encoding the Custom segment limit, which allows local users to gain root privileges by accessing or modifying kernel memory. The connected documents reiterate the same description and do not provide a concrete remediation, workaroun...
CVE-2002-0499
The CVE relates to the Linux kernel vulnerability where the d_path function truncates long pathnames without error in Linux kernel versions 2.2.20 and earlier, and 2.4.18 and earlier. This behavior can cause local users to cause programs to operate on incorrect directories, potentially enabling i...
CVE-2004-2135
Cryptoloop in Linux kernel 2.6.x, when used on file systems with a block size of 1024 or greater, contains IV computation weaknesses that allow watermarked files to be detected without decryption. The documented impact is PARTIAL confidentiality loss. No exploits, specific remediations, or affect...
CVE-2004-2536
Summary of CVE-2004-2536 : The Linux kernel 2.6.x releases up to 2.6.5 contain a fault in the exit_thread path (process.c) where per-TSS io_bitmap pointers are not invalidated when a process obtains IO permissions via ioperm and later exits. This can allow other processes to access the per-TSS po...
CVE-2006-0036
CVE-2006-0036 affects the Linux kernel (2.6.14 and other versions) via the ip_nat_pptp code in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c). The vulnerability occurs when processing an inbound PPTP_IN_CALL_REQUEST packet, which can trigger a null pointer dereference in an offset calculati...
CVE-2006-6057
CVE-2006-6057 affects the Linux kernel (2.6.x up to 2.6.18) and possibly other OSes, notably Fedora Core 6, with a vulnerability in the GFS2 file system driver. The issue is triggered by a malformed gfs2 file stream that leads to a NULL pointer dereference in the init_journal function, causing a ...
CVE-2016-6781
CVE-2016-6781 describes an Elevation of Privilege in the MediaTek driver affecting Android on kernel 3.10. The vulnerability could allow a local malicious application to execute arbitrary code in the kernel context after compromising a privileged process. The NVD entry lists the impact as High wi...
CVE-2016-6782
CVE-2016-6782 describes a local elevation-of-privilege in the MediaTek driver on Android (Kernel-3.10) that could allow a malicious local app to execute arbitrary code in kernel context. The issue requires compromising a privileged process first; no public exploit details or patches are provided ...
CVE-2016-8444
CVE-2016-8444 is an elevation of privilege vulnerability in the Qualcomm camera that could allow a local malicious app to execute arbitrary code in the kernel context on Android (Kernel-3.10). The flaw requires compromising a privileged process, and the description identifies Android as the produ...
CVE-2016-8452
CVE-2016-8452 is a vulnerability in the Qualcomm Wi-Fi driver on Android that allows a local, unprivileged process to escalate to kernel code execution. Root cause is elevation of privilege in the Qualcomm Wi‑Fi driver, with impact described as high since the attacker must first compromise a priv...
CVE-2016-8473
CVE-2016-8473 is an information-disclosure vulnerability in the STMicroelectronics driver on Android (Kernel-3.10). A local, malicious app could access data outside its permissions after compromising a privileged process. Affected devices listed for this CVE include Nexus 5X and Nexus 6P. The pat...
CVE-2017-8072
The vulnerability CVE-2017-8072 affects the Linux kernel 4.9.x with a flaw in cp2112_gpio_direction_input (drivers/hid/hid-cp2112.c): it does not return the expected EIO error for a zero-length report, enabling local users to cause an unspecified impact via unknown vectors. Affected: Linux kernel...
CVE-2022-49819
CVE-2022-49819 concerns the Linux kernel. The issue in octeon_ep has a potential memory leak in octep_device_setup on failures of unsupported_dev or mbox init, where oct->conf was not freed and oct->mmio[i].hw_addr was not unmapped. The fix frees oct->conf with kfree() and unmaps oct->...
CVE-2022-49893
CVE-2022-49893 concerns a Linux kernel issue where the cxl/region leak occurs if a region is deleted. The fix ensures that, during unregister_region(), all targets previously assigned to the region are detached, so their references to the region drop and the region object is not leaked after sysf...
CVE-2022-50224
CVE-2022-50224 is a Linux kernel/KVM issue where NX is treated as a valid SPTE bit for NPT, enabling a mismatch that can trigger a WARN when reserved SPTE bits are set. Concrete details come from the Linux kernel KVM/mmu path, including a traceback and a mitigation involving NX handling when the ...
CVE-2023-20675
CVE-2023-20675 concerns MediaTek platforms where the kernel/wlan component is vulnerable to an out-of-bounds read caused by a missing bounds check. The issue can lead to local information disclosure, with potentially full System privileges if exploited, and does not require user interaction. Conn...
CVE-2024-43878
CVE-2024-43878 — Linux kernel xfrm: Fix input error path memory access . Affected component: the Linux kernel networking/xfrm stack (xfrmi_rcv_cb). Root cause: memory access during the input slow-path handling when input state is misconfigured, leading to a KASAN wild-memory-access read (observed...
CVE-2025-38054
The CVE-2025-38054 issue affects the Linux kernel PTP clock framework (ocp) in debugfs summary output. It could dereference NULL or access out-of-bounds elements in freq_in[] and signal_out[] due to uninitialized elements. The fix adds per-array counters (nr_freq_in, nr_signal_out) with a maximum...