14330 matches found
CVE-2025-38092
CVE-2025-38092 concerns the Linux kernel (ksmbd) and the opinfo_get_list() path. The root cause is use of list_first_entry(), which does not return NULL for empty lists, leading to an invalid pointer. The fix is to switch to list_first_entry_or_null() to safely detect empties. Public references i...
CVE-2025-38134
CVE-2025-38134 in Linux kernel: The usb: acpi: fix prevents a NULL pointer dereference in usb_acpi_add_usb4_devlink() due to usb_hub_to_struct_hub() returning NULL in certain hub teardown scenarios. The issue could lead to an access to hub->ports[...] if NULL, and was mitigated by guards in ot...
CVE-2025-38164
CVE-2025-38164 concerns the Linux kernel F2FS file system. A patch fixes an inconsistency between SIT and SSA during garbage collection by skipping block migration for opened sections in f2fs_gc_range(), preventing a potential crash (Observed as in test scenarios where a filesystem stopped with ‘...
CVE-2025-38297
CVE-2025-38297: In the Linux kernel, a division-by-zero could occur in em_compute_costs() for non-CPU devices due to uninitialized table[i].performance. The fix adds a _is_cpu_device(dev) check to em_init_performance() paths to prevent the division. Public advisories (e.g., openSUSE SUSE-SU-2026:...
CVE-2025-38360
CVE-2025-38360 is a Linux kernel vulnerability affecting drm/amd/display where insufficient HUBP/DSC domain checks could leave the HUBP domain mismatched to a DSC instance, risking an undefined tile state and potential system hang. The advisory states that the fix adds more checks to ensure the H...
CVE-2025-38452
CVE-2025-38452 affects the Linux kernel’s net/ethernet RTSN driver. The vulnerability was in a null pointer dereference in rtsn_probe(), addressed by adding a check for the return value of rcar_gen4_ptp_alloc(). This mitigates potential null pointer dereference and reduces the risk of a local imp...
CVE-2025-38524
The CVE-2025-38524 issue concerns a race in Linux kernel RXRPC: when a call on a socket receives events, the call may be dequeued by two threads, potentially causing a release/decoupling that leaves a stale RXRPC_USER_CALL_ID. The fix dequeues the call and ignores it if it is already released, pr...
CVE-2025-38571
The CVE-2025-38571 entry documents a Linux kernel flaw in sunrpc client-side handling of TLS alerts within NFS over TLS. The vulnerability stems from a misassumption that valid data resides in the msghdr iterator’s kvec, which could be exploited by TLS alert handling. The recommended fix reworks ...
CVE-2025-38578
CVE-2025-38578 is a Linux kernel vulnerability related to f2fs use-after-free in f2fs_sync_inode_meta, as discussed in the initial description. The issue arises in the writeback path via f2fs_inode_synced/update_inode/write_inode, leading to a use-after-free condition detected by KASAN. A fix has...
CVE-2025-38653
CVE-2025-38653: In the Linux kernel, the vulnerability stems from checking proc_lseek directly via pde->proc_ops->proc_lseek, which can cause a use-after-free in a module removal (rmmod) scenario. The issue is a gap in proc_reg_open() that was later addressed by applying the same mitigation...
CVE-2025-39766
CVE-2025-39766 : In the Linux kernel, the net/sched cake_enqueue path was fixed to return NET_XMIT_CN when dropping packets due to a very small buffer_limit, preventing htb_enqueue from activating an empty child qdisc. The issue caused packet drops to be signaled as NET_XMIT_SUCCESS, leading to f...
CVE-2026-31574
CVE-2026-31574 concerns the Linux kernel clockevents subsystem. The issue arises from missing resets of the next_event_forced flag in several code paths, including during clock event state changes, when arming a non-forced event, and in the suspend wakeup handler. This can leave the flag stale ac...
CVE-2026-31658
CVE-2026-31658 affects the Linux kernel net: altera-tse driver. The root cause is a memory leak: when dma_map_single() fails in tse_start_xmit(), the code returns NETDEV_TX_OK without freeing the skb, causing the skb to be leaked on every DMA mapping failure. The provided patches add dev_kfree_sk...
CVE-2026-43229
The CVE-2026-43229 issue affects the Linux kernel via the chips-media wave5 driver. The root cause is an incorrect device cleanup order: video device unregistration was performed after power/runtime disable and hardware power-down, allowing a kthread worker to read hardware registers after autosu...
CVE-2026-46090
CVE-2026-46090 affects the Linux kernel ALSA aloop driver. A use-after-free in loopback_check_format() can occur when playback starts with parameters that no longer match a running capture stream, while a concurrent close may detach or free the runtime. The issue arises after a patch that moved t...
CVE-2026-46324
CVE-2026-46324 concerns the Linux kernel’s nf_tables netlink hook handling. The vuln is fixed by replacing use of list_del_rcu() for nft_netdev_unregister_hooks and __nft_unregister_flowtable_net_hooks to prevent concurrent dumpers from walking the list while it’s modified. A new helper was added...
CVE-1999-1276
The CVE-1999-1276 entry describes a local privilege escalation in fte-console: before 0.46b-4.1 it does not drop root privileges, allowing local users to gain root via the virtual console device. Affected: fte-package fte-console. Impact per CVSS: complete impact to confidentiality, integrity, an...
CVE-2001-1273
The CVE-2001-1273 issue affects the Linux kernel before version 2.2.17-14 when running on certain Intel CPUs. The vulnerability, described as the 'mxcsr P4' issue, allows a local user to cause a denial of service (system halt). Documents do not specify the exact vulnerable components beyond the k...
CVE-2002-0046
The CVE-2002-0046 vulnerability affects the Linux kernel (and possibly other OS) where remote attackers can read memory by sending fragmented ICMP packets that trigger an ICMP TTL Exceeded response containing memory fragments. This exposes partial confidentiality and relies on ICMP handling in th...
CVE-2003-0467
The CVE-2003-0467 issue affects Netfilter NAT SACK handling (ip_nat_sack_adjust) in Linux kernels 2.4.20 and some 2.5.x when NAT FTP/IRC is enabled or ip_nat_ftp/irc modules are loaded. The root cause is an integer signedness handling in the Sack adjustment logic, which could allow a remote attac...
CVE-2004-0058
The CVE-2004-0058 entry affects Antivir for Linux 2.0.9-9 and potentially earlier versions. It describes a local privilege issue where a symlink race on the temporary file .pid_antivir_$$ allows a local user to overwrite arbitrary files. The underlying cause is a symlink attack on a daemon-relate...
CVE-2008-7316
The vulnerability CVE-2008-7316 affects the Linux kernel up to version 2.6.25 in the mm/filemap.c path. A local attacker can trigger an infinite loop/denial of service by issuing a writev system call that creates a zero-length iovec followed by a page fault for a nonzero-length iovec. Impact is a...
CVE-2011-2210
The CVE-2011-2210 issue affects the Linux kernel on the Alpha platform, where osf_getsysinfo in arch/alpha/kernel/osf_sys.c does not properly bound the data size for GSI_GET_HWRPB, enabling local users to read kernel memory. Public sources confirm the root cause is improper data size restriction ...
CVE-2011-4098
CVE-2011-4098 affects the Linux kernel GFS2 fallocate implementation. The vulnerability stems from using the page cache to preallocate blocks, which can allow local users to trigger a denial of service in scenarios with insufficient memory. Affected component is the GFS2 filesystem’s fallocate pa...
CVE-2013-3302
The CVE-2013-3302 entry refers to a race condition in the Linux kernel’s CIFS transport path: smb_send_rqst in fs/cifs/transport.c, exploitable on affected kernels prior to 3.7.2. The vulnerability can allow local users to trigger a NULL pointer dereference and OOPS, with potential unspecified im...
CVE-2016-10285
CVE-2016-10285 concerns an elevation-of-privilege in the Qualcomm video driver within Android's kernel (Kernel-3.18). A local malicious application could execute arbitrary code in kernel context if it first compromises a privileged process. The issue is rated High and requires local access with u...
CVE-2016-10286
CVE-2016-10286 is an elevation-of-privilege vulnerability in the Qualcomm video driver on Android, enabling a local malicious application to execute arbitrary code in the kernel context. The issue affects Android with Kernel-3.18 and Android ID A-35400904; exploitation requires compromising a pri...
CVE-2016-10292
CVE-2016-10292 is a denial-of-service vulnerability in the Qualcomm Wi‑Fi driver affecting Android devices. A proximate attacker could trigger a DoS in the Wi‑Fi subsystem by exploiting the Qualcomm Wi‑Fi driver within Android kernels listed as Kernel-3.10 and Kernel-3.18. Public description conf...
CVE-2016-10296
CVE-2016-10296 is an information-disclosure vulnerability in the Qualcomm shared memory driver affecting Android kernels those listed (Kernel-3.10, Kernel-3.18). The issue could allow a local malicious application to access data beyond its permissions, and is categorized as Moderate because explo...
CVE-2016-8404
CVE-2016-8404 is an information-disclosure vulnerability in Android kernel components (ION subsystem, Binder, USB driver, and networking). A local malicious application could access data outside its permission levels after compromising a privileged process. Affected product/versions: Android kern...
CVE-2016-8435
CVE-2016-8435 is an elevation of privilege in the NVIDIA GPU driver that could allow a local attacker to execute arbitrary code in the kernel context on Android devices (Kernel-3.18). The issue is addressed in Android security updates released around the 2017-01-01/2017-01-05 patch levels; Pixel ...
CVE-2016-8439
CVE-2016-8439 is an Android vulnerability describing a possible buffer overflow in the trust zone access control API due to insufficient buffer size checking. The connected NVD entry lists affected software as Android kernel 3.18, with Android ID A-31625204, indicating the root cause lies in a bu...
CVE-2016-8478
CVE-2016-8478 describes an information-disclosure vulnerability in the Qualcomm video driver on Android (Kernel 3.18). The issue allows a local malicious application to access data outside its permission levels, but only after compromising a privileged process. The root cause is information expos...
CVE-2017-0631
CVE-2017-0631 is an information-disclosure vulnerability in the Qualcomm camera driver for Android. According to NVD, it affects Android on kernels 3.10 and 3.18, enabling a local malicious application to access data outside its permission levels after compromising a privileged process. The descr...
CVE-2017-0632
CVE-2017-0632 is an information-disclosure vulnerability in the Qualcomm sound codec driver within Android’s kernel (Kernel-3.10). It could allow a local malicious application to access data beyond its permissions after compromising a privileged process. The issue is classified as Moderate and is...
CVE-2022-49785
The CVE-2022-49785 entry concerns the Linux kernel SGX subsystem. The issue arises in sgx_validate_offset_length(), which verifies userspace-provided offset and length but lacked an overflow check on their addition. The documented fix adds an overflow check to prevent arithmetic overflow when com...
CVE-2022-50042
CVE-2022-50042 refers to a Linux kernel vulnerability in the net: genl code for policy dumping. The issue is a memory leak in error paths when constructing the array of policies if recording non-first policies fails, and in netlink_policy_dump_add_policy which currently may not record the allocat...
CVE-2023-53221
The CVE-2023-53221 case concerns a vulnerability in the Linux kernel where a memleak can occur if fentry attachment fails for a BPF trampoline image. The description states that, when the fentry attach fails, the allocated trampoline image remains in memory and can be observed in /proc/kallsyms a...
CVE-2023-53419
CVE-2023-53419 : Linux kernel fix for a NULL-pointer dereference in PREEMPT_RT RCU code. The vulnerability arises when CPU2 reads rnp->exp_tasks without holding rnp->lock while CPU1 may update rnp->exp_tasks to NULL, leading to a dereference of a NULL pointer. The documented fix is to ho...
CVE-2024-57992
CVE-2024-57992 relates to the Linux kernel wi lc1000 wireless driver where a race between wiphy allocation and registration could trigger a kernel panic. The issue arises from an error path in wilc drivers (sdio and SPI) that may call wiphy_unregister on a wiphy that has not been registered, lead...
CVE-2024-58067
The CVE-2024-58067 issue affects the Linux kernel in the clk: mmp: pxa1908-mpmu path. Root cause: an incorrect NULL vs IS_ERR() check around devm_kzalloc() where NULL is returned on error; the check has been updated to match. Impact, as per listed metadata, is availability impact HIGH with no con...
CVE-2025-38055
CVE-2025-38055 affects the Linux kernel (perf/x86/intel) where PEBS-via-PT with a sample_freq could trigger a NULL pointer dereference due to intel_pmu_pebs_event_update_no_drain() misinterpreting pebs_enabled bits as counter indexes. The issue arises when bits 60/61 are set for PEBS-via-PT, and ...
CVE-2025-38082
CVE-2025-38082 refers to a Linux kernel vulnerability in gpio: virtuser where an out-of-bounds write could occur if a caller wrote more characters than the destination buffer could hold in simple_write_to_buffer. The issue is mitigated by a fix that truncates the input size to the available buffe...
CVE-2025-38128
Technical details on CVE-2025-38128 are not publicly provided in the connected documents. The advisories reference the vulnerability at a high level but do not expand on affected products, versions, root cause, exploit details, or fixes within this dataset. Monitor for updates.
CVE-2025-38169
In the Linux kernel (CVE-2025-38169) on arm64 with SME, a thread context switch could clobber the kernel FPSIMD state when restoring a previous kernel FPSIMD state while the CPU is in streaming SVE mode. The bug occurs if fpsimd_thread_switch() calls fpsimd_load_kernel_state() while streaming SVE...
CVE-2025-38195
CVE-2025-38195 concerns the Linux kernel LoongArch code, where a NULL-PMD handling path in huge_pte_offset() could trigger a kernel-panic when processing huge pages, as shown by the error trace and mitigation notes. The issue affects the kernel’s page fault / madvise pathways, with a local attack...
CVE-2025-38232
CVE-2025-38232 : A race between NFSD registration and exports_proc causes kernel oopses when exportfs -r and mounting nfsd happen concurrently. The description specifies that the bug arises because nfsd creates the proc entry at init and cleans up at exit, leading to a race with exports_proc. The...
CVE-2025-38242
CVE-2025-38242 relates to a race in the Linux kernel’s userfaultfd path (mm: userfaultfd: fix race of userfaultfd_move and swap cache). The advisory describes two race variants: (1) a NULL folio/lookup edge where a folio is swapped into the wrong VMA, potentially triggering a BUG_ON, and (2) a ra...
CVE-2025-38258
The CVE-2025-38258 issue affects the Linux kernel, specifically in mm/damon/sysfs-schemes where memcg_path_store() assigns a newly allocated buffer to filter->memcg_path without freeing the previous one, enabling kernel memory leaks via repeated writes to memcg_path in the DAMOS sysfs file. Th...
CVE-2025-38267
CVE-2025-38267 affects the Linux kernel ring-buffer logic. The issue arises during memory-mapped buffer reads when a commit_overrun allows the reader page to swap to the commit buffer, potentially triggering a WARN_ON_ONCE due to missed events. The vulnerability is tied to the ring_buffer_map_get...