CVE-2021-4157

CVE-2021-4157 concerns the Linux kernel NFS subsystem and a memory-bound write flaw. The description in the initial document states an out-of-bounds write of 1–2 bytes could be triggered when using mirroring/replication over NFS, potentially allowing a user with NFS mount access to crash the syst...

CVE-2022-3623

CVE-2022-3623 refers to a Linux Kernel issue in the BPF path where a race condition in follow_page_pte (mm/gup.c) can be exploited remotely. Connected sources corroborate the root cause as a race in follow_page_pte and list the affected component as Linux Kernel with the BPF involvement. The Astr...

CVE-2023-2985

CVE-2023-2985 describes a use-after-free in hfsplus_put_super (fs/hfsplus/super.c) of the Linux kernel, enabling a local attacker to cause a denial of service. Connected documents confirm the flaw and its local impact, but do not provide a vendor-specific fix or patch details. No additional explo...

CVE-2019-14895

CVE-2019-14895 is a heap-based buffer overflow in the Marvell WiFi chip driver (mwifiex) of the Linux kernel. Affected: Linux kernel 3.x and 4.x prior to 4.18.0; vulnerability can occur when a station negotiates a connection while handling remote country settings. Impact stated in public sources ...

CVE-2019-15118

CVE-2019-15118 affects the Linux kernel up to version 5.2.9. The vulnerability arises from the function check_input_term in sound/usb/mixer.c , which mishandles recursion and can cause a kernel stack exhaustion leading to a crash. The connected Nessus entries corroborate the issue and reference U...

CVE-2020-36310

CVE-2020-36310 affects the Linux kernel prior to 5.8, specifically arch/x86/kvm/svm/svm.c, where set_memory_region_test can infinite-loop on certain nested page faults (CID-e72436bc3a52). The connected Nessus/OSS documents confirm this exact issue in Unity Linux kernels and Debian/openSUSE adviso...

CVE-2023-52817

CVE-2023-52817: Linux kernel DRM/AMDGPU fix for a NULL pointer dereference when the smc_rreg pointer is NULL while reading amdgpu_regs_smc (VEGA20). The patch adds a NULL check to amdgpu_debugfs_regs_smc_read path, preventing a kernel NULL pointer dereference when users read /sys/kernel/debug/dri...

CVE-2024-42229

CVE-2024-42229 concerns a Linux kernel cryptography hardening issue in the AEAD/cipher path. The description states that after cryptographic operations, the key buffer must be zeroized, in line with I.G 9.7.B for FIPS 140-3 guidance. The fix involves zeroizing buffers that previously held private...

CVE-2024-44935

CVE-2024-44935: In the Linux kernel SCTP, a null pointer dereference can occur in reuseport_add_sock() when concurrent close operations clear sk_reuseport_cb. The issue stems from insufficient synchronization among reuseport_alloc(), reuseport_add_sock(), and reuseport_detach_sock() across socket...

CVE-2016-3137

CVE-2016-3137 affects the Linux kernel driver, specifically drivers/usb/serial/cypress_m8.c, with exploitation possible via a USB device lacking interrupt endpoints. The vulnerability allows a NULL pointer dereference leading to a denial of service (system crash) and is fixed in kernel 4.5.1 (and...

CVE-2021-4028

CVE-2021-4028 is a Linux kernel use-after-free in the RDMA communications manager listener path. Local attackers could crash the system or potentially escalate privileges by exploiting a high-port socket listen use-after-free. The vulnerability is documented across multiple connected sources (Deb...

CVE-2022-39189

CVE-2022-39189 affects the Linux kernel KVM/x86, where unprivileged guest users can compromise the guest kernel due to mishandled TLB flushes in certain KVM_VCPU_PREEMPTED situations. The issue is documented across multiple advisories (e.g., Debian, Amazon Linux ALAS2KERNEL, Astra Linux) and is m...

CVE-2019-20636

CVE-2019-20636 affects the Linux kernel prior to 5.4.12. The vulnerability is an out-of-bounds write in drivers/input/input.c via a crafted keycode table in input_set_keycode, enabling a local attacker with root privileges to corrupt memory and potentially execute arbitrary code or cause a denial...

CVE-2021-35039

The CVE-2021-35039 issue affects the Linux kernel up to version 5.12.14 where module signature verification can be bypassed if CONFIG_MODULE_SIG is not set and a module.sig_enforce=1 argument is used during init_module loading. Affected component: kernel/module.c. Root cause: mishandling of signa...

CVE-2021-3743

CVE-2021-3743 is an out-of-bounds memory read flaw in the Linux kernel’s Qualcomm IPC router protocol. The issue arises from a missing sanity check, allowing a local attacker to read out-of-bounds kernel memory, potentially causing system crashes or information leakage. Documents consistently des...

CVE-2023-45871

CVE-2023-45871 affects the Linux kernel IGB driver (drivers/net/ethernet/intel/igb/igb_main.c) before version 6.5.3. The vulnerability stems from an inadequate buffer size that can fail to accommodate frames larger than the MTU, potentially leading to a buffer overrun. Public documents in connect...

CVE-2016-8666

CVE-2016-8666 affects the Linux kernel’s IP GRO path handling for tunneled/stacked packets. Public sources in connected docs show the issue in kernels before certain fixes, with Unity advisories citing fixes up to kernel 4.8.2 and earlier references noting vulnerability through 4.6 in other conte...

CVE-2018-10940

CVE-2018-10940 affects the Linux kernel, where cdrom_ioctl_media_changed in drivers/cdrom/cdrom.c allows a local attacker to read kernel memory due to an incorrect bounds check in the CDROM_MEDIA_CHANGED ioctl. The vulnerability exists in versions before the 4.16.6 patch, which was released in th...

CVE-2020-12768

CVE-2020-12768 affects the Linux kernel before 5.6, specifically svm_cpu_uninit in arch/x86/kvm/svm.c. The issue is a memory leak that occurs at boot time; third parties dispute its severity, noting the leak is one-time and its size is negligible and not triggerable at will. Public sources in con...

CVE-2022-43945

CVE-2022-43945 affects the Linux kernel NFSD: in versions prior to 5.19.17 and 6.0.2, an RPC message over TCP can cause the send buffer to be oversized, leading NFSD to write beyond allocated space and crash (DoS). The issue is caused by combining receive and send buffers into a single page array...

CVE-2023-1095

CVE-2023-1095 refers to a Linux kernel issue in the nf_tables_updtable path. When nf_tables_table_enable returns an error, nft_trans_destroy frees the transaction object by calling list_del(), but the transaction was never placed on a list (the list head is zeroed), resulting in a NULL pointer de...

CVE-2023-4208

CVE-2023-4208 is a Linux kernel net/sched: cls_u32 use-after-free vulnerability. When u32_change() updates an existing filter, tcf_result may be copied into the new filter instance, and tcf_unbind_filter() runs on the old instance, lowering the referenced class’s filter_cnt and enabling a use-aft...

CVE-2024-53130

CVE-2024-53130 affects the Linux kernel nilfs2 code. The issue is a NULL pointer dereference in the block_dirty_buffer tracepoint when using mark_buffer_dirty(), caused by bh->b_bdev->bd_dev being dereferenced even if the buffer head lacks a block_device pointer. The kernel fix makes nilfs_...

CVE-2019-19534

Summary: CVE-2019-19534 affects the Linux kernel before 5.3.11, enabling a local info-leak via the Peak USB CAN driver (drivers/net/can/usb/peak_usb/pcan_usb_core.c) when a malicious USB device is connected. The root cause is missing initialization of certain structures in the peak_usb CAN driver...

CVE-2021-26931

CVE-2021-26931 is a Linux kernel issue in Xen PV backend handling. Affected: kernel 2.6.39–5.10.16 when running Xen PV; vulnerable components include block/xen-blkback/blkback.c and xen-scsiback.c. Root cause: grant-mapping error handling could be treated as a plain bug, leading to a kernel crash...

CVE-2022-24958

CVE-2022-24958 relates to the Linux kernel USB gadget subsystem, specifically drivers/usb/gadget/legacy/inode.c up to version 5.16.8, where dev->buf release is mishandled. The consequence is a use‑after‑free condition in the USB gadget legacy path, which can lead to a local denial of service a...

CVE-2019-8980

CVE-2019-8980 is a memory-leak DoS in the Linux kernel (kernel_read_file in fs/exec.c) affecting up to version 4.20.11. Attackers could trigger vfs_read failures to exhaust memory. The connected documents provide the vulnerability description but do not specify a confirmed fixed/patch version or ...

CVE-2014-2523

CVE-2014-2523 applies to the Linux kernel code path net/netfilter/nf_conntrack_proto_dccp.c up to version 3.13.6. The vulnerability arises from incorrect handling of a DCCP header pointer, which could allow remote attackers to cause a system crash ( denial of service ) or potentially execute arbi...

CVE-2019-12454

The CVE-2019-12454 vulnerability affects the Linux kernel up to version 5.1.5 in wcd9335_codec_enable_dec (sound/soc/codecs/wcd9335.c). The issue arises because kstrndup is used instead of kmemdup_nul, which could enable an unspecified impact via unknown vectors. The vendor disputes this as a vul...

CVE-2019-19537

CVE-2019-19537 is a race condition in the Linux kernel USB stack (drivers/usb/core/file.c and related USB character device layer) triggered by a malicious USB device. The vulnerability could allow a local attacker to cause a denial of service by making the kernel stop responding. Public reference...

CVE-2020-9383

CVE-2020-9383 affects the Linux kernel floppy driver (set_fdc in drivers/block/floppy.c) where the FDC index is not checked for errors before assignment, causing a wait_til_ready out-of-bounds read. Impact per the CVE description: local attacker could cause a denial of service or privilege escala...

CVE-2021-46944

CVE-2021-46944 : Linux kernel vulnerability in media: staging/intel-ipu3 where a memory reference leak in imu_fmt occurs due to misordered checks; patch fixes memory leak by changing check order. Impact limited to memory leak; no exploitation details provided in the documents. Remediation: apply ...

CVE-2022-3424

CVE-2022-3424 is a local-use-after-free in the Linux kernel SGI GRU driver (gru_file_unlocked_ioctl/gru_check_chiplet_assignment). A local user could crash the system or potentially escalate privileges. Debian-LTS entries confirm the flaw exists in SGI GRU, with testing notes that the driver is n...

CVE-2022-45885

CVE-2022-45885 : The Linux kernel (up to version 6.0.9) has a race in drivers/media/dvb-core/dvb_frontend.c that can cause a use-after-free when a device is disconnected. The vulnerability affects the DVB core frontend path and is rated high severity (CVSS 3.1: AV=L/AC=H/PR=L/UI=N/S=U/C=H/I=H/A=H...

CVE-2023-0597

CVE-2023-0597 describes a memory-leak flaw in the Linux kernel CPU entry_area mapping for X86 CPU data, enabling a local user to guess memory locations of exception stacks and other data. Connected documents (Astra Linux bulletin and IBM page) corroborate the general description but do not provid...

CVE-2024-0646

CVE-2024-0646 describes an out-of-bounds memory write in the Linux kernel’s Transport Layer Security path, occurring when a user calls a splice function with a ktls socket as the destination. The issue could allow a local user to crash the system or potentially escalate privileges. Connected advi...

CVE-2017-8824

CVE-2017-8824 affects the Linux kernel DCCP implementation. The bug is a use-after-free in dccp_disconnect (net/dccp/proto.c) that can be triggered by an AF_UNSPEC connect while in the DCCP_LISTEN state, allowing a local user to escalate privileges or cause a denial of service. Public advisories ...

CVE-2019-19966

CVE-2019-19966 affects the Linux kernel prior to 5.1.6, where a use-after-free in cpia2_exit() (drivers/media/usb/cpia2/cpia2_v4l.c) can lead to denial of service. Connected advisories (Unity Linux UTSA-2026-004036 and related Nessus plugins) reference the same issue and note a fix in kernel 5.1....

CVE-2020-36312

CVE-2020-36312 affects the Linux kernel up to version 5.8.9, where in virt/kvm/kvm_main.c a kmalloc failure can trigger a memory leak in kvm_io_bus_unregister_dev. The connected Nessus advisories confirm the issue as a kernel-level leak and reference the fixed patch in 5.8.10 (ChangeLog-5.8.10; c...

CVE-2021-29264

The CVE-2021-29264 issue affects the Linux kernel’s Freescale Gianfar Ethernet driver (drivers/net/ethernet/freescale/gianfar.c). A negative fragment size is computed in scenarios with an RX queue overrun when jumbo packets are used and NAPI is enabled, enabling a network attacker to crash the sy...

CVE-2022-2964

CVE-2022-2964 affects the Linux kernel AX88179_178A-based USB Ethernet driver. The advisory cites multiple out-of-bounds reads and possible writes in the driver, with CVSS v3.1 base metrics: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (score 7.8, HIGH). Affected components are the AX88179_178A USB ethern...

CVE-2022-3545

CVE-2022-3545: Linux Kernel use-after-free in area_cache_get (drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c, IPsec). Affects local attacker within LAN via area_cache_get manipulation; initial description notes a patch exists to fix the issue. Connected Astra Linux bulletin provides con...

CVE-2017-10661

CVE-2017-10661 is a race condition in Linux kernel timerfd (fs/timerfd.c) that affects versions before 4.10.15. The flaw arises from improper protection of the might_cancel queue during concurrent timerfd operations, enabling local attackers to cause a denial of service or gain privileges via lis...

CVE-2019-16994

CVE-2019-16994 affects the Linux kernel prior to 5.0, where a memory leak in sit_init_net() (net/ipv6/sit.c) may occur if register_netdev() fails to register sitn->fb_tunnel_dev, potentially enabling denial of service. Connected advisories (e.g., Unity/UTSA) corroborate the kernel version rang...

CVE-2022-1998

The CVE-2022-1998 entry concerns a use-after-free in the Linux kernel's File System notify path, specifically in the way a user-triggered copy_info_records_to_user() call may fail in copy_event_to_user(). The issue could allow a local attacker to crash the system and potentially escalate privileg...

CVE-2023-52447

CVE-2023-52447 is a Linux kernel issue where deferral of freeing inner BPF maps could lead to use-after-free if an inner map is accessed after removal from the outer map. The fix defers the inner-map free via bpf_map_free_deferred() and enforces two RCUs (RCU grace period and task-RCU grace perio...

CVE-2019-15807

CVE-2019-15807 : In the Linux kernel prior to 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails, which can cause a BUG and result in a denial of service. The issue is addressed in kernel 5.1.13 as indicated by ChangeLog-5.1.13. Affected product...

CVE-2021-28688

CVE-2021-28688 relates to the Linux kernel fix for XSA-365. The patch initialized pointers to avoid cleanup issues, but under certain conditions it could overwrite pointers that need cleanup, causing persistence leaks and, consequently, incomplete host cleanup after a guest dies, leaving zombie d...

CVE-2021-46930

CVE-2021-46930 details from connected docs: In the Linux kernel, the usb mtu3 subsystem had a fix for a list_head check warning caused by uninitialized list_head, leading to a KASAN use-after-free in __list_del_entry_valid and an observed call trace through mtu3, mtu3_req_complete, mtu3_gadget_st...

CVE-2024-41009

CVE-2024-41009 concerns the Linux kernel BPF ring buffer (MAP_TYPE_RINGBUF). The issue arose from the ringbuf memory layout allowing a second chunk to overlap the first when producer/consumer counters were manipulated, enabling edits to a header by a BPF program and potentially triggering a crash...