13736 matches found
CVE-2022-3628
CVE-2022-3628 is a buffer overflow in the Linux kernel Broadcom Full MAC Wi‑Fi driver (brcmfmac) that triggers when a user connects a malicious USB device. The linked documents consistently describe it as a local overflow that could crash the system or escalate privileges. Affected: Linux kernel ...
CVE-2017-15129
CVE-2017-15129 describes a use-after-free in Linux kernel network namespaces: get_net_ns_by_id() may skip verifying net::count after locating a peer in netns_ids idr, enabling a double free and memory corruption. Affected: Linux kernel before 4.14.11; impact includes potential system crash and po...
CVE-2018-19824
CVE-2018-19824 is a local-use-after-free in the Linux kernel’s ALSA USB audio driver. A local attacker could trigger the flaw by attaching a malicious USB sound device (configured with zero interfaces), which is mishandled during usb_audio_probe in sound/usb/card.c. Affected software is the Linux...
CVE-2019-19524
CVE-2019-19524 affects the Linux kernel (before 5.3.12) with a use-after-free in drivers/input/ff-memless.c caused by a malicious USB device, leading to kernel panics. upstream patch available (e.g., ChangeLog-5.3.12) and vendor advisories reference mitigations and fixes. The connected documents ...
CVE-2022-26490
CVE-2022-26490 affects the Linux kernel ST21NFCA NFC driver (st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c) up to and including kernel versions prior to the patched releases. The issue is a buffer overflow caused by untrusted length parameters (EVT_TRANSACTION), which can lead...
CVE-2023-1118
CVE-2023-1118 is a use-after-free in the Linux kernel’s infrared (ene_ir) remote-control driver. The flaw occurs when a user detaches an rc device, enabling a local user to crash the system and potentially escalate privileges. The description appears consistently across sources (e.g., Astra Linux...
CVE-2023-25012
CVE-2023-25012 is a Linux kernel use-after-free in the HID bigben driver (hid-bigbenff.c). A crafted USB device can leave LED controllers registered too long, enabling a local attacker with physical access to trigger a use-after-free in bigben_remove, potentially causing a denial of service or ar...
CVE-2024-41010
The CVE-2024-41010 issue concerns the Linux kernel: a tcx_entry could be released too early, causing a use-after-free when an active old-style ingress or clsact qdisc with a shared tc block is replaced. The vulnerability path is tied to the tcx_entry lifecycle during qdisc creation, graft, and de...
CVE-2015-8660
CVE-2015-8660 targets the ovl_setattr path in Linux overlayfs (fs/overlayfs/inode.c) up to kernel 4.3.3. The issue arises from attempting to merge distinct setattr operations, allowing local users to bypass access restrictions and modify attributes of arbitrary overlay files via a crafted applica...
CVE-2021-38198
CVE-2021-38198 affects the Linux kernel’s KVM implementation for x86. The vulnerability resides in arch/x86/kvm/mmu/paging_tmpl.h where shadow page access permissions are computed incorrectly, leading to a missing guest protection page fault. This can undermine guest isolation and may enable inst...
CVE-2022-3108
CVE-2022-3108 is a Linux kernel vulnerability affecting kernels up to 5.16-rc6 where kfd_parse_subtype_iolink (drivers/gpu/drm/amd/amdkfd/kfd_crat.c) does not check the return value of kmemdup(). The issue is a missing return-value check in memory copy logic, which could enable memory corruption ...
CVE-2022-41858
The CVE-2022-41858 entry concerns a NULL pointer dereference in the Linux kernel slip driver path, specifically detaching in sl_tx_timeout (drivers/net/slip/slip.c). The connected Astra Linux bulletin reiterates the same description for the Linux kernel 5.x variant, confirming the vulnerability i...
CVE-2022-42721
CVE-2022-42721 is a local, WLAN-frame–triggered vulnerability in the Linux kernel mac80211/BSS handling (linked-list corruption in net/wireless/scan.c; cfg80211_add_nontrans_list) affecting 5.1–5.19.x prior to 5.19.16. Exploitation could enable code execution via crafted frames; patches exist in ...
CVE-2023-26545
CVE-2023-26545 affects the Linux kernel’s MPLS implementation: a double-free in net/mpls/af_mpls.c can occur on allocation failure when renaming a device during sysctl table relocation, prior to kernel 6.1.13. The issue enables local exploitation with impact on availability (denial of service) as...
CVE-2019-19066
CVE-2019-19066 is a memory-leak issue in the Linux kernel: bfad_im_get_stats() in drivers/scsi/bfa/bfad_attr.c (up to 5.3.11) can leak memory and enable denial-of-service via repeated bfa_port_get_stats() failures. Affected component: Linux kernel bfad_attr/bfad_attr. Root cause is a memory leak ...
CVE-2021-26708
CVE-2021-26708 describes a local privilege-escalation in the Linux kernel prior to 5.10.13 caused by race conditions in AF_VSOCK (net/vmw_vsock/af_vsock.c) related to wrong locking during VSOCK multi-transport changes. The vulnerability can be exploited via use-after-free primitives in the vsock_...
CVE-2021-3744
CVE-2021-3744 is a memory-leak DoS in the Linux kernel: the flaw occurs in the ccp_run_aes_gcm_cmd() function (drivers/crypto/ccp/ccp-ops.c), allowing memory consumption-based denial of service. Connected advisories (Astra Linux and Amazon Linux 2 kernel updates) confirm the same root cause and n...
CVE-2021-3753
CVE-2021-3753 describes a race in the Linux kernel’s vt_k_ioctl() (vt_ioctl.c) that may cause an out-of-bounds read in vt as vc_mode write access is not protected by a lock. Impact is listed as data confidentiality; exploitation details are not provided in the supplied documents. Connected source...
CVE-2021-38205
CVE-2021-38205 affects the xilinx_emaclite driver in the Linux kernel. The vulnerability arises because the driver prints a real IOMEM/kernel pointer, which can aid attackers in bypassing ASLR and facilitate information disclosure. Affected state is Linux kernels before 5.13.3; remediation is to ...
CVE-2022-41222
CVE-2022-41222 : A use-after-free in mm/mremap.c of the Linux kernel (prior to 5.13.3) enables stale TLB access due to an rmap lock not being held during a PUD move. Impact is described as potential denial of service, memory corruption, privilege escalation, or information leak when a local user ...
CVE-2024-47685
In the Linux kernel, CVE-2024-47685 patches nf_reject_ipv6: nf_reject_ip6_tcphdr_put() could push garbage into the four reserved TCP bits (th->res1) per KMSAN. The fix clears the entire TCP header using skb_put_zero(), aligning with nf_reject_ip_tcphdr_put(). Connected Astra Linux bulletin rep...
CVE-2017-16939
CVE-2017-16939 affects the Linux kernel XFRM Netlink path. The use-after-free occurs in the XFRM dump policy code (net/xfrm/xfrm_user.c) when a crafted SO_RCVBUF setsockopt is used with XFRM_MSG_GETPOLICY, allowing a local attacker with CAP_NET_ADMIN to trigger a denial of service or potentially ...
CVE-2018-10880
CVE-2018-10880 is a Linux kernel/ext4 vulnerability: a stack-out-of-bounds write in ext4_update_inline_data() when mounting or writing to a crafted ext4 image, leading to a potential system crash and DoS. The issue originates from insufficient bounds checking in ext4’s handling of inline data dur...
CVE-2021-20321
CVE-2021-20321 is a race-condition vulnerability in the Linux kernel OverlayFS subsystem affecting how file renames are performed, potentially allowing a local attacker to crash the system via OverlayFS misuse. Connected advisories corroborate that the issue resides in OverlayFS file object handl...
CVE-2021-28972
CVE-2021-28972 affects the Linux kernel RPA PCI Hotplug driver (drivers/pci/hotplug/rpadlpar_sysfs.c) up to version 5.11.8. It is a user‑tolerable buffer overflow caused by improper handling of drc_name termination in add_slot_store/remove_slot_store, allowing userspace to write into the kernel s...
CVE-2022-1786
CVE-2022-1786 is a use-after-free in the Linux kernel io_uring subsystem triggered when a ring is set up with IORING_SETUP_IOPOLL and more than one task completes submissions on that ring. The consequence is local privilege escalation or a crash. Public details in connected documents confirm the ...
CVE-2019-19058
CVE-2019-19058 affects the Linux kernel, caused by a memory leak in alloc_sgtable() in drivers/net/wireless/intel/iwlwifi/fw/dbg.c. The leak can trigger memory exhaustion via alloc_page() failures, enabling a local attacker to cause DoS. The vulnerability is documented as present in kernel builds...
CVE-2022-42720
CVE-2022-42720 concerns the Linux kernel mac80211 WLAN stack. It describes refcounting bugs in multi-BSS handling that can trigger use-after-free when WLAN frames are injected, potentially enabling local code execution. Affected are kernel versions 5.1–5.19.x prior to 5.19.16; several distributio...
CVE-2024-50081
CVE-2024-50081 is confirmed in connected advisory: the Linux kernel vulnerability in blk-mq was due to race where q->tag_set may not be initialized when the cpuhp handler runs, triggering an oops. The MiracleLinux AXSA advisory (kernel 5.14.0-570.12.1.el9_6) explicitly lists CVE-2024-50081 and...
CVE-2016-0758
CVE-2016-0758 concerns an integer overflow in the Linux kernel’s ASN.1 DER decoder (lib/asn1_decoder.c) that could allow local privilege escalation. The Android 2016-10-05 bulletin documents this as a kernel ASN.1 decoder elevation-of-privilege issue with Critical severity, affecting Nexus device...
CVE-2018-10878
CVE-2018-10878 is confirmed in the Linux kernel ext4 filesystem. The connected Nessus advisories reference a local attacker mounting a crafted ext4 image to trigger an out-of-bounds write, leading to denial of service and potential other impacts. Unity Linux UTSA advisories (e.g., UTSA-2026-00113...
CVE-2018-1092
CVE-2018-1092 : Linux kernel ext4 mounting a crafted ext4 image can trigger a NULL pointer dereference in ext4_iget, causing denial of service. This vulnerability is confirmed in multiple advisories (e.g., Debian/Ubuntu RedHat CLIs) and is addressed by applying vendor kernel updates to fixed vers...
CVE-2020-36516
CVE-2020-36516 : Linux kernel (through 5.16.11) contains a flaw in the mixed IPID assignment method with a hash-based IPID policy that allows an off-path attacker to inject data into or terminate a victim’s TCP session. The issue affects the kernel’s TCP/IP handling and is documented in multiple ...
CVE-2023-33952
Summary (MODE C): CVE-2023-33952 is reported in an IBM Security Verified Governance (ISVG) context and affects IBM Security Verify Governance, Identity Manager software component and its virtual appliance, version 10.0.2. The entry states a double-free condition in handling vmw_buffer_object obje...
CVE-2023-37453
CVE-2023-37453: Linux kernel USB subsystem contains an out-of-bounds read in read_descriptors() within drivers/usb/core/sysfs.c, which can crash the system when handling a crafted USB device. The connected documents provide description and impact but do not specify a public patch/version. Monitor...
CVE-2023-52340
The CVE concerns the Linux kernel IPv6 implementation (net/ipv6/route.c) where a max_size threshold can be exhausted, enabling a denial-of-service condition (network is unreachable) when IPv6 packets loop via a raw socket. Affected: Linux kernel versions prior to 6.3. Impact is denial of service ...
CVE-2023-52443
CVE-2023-52443 affects the Linux kernel AppArmor parser. A packed profile containing a name like ":samba-dcerpcd" can be treated as only a namespace, causing tmpname to be NULL while tmpns remains non-NULL, which leads to a NULL dereference in aa_alloc_profile during unpack_profile/a a_unpack pat...
CVE-2023-6535
CVE-2023-6535 affects the Linux kernel NVMe driver. A crafted TCP packet sequence over NVMe over TCP may cause a NULL pointer dereference in the NVMe driver, leading to a kernel panic and denial of service. Connected documents confirm the same vulnerability text and its presence in multiple advis...
CVE-2024-50085
No further technical details about CVE-2024-50085 are provided in the connected Astra Linux bulletin or Nessus entries. Public details are limited to the initial description; monitor for vendor advisories and kernel patches for affected components.
CVE-2019-11191
The CVE-2019-11191 entry describes a local ASLR bypass in the Linux kernel (up to 5.0.7) when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded. The vulnerability arises because install_exec_creds() is invoked too late in load_aout_binary() (fs/binfmt_aout.c), creating a race in ptrace_may_acce...
CVE-2020-11884
CVE-2020-11884 affects the Linux kernel on s390x (versions 4.19–5.6.7). The issue is a race in enable_sacf_uaccess (arch/s390/lib/uaccess.c) that fails to protect against a concurrent page table upgrade (CID-3f777e19d171), potentially allowing code execution or a crash. The initial documents do n...
CVE-2022-24448
CVE-2022-24448 affects the Linux kernel’s NFS path: in fs/nfs/dir.c, if an application opens a regular file with O_DIRECTORY set, nfs_atomic_open() does a regular lookup and returns uninitialized data in the file descriptor when a regular file is found instead of ENOTDIR. This issue is documented...
CVE-2018-18445
CVE-2018-18445 affects the Linux kernel in 4.14.x–4.18.x; prior to 4.18.13, the BPF verifier’s adjust_scalar_min_max_vals mishandles 32-bit right shifts, enabling out-of-bounds memory accesses. Several advisories confirm the issue and reference the fix in 4.18.13 (and backported patches for earli...
CVE-2018-7566
CVE-2018-7566 is confirmed in the Connected documents as a Linux kernel 4.15 vulnerability. It describes a buffer overflow in ALSA/seq handling: an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write to /dev/snd/seq can be triggered by a local user. The affected component is the kernel’s sound/ALSA subsy...
CVE-2020-25639
CVE-2020-25639: A NULL pointer dereference in the Linux kernel’s GPU Nouveau driver (prior to 5.12-rc1) via DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC allows local users to crash the system. Affected: Linux kernel/Nouveau driver; Root cause: NULL pointer dereference in channel allocation path; Impact: local...
CVE-2021-20177
CVE-2021-20177: Linux kernel flaw in string matching for packets; a privileged user (root or CAP_NET_ADMIN) inserting iptables rules can trigger a kernel panic. Affected kernels before 5.5-rc1. Mitigation is to apply a patch/upstream fix (5.5-rc1 or newer).
CVE-2023-44466
CVE-2023-44466 is described as a Linux kernel issue in net/ceph/messenger_v2.c (before 6.4.5) with a signedness error that enables a buffer overflow and remote code execution via HELLO or AUTH frames, caused by an untrusted length from a TCP packet in ceph_decode_32. The Connected documents reite...
CVE-2024-43907
CVE-2024-43907 relates to Linux kernel: in the DRM AMDGPU driver, a null pointer could be dereferenced in drm/amdgpu/pm during apply_state_adjust_rules. The fix adds a pointer check to avoid dereferencing NULL, addressing a potential crash. The initial description shows a concrete fix for null de...
CVE-2024-50067
CVE-2024-50067 relates to the Linux kernel, where a vulnerability in upstream probing (uprobe) could cause an out-of-bounds memory access when fetching arguments for tracing. The issue arises because data may be larger than the per-CPU buffer size (a page), and store_trace_args() may not detect d...
CVE-2017-17805
CVE-2017-17805 affects the Linux kernel prior to 4.14.8. The Salsa20 cipher implementation (crypto/salsa20_generic.c and arch/x86/crypto/salsa20_glue.c) mishandles zero-length inputs, allowing a local attacker to use the AF_ALG-based skcipher interface to trigger uninitialized memory free and ker...