14095 matches found
CVE-2022-50514
CVE-2022-50514 concerns the Linux kernel’s usb gadget f_hid path. The vulnerability arises from a refcount leak on the error path when report_desc allocation fails: opts->refcnt has already been incremented and must be decremented to avoid leaving the options structure permanently locked. The ...
CVE-2022-50517
CVE-2022-50517 relates to the Linux kernel THP handling in mm/huge_memory, where a swap page entry (swp_entry_t) could be clobbered during THP split if the head page wasn’t swapped, a bug identified and fixed by the commit b653db77350c. Affected behavior was observed under stress-ng mmap workload...
CVE-2022-50519
CVE-2022-50519 relates to the Linux kernel nilfs2 checkpoint handling. The affected code path was: checkpoint acquisition/finalization may trigger kernel WARN_ONs for anomalies in on-disk checkpoint metadata. The patch replaces WARN_ONs with nilfs_error, so a kernel booted with panic_on_warn no l...
CVE-2022-50526
Summary of CVE-2022-50526 : In the Linux kernel, the drm/msm/dp bridge handling was fixed to prevent memory corruption when there are more than eight bridges. The root cause was a missing sanity check on the bridge counter, which could corrupt data beyond the fixed-sized bridge array. The fix add...
CVE-2022-50536
CVE-2022-50536 affects the Linux kernel’s BPF sockmap path. In tcp_bpf_send_verdict() redirection, the eval variable is set to __SK_REDIRECT after sending apply_bytes data; if msg.has_more_data, sock_put() can be called multiple times, risking a use-after-free via refcount misuse. The issue is fi...
CVE-2022-50542
CVE-2022-50542 affects the Linux kernel media/si470x driver. A use-after-free occurs in si470x_int_in_callback() when urb->context (holding a si470x_device) is freed if si470x_start_usb() has submitted a URB but the subsequent si470x_start() path fails. The fix ensures URBs are destroyed when ...
CVE-2022-50554
CVE-2022-50554 affects the Linux kernel's blk-mq subsystem. The vulnerability arises from a race around IO request queuing, where an in-flight ->queue_rq() may be double-called due to an timeout occurring after blk_mq_start_request() but before completion, potentially causing a kernel panic. T...
CVE-2023-53163
CVE-2023-53163 affects the Linux kernel NTFS-3 driver: a deadlock occurs when ntfs_truncate() calls truncate_setsize() while holding ni_lock, due to interaction with PG_locked set by filemap_update_page() -> filemap_read_folio() after folio_trylock(). This can cause a hung task (do_user_addr_f...
CVE-2023-53165
CVE-2023-53165 is a Linux kernel vulnerability in the UDF filesystem code. The issue is an uninitialized array read in the UDF charset conversion when processing filenames that begin with a dot and are 2–5 characters long, which can cause the output name to be prepended with a “unification hash” ...
CVE-2023-53193
CVE-2023-53193 – Linux kernel (amdgpu): The issue is in the drm/amdgpu driver, specifically gmc_v10_0_hw_fini calling amdgpu_irq_put. The firmware enables gmc.ecc_irq and the host driver is not privileged to enable/disable it, making amdgpu_irq_put in gmc_v10_0_hw_fini meaningless and causing a c...
CVE-2023-53201
CVE-2023-53201: In Linux kernel RDMA/bnxt_re, the producer index for the mailbox could wrap around incorrectly; when the 0x80000000 bit (bit 31) was set after long runtimes, the FW could enter initialization and hang. The fix is to wrap the mbox producer index at u16 max instead of allowing u32 w...
CVE-2023-53215
CVE-2023-53215 affects the Linux kernel sched/fair component. The issue occurs when the load balancer tries to migrate a task that is migration-disabled to its current CPU, triggering a warning in set_task_cpu() during balance. The root cause is how the new_dst_cpu is selected from env->dst_gr...
CVE-2023-53238
In MODE C: The CVE-2023-53238 issue affects the Linux kernel’s Hisilicon Inno PHY code. The flaw is an out-of-bounds write in the probe path: priv->ports[] has size INNO_PHY_PORT_NUM, but the loop uses i with a comparison that allows i == INNO_PHY_PORT_NUM; this requires the check to be i >...
CVE-2023-53244
In Linux kernel, the media: pci: tw68 driver vulnerability CVE-2023-53244 fixes a null pointer dereference in buffer handling: if dma_alloc_coherent fails during tw68_risc_buffer(), buf->cpu may be null and later accesses/free could crash. The fix adds checks on the return value of tw68_risc_b...
CVE-2023-53260
Technical details for CVE-2023-53260 are not publicly available in the provided documents; monitor for updates.
CVE-2023-53265
CVE-2023-53265 : In the Linux kernel, the ubi code fixes a slab out-of-bounds condition by ensuring that the VID header offset plus VID header size does not exceed the allocation. The advisory indicates a KASAN slab-OOB read in crc32 paths during VID header handling, with the fix preventing write...
CVE-2023-53267
The CVE-2023-53267 issue affects the Linux kernel driver for Xilinx SoC where memory allocated for cb_data in xlnx_add_cb_for_notify_event() could leak if kfree() is not invoked on allocation failure. The connected documents confirm a fix was applied to ensure kfree() is called to prevent leaks. ...
CVE-2023-53295
CVE-2023-53295 affects the Linux kernel, specifically the UDF module. The issue occurs when writing to inline files fails (or is only partially successful); the kernel wrongly updates the file length as if the entire write had succeeded. Root cause: updating length of inline data on failed writes...
CVE-2023-53328
Technical details for CVE-2023-53328 are not present in the provided documents. Public details, affected products, and fixes are not disclosed here. Monitor for updates from SUSE/NVD and related advisories.
CVE-2023-53329
The CVE-2023-53329 entry concerns a data race in the Linux kernel workqueue code (pwq->stats[] increment) reported by KCSAN. The vulnerability involves concurrent writes/reads to pwq->stats entries inside process_one_work, traced to kernel/workqueue.c:2598–2606, and is mitigated by moving t...
CVE-2023-53455
CVE-2023-53455 concerns the Linux kernel DRM vc4 deadlock: vc4_hdmi_reset_link() returning -EDEADLK may deadlock in the locking context. The accepted fix is to drop held locks and back off using drm_modeset_backoff(), per the cited kernel DRM-KMS guidance. The vulnerability entry provides example...
CVE-2023-53459
CVE-2023-53459 relates to the Linux kernel vulnerability HID: mcp-2221, which can cause a use-after-free in delayed work if a device is unplugged before mcp_init_work() completes. The issue is addressed by cancel_delayed_work_sync, which prevents the delayed_work item from requeueing. Affected co...
CVE-2023-53462
CVE-2023-53462 affects the Linux kernel with the HSR driver. The issue was an uninitialized value access in fill_frame_info() that could occur during VLAN handling. The provided fix states that VLAN (ETH_P_8021Q) is not yet supported by the hsr driver and instructs returning an error from fill_fr...
CVE-2023-53484
CVE-2023-53484 affects the Linux kernel’s cpu_rmap logic. The vulnerability arises in the lib: cpu_rmap path where, if irq_set_affinity_notifier() is called with a NULL notify, the glue pointer in the corresponding rmap->obj array entry is freed but the pointer remains non-null. A subsequent f...
CVE-2023-53496
CVE-2023-53496 – In the Linux kernel, the UV (socketnode lookup) code loops over CPUs to build socket tables; when nr_cpus is less than actual CPUs, cpu_to_node() data for unused CPUs is missing, leading to -1 entries and potential oops. The fix replaces the CPU-loop with a loop over APICIDs mapp...
CVE-2023-53505
CVE-2023-53505 concerns the Linux kernel: a memory leak in the clk: tegra: tegra124-emc path where the tegra resources allocated in error paths were not freed, leading to leaks. The vulnerability is in the error handling path for freeing the tegra resources; the fix is described as resolving the ...
CVE-2023-53509
CVE-2023-53509 : In the Linux kernel qed_mcp_trace_dump() path, the code previously slept due to a 10µs-delayed loop in qed_mcp_cmd_and_union() which can spin up to 500k iterations, potentially blocking a thread for several seconds. The vulnerability description states that sleeping is permitted ...
CVE-2023-53511
The CVE-2023-53511 entry corresponds to a Linux kernel issue in the io_uring flow where fget() leaked when a filesystem (ocfs2) does not support nowait buffered reads. Root cause: during io_issue_sqe, the path io_assign_file → io_read → io_iter_do_read → ocfs2_file_read_iter can lead to a leak wh...
CVE-2023-53517
The CVE-2023-53517 vulnerability is in the Linux kernel TIPC mtu negotiation logic. When a peer sends an Activate message with a very small mtu (e.g., 4), tipc_link_proto_rcv() can set l->mtu to 4 and then n->links[bearer_id].mtu to 4294967228, causing an overflow in tipc_link_mss(). This c...
CVE-2023-53529
CVE-2023-53529 : In the Linux kernel, the wifi driver stack (rtw88) had a memory leak in the USB probe path (rtw_usb_probe) that can leak memory via a kmemleak-detected allocation during USB device init. The leak is tied to a 512-byte allocation in the usb probe routine and was verified as real w...
CVE-2023-53530
CVE-2023-53530 details a Linux kernel issue in the qla2xxx SCSI driver: code path using smp_processor_id() in preemptible work leads to a bug trace. The patch replaces smp_processor_id() with raw_smp_processor_id() and updates driver scheduling to queue_work() (instead of queue_work_on()) to avoi...
CVE-2023-53537
Summary: CVE-2023-53537 concerns a Linux kernel F2FS use-after-free involving a cached IPU bio. Root cause: after cp_error is set, f2fs_submit_merged_ipu_write() failed to validate the bio parameter in f2fs_write_single_data_page(), leading to submission of a random cached bio from another IO con...
CVE-2023-53538
CVE-2023-53538 affects the Linux kernel via a race in btrfs tree modification log rewind that can lead to a kernel NULL pointer dereference and potential crash. The issue arises during logical inode resolution as a tree mod log rewind processes a sequence of moves/removes/adds and may overwrite m...
CVE-2023-53539
The CVE-2023-53539 entry refers to a Linux kernel issue in RDMA/rxe (rxe_requester) where the state save/restore missed part of the wqe’s DMA state, causing corruption of DMA state on packet resend after an IP-drop. The fix corrects how the wqe and DMA struct state are saved/restored, enabling sa...
CVE-2023-53545
Summary: CVE-2023-53545 is a Linux kernel AMDGPU VM management issue. The root cause was improper handling of VM bo_va unmapping/removal: the Root PD BO was not reserved before unmapping/removing a bo_va from the VM, which could trigger a lockdep warning. The patch adds a guard by ensuring fpriv-...
CVE-2023-53558
CVE-2023-53558 affects the Linux kernel. Details from the initial document show a bug in rcu-tasks: pr_info() was called while holding rtp->cbs_gbl_lock, which could sleep and trigger a BUG; the vulnerability is resolved by moving pr_info() so it runs without the lock. The patch is described a...
CVE-2023-53567
CVE-2023-53567 – Linux kernel : The issue affects the kernel SPI QUP driver. The root cause is returning early from a platform driver’s remove callback, which prevents releasing DMA resources in the error path, causing a permanent resource leak. The fix ensures proper cleanup by not skipping hard...
CVE-2023-53570
CVE-2023-53570 is a Linux kernel local-privilege issue in the wireless stack. The vulnerability arises from nl80211_parse_mbssid_elems() using an unsigned 8-bit counter (num_elems) to track MBSSID elements, which can overflow when a userspace nl80211 attribute specifies 256 or more elements. This...
CVE-2023-53573
CVE-2023-53573 affects the Linux kernel (clk: rs9) and was resolved by enabling the flat cache again during suspend/resume. The issue occurred when disabling the cache in the commit for clk: rs9: Fix I2C accessors without removing cache synchronization in the resume path, causing a kernel panic b...
CVE-2023-53590
CVE-2023-53590 affects the Linux kernel SCTP scheduler code. The root cause was a missing reference counter in sctp_stream_priorities, which could cause a nested loop when freeing a stream priority (potential heavy CPU usage). The advisory notes that a refcnt is now added in sctp_stream_prioritie...
CVE-2023-53591
CVE-2023-53591 affects the Linux kernel’s mlx5e offload path. The issue is a deadlock in the tc route query code when peer flows are created while holding the devcom rw semaphore. The patch refactors the code for lockless execution by making the devcom data pointer RCU-friendly, wrapping the pair...
CVE-2023-53600
CVE-2023-53600 relates to the Linux kernel, where a KASAN slab-out-of-bounds condition could occur when the kernel emits an ICMP error in response to a nonlinear skb in tunnels (e.g., VXLAN PMTU path). The root cause is that ip_compute_csum() cannot handle nonlinear skbs, leading to a read of siz...
CVE-2023-53608
CVE-2023-53608 affects the Linux kernel nilfs2 subsystem. The issue is a potential use-after-free in nilfs_segctor_thread() where finalization can race with nilfs_segctor_kill_thread() terminating the thread, possibly freeing the nilfs_sc_info structure before the notification occurs. The race ha...
CVE-2023-53614
Summary: CVE-2023-53614 affects the Linux kernel in the mm/ksm path, where exit_mmap() may teardown VMAs and the maple tree while mmap_lock is held, risking a destroyed maple tree being dereferenced. The fix ensures maple tree validity by checking ksm_test_exit() after obtaining mmap_lock in read...
CVE-2023-53625
CVE-2023-53625 : In the Linux kernel, the vgpu debugfs cleanup path for drm/i915/gvt could dereference a null or destroyed debugfs root while destroying a virtual GPU, causing a kernel NULL pointer dereference and an oops. The issue occurs in remove paths where the drm minor’s debugfs root may al...
CVE-2023-53627
CVE-2023-53627 affects the Linux kernel SCSI HISI SAS path. Root cause: concurrency on sas_dev.list during slot completion/deregistration can trigger a NULL pointer dereference. The fix is to grab the sas_dev lock when traversing sas_dev.list in dereg_device_v3_hw() and in hisi_sas_release_tasks(...
CVE-2023-53676
The CVE-2023-53676 vulnerability affects the Linux kernel’s iSCSI target (lio_target_nacl_info_show) where printf-style buffer handling in a loop could overflow a configfs buffer. Root cause: sprintf() used without bounds checking for each iSCSI connection, enabling memory corruption with many co...
CVE-2025-39708
CVE-2025-39708 affects the Linux kernel media: iris component; the issue is a potential NULL pointer dereference in iris_hfi_gen2_handle_system_error where an argument could be null. The fix adds a null check before accessing members. Base CVSS v3.1 is 5.5 (MEDIUM), with local attack vector and l...
CVE-2025-39733
CVE-2025-39733 affects the Linux kernel where the issue centers on protecting the team network device. The root cause is ordering issues with lower instance locks and the team lock; the fix switches to using the rtnl lock (as done for bonding) to guard the team device, based on a patch by Tetsuo ...
CVE-2025-39771
The CVE-2025-39771 entry concerns the Linux kernel regulator driver pca9450. The issue arises in the pca9450_restart handling during module probe, where a notifier callback is already registered, leading to a kernel dump if not managed. The documented remediation is to use devm_register_sys_off_h...