14105 matches found
CVE-2022-50451
CVE-2022-50451 involves a memory leak in the Linux kernel’s ntfs3 module, specifically in the ntfs_fill_super() error path. The provided documents consistently describe a bug where an unreferenced kmemleak object is leaked during mounting, traced to the error handling path of ntfs_fill_super(). T...
CVE-2022-50453
CVE-2022-50453 affects the Linux kernel (gpiolib: cdev). The vulnerability arises from NULL-pointer dereferences when userspace can trigger GPIO syscalls on a hot-unplugged GPIO device, allowing races where a device is removed after a NULL check. The fix partially mitigates by verifying gdev->...
CVE-2022-50461
CVE-2022-50461 affects the Linux kernel net: ethernet: ti: am65-cpsw driver. The root cause was PM runtime leakage in am65_cpsw_nuss_ndo_slave_open(), due to an omitted pm_runtime_put() on error paths. The vulnerability has been resolved in the kernel by ensuring pm_runtime_put() is issued in the...
CVE-2022-50481
CVE-2022-50481 pertains to the Linux kernel; the issue is a potential null pointer dereference in cxl_guest_init_afu|adapter() when device_register() fails in cxl_register_afu|adapter(). The error path could dereference a removed-but-not-added device unless the reference is properly released. The...
CVE-2022-50489
CVE-2022-50489 : In the Linux kernel, the drm/mipi-dsi subsystem detaches devices when removing the host. The mitigation: the vulnerability is resolved by fixes in the kernel’s host unregister path (mipi_dsi_host_unregister), which previously could unregister devices without detaching them from t...
CVE-2022-50493
CVE-2022-50493 is a Linux kernel vulnerability affecting the qla2xxx SCSI path. The issue caused a crash during CPU hotplug when an I/O abort timed out, where completion could be invoked without confirming the I/O’s completion. The advisory fixes to ensure I/O and abort requests are still outstan...
CVE-2022-50498
CVE-2022-50498 : In the Linux kernel, the alx ethernet driver vulnerability stems from not taking the rtnl_lock during resume, allowing an rtnl assertion to trip in net/core/dev.c when reopening on resume. The issue is localized to the alx driver’s suspend/resume path and is triggered during devi...
CVE-2022-50520
CVE-2022-50520 affects the Linux kernel's DRM Radeon path, where radeon_atrm_get_bios() leaked a PCI device refcount due to a missing pci_dev_put() when breaking the loop. The issue arises because pci_get_class() may return a pci_device with a retained reference, and if the loop is exited with pd...
CVE-2022-50528
CVE-2022-50528 affects the Linux kernel (drm/amdkfd) with a memory leak and potential segfault in _gpuvm_import_dmabuf(). A patch fixes memory leakage and segfaults. The CVSS 3.1 vector indicates a Local attack with Low complexity and Low privileges required, impacting Availability (High) while C...
CVE-2022-50535
CVE-2022-50535 affects the Linux kernel DRM/AMD display code. It is a potential NULL pointer dereference in dm_resume within drm/amd/display, caused by assuming 'aconnector->dc_link' is non-null. The fix adds a null check at the loop's start to avoid dereferencing a NULL dc_link. Reported CVSS...
CVE-2022-50540
CVE-2022-50540 affects the Linux kernel’s dmaengine qcom-adm driver. The root cause is a faulty slave_config implementation that compared peripheral_size against the size of the config pointer instead of the config struct, causing the crci value to be ignored and potentially triggering a kernel p...
CVE-2022-50547
The CVE affects the Linux kernel, specifically the solo6x10 driver’s solo_sysfs_init() path. When device_register() errors during initialization, memory allocated by dev_set_name() was not freed, leading to a memory leak. The fix, implemented in the upstream kernel and reflected in related adviso...
CVE-2022-50553
CVE-2022-50553 : In the Linux kernel tracing hist code, an out-of-bounds write occurs in action_data.var_ref_idx when synthesizing events with many params (n_params up to SYNTH_FIELDS_MAX) and a smaller TRACING_MAP_VARS_MAX caused writes beyond the array. The issue is fixed by enlarging data->...
CVE-2023-53167
CVE-2023-53167: In the Linux kernel, tracing_err_log_open() can dereference file->private_data if opened with write permissions and then lseek is used, causing a kernel panic via mutex_lock -> seq_lseek. A fix was applied to tracing: Fix null pointer dereference in tracing_err_log_open() fo...
CVE-2023-53177
CVE-2023-53177 affects the Linux kernel, specifically the media: hi846 driver, where pm_runtime_get_if_in_use() can return -EAGAIN during system resume, risking a refcount underflow after a subsequent pm_runtime_put(). The issue is mitigated by the patch that fixes system-resume handling for -EAG...
CVE-2023-53274
Technical details about CVE-2023-53274 are not provided in the connected documents; no product/vendor/version specifics or exploit information are included. Monitor for updates.
CVE-2023-53395
The CVE-2023-53395 entry refers to ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer. The issue arises from ASL Timer instructions that require no argument; without AML_NO_OPERAND_RESOLVE, interpreting the Timer instruction could produce an error, and the fix adds AML_NO_OPERAND_RESOLVE to the Tim...
CVE-2023-53448
CVE-2023-53448 is a Linux kernel issue in fbdev/imxfb where an unnecessary release_mem_region was removed on the error path to prevent releasing the mem region twice, which could lead to a resource leak or other issues. The connected advisories confirm that the Linux kernel has been updated to ad...
CVE-2023-53453
The CVE-2023-53453 issue affects the Linux kernel’s Radeon driver (drm/radeon/atombios) where iio objects allocated during atom_index_iio() were not freed on driver shutdown, causing a kmemleak reference and a potential leak. The fix releases the iio in radeon_atombios_fini() to prevent the kmeml...
CVE-2023-53457
CVE-2023-53457 : In Linux kernel, JFS txBegin can NULL-deref when called on a read-only superblock; fix adds a read-only filesystem check before txBegin and returns an appropriate error code. Exploitation status and exact patch details beyond this description are not provided in the supplied docu...
CVE-2023-53460
CVE-2023-53460 describes a memory-leak in the Linux kernel wifi driver rt w88 (rtw_usb_probe) in drivers/net/wireless/realtek/rtw88/usb.c:876, where an allocated hw structure may not be released on a path, reported as the line 811 release issue. The root cause is a leak in the USB probe path (rtw...
CVE-2023-53461
CVE-2023-53461 pertains to the Linux kernel’s io_uring exit path. The vulnerability comes from io_ring_exit_work, invoked by kworker, waiting on request completions in a way that could interact with signal handling. The patch changes the wait state from TASK_UNINTERRUPTIBLE to TASK_INTERRUPTIBLE ...
CVE-2023-53463
CVE-2023-53463 relates to the Linux kernel ibmvnic driver. The bug occurs when a NON_FATAL reset is performed: batched skb (xmit) data increments num_queued but not fully accounted for until the batch is sent, causing a mismatch where num_completed can exceed num_queued, which triggers a kernel B...
CVE-2023-53506
CVE-2023-53506 : Linux kernel udf merging long extents. The merge logic that pushes as much length as possible to the first extent caused risk of extents corruption; the patch resolves the behavior by not merging overly long extents. Reported impact is high (local attack, no user interaction) wit...
CVE-2023-53540
CVE-2023-53540 covers a Linux kernel wifi issue in cfg80211 where a station will reject auth/assoc to an AP if the AP uses the station’s own address as MLD address or BSSID. The advisory states this should be rejected to avoid a later failure, with impact described as a high availability risk but...
CVE-2023-53542
The CVE-2023-53542 issue affects the Linux kernel (ARM/Exynos) where the MIPI video PHY support for Exynos5420 was not using the correct Exynos5420 compatible, leading to a kernel panic. The description states that the fix is to use the proper compatible for Exynos5420, effectively patching the d...
CVE-2023-53557
CVE-2023-53557 is a Linux kernel local vulnerability in fprobe where the rethook release could race with unregistration of ftrace_ops, potentially triggering a general protection fault during bpf selftests. The root cause is releasing fp->rethook while users on other CPUs may still be executin...
CVE-2023-53563
CVE-2023-53563 relates to the Linux kernel amd-pstate-ut driver. The root cause is that after calling amd_pstate_ut_check_perf() and amd_pstate_ut_check_freq(), the code uses cpufreq_cpu_get() to obtain the CPU policy but fails to release it with cpufreq_policy_put, causing the policy to remain b...
CVE-2023-53574
CVE-2023-53574 affects the Linux kernel wifi/rtw88 driver. The issue arises when unloading the driver, where the TX purge timer is not properly deleted and the C2H queue is not freed, risking a crash and a memory leak. The documented root cause is improper cleanup in the rtw_core_deinit() path, w...
CVE-2023-53575
In CVE-2023-53575, the Linux kernel wifi driver (iwlwifi, mvm) fixes a potential array out-of-bounds access by accounting for IWL_SEC_WEP_KEY_OFFSET when verifying key_len in iwl_mvm_sec_key_add(). The fix is implemented in the kernel code referenced in the stable commits: https://git.kernel.org/...
CVE-2023-53576
CVE-2023-53576 affects the Linux kernel’s null_blk driver. The patch ensures queue mode is always validated from configfs by checking queue_mode in null_validate_conf() and returning an error for NULL_Q_RQ to prevent a NULL I/O path OOPs when queue_mode is set to 1. Reproduction steps are provide...
CVE-2023-53584
CVE-2023-53584 pertains to the Linux kernel ubifs_releasepage path, where an assertion ubifs_assert(0) can fail during page release, potentially triggering UBIFS read-only mode and faulting I/O. Public docs show this was fixed in vendor-specific patches: Root:Ubuntu-22.04 advised patches (ROOT-OS...
CVE-2023-53587
The CVE-2023-53587 issue is in the Linux kernel ring-buffer handling where IRQ work can run after the ring buffer is destructed. The vulnerability description shows a use-after-free path in irq_work_run_list (KASAN report) when data is written to the buffer just before destruction, potentially le...
CVE-2023-53594
CVE-2023-53594 is a Linux kernel driver-core resource leak in device_add(): if kobject_add() fails, dev->kobj.parent is set to NULL, causing a leak in resource cleanup and potentially insmod failure for mac80211_hwsim. The initial description and EulerOS/SUSE advisories confirm the vulnerabili...
CVE-2023-53601
CVE-2023-53601 is a Linux kernel vulnerability in the bonding driver where code could assume skb_mac_header is set in ndo_start_xmit, risking invalid skb handling. The fixed description states that skb->data is sufficient and bonding must not rely on mac_header. Concrete details appear in conn...
CVE-2023-53603
CVE-2023-53603 affects the Linux kernel SCSI QLA2XXX path. The issue is a potential NULL pointer dereference where a fcport pointer may be dereferenced if sa_ctl is NULL and fcport is allocated after an exit path. The documented fix is to exit the routine when sa_ctl is NULL, preventing the NULL ...
CVE-2023-53604
CVE-2023-53604: In the Linux kernel, the dm_integrity component may leak journal_io_cache if dm_register_target() fails due to an error path that calls kmem_cache_destroy() in dm_integrity_init(). This root cause is documented in the initial report as a resolution for the leak in journal_io_cache...
CVE-2023-53615
CVE-2023-53615 : In the Linux kernel, a race in the qla2xxx SCSI session deletion path could allow a session to be queued for deletion twice, leading to a link-list corruption and a system crash when using a debug kernel. The root cause is double-queuing of the same port for deletion on different...
CVE-2023-53619
Summary (CVE-2023-53619): Linux kernel netfilter conntrack may use a freed nf_ct_helper_hash when nf_conntrack_init_start() fails and nf_conntrack_helpers_register() runs later, leading to a use-after-free and potential memory corruption. The issue occurs on builds with NF_CONNTRACK enabled and c...
CVE-2023-53671
The CVE-2023-53671 issue affects the Linux kernel and is tied to SRCU behavior: when using SRCU_SIZE_SMALL, code assumed CPU 0 is always online. If a different CPU is the boot CPU (e.g., kdump with maxcpus=1), the system can hang, as observed on PowerPC where long task hangs were reported. The ro...
CVE-2023-53677
CVE-2023-53677 is associated with a Linux kernel issue in the drm/i915 area. The affected component is the i915 selftests code path, where the patch fixes memory leaks on error escapes in function fake_get_pages (cherry-picked from a kernel commit). The vulnerability was resolved in the kernel, a...
CVE-2025-38667
CVE-2025-38667 relates to the Linux kernel iio path, where a potential out-of-bounds write occurred when writing to a 20-character buffer. The fix adds a size check to ensure input fits the buffer and appends a zero terminator after copying the data, preventing OoB access. Impact is described as ...
CVE-2025-39740
The CVE-2025-39740 entry concerns a Linux kernel vulnerability in the DRM XE migration path. It describes a potential use-after-free (UAF) scenario if a fence_wait is performed after the previous fence has already been put(), on the error path. The fix changes the control flow so that the put() i...
CVE-2025-39769
The CVE refers to a Linux kernel issue in the bnxt_en driver where a lockdep warning could trigger during rmmod (bnxt_remove_one) due to an assertion on the netdev lock. The fix adds netdev_assert_locked_or_invisible() in bnxt_free_ntp_fltrs() so the assertion does not fire if the netdev is alrea...
CVE-2025-39777
The CVE-2025-39777 entry concerns the Linux kernel crypto: acomp component, where a control flow integrity (CFI) failure was caused by type punning. The issue could lead to a crash when CFG is enabled. The documented fix uses a consistent type for the workspace free function and ensures it is inv...
CVE-2025-39802
CVE-2025-39802 affects the Linux kernel’s poly1305 implementation (lib/crypto: arm/poly1305). The root cause is register corruption when SIMD is unusable; the patch restores a cheap SIMD usability check (may_use_simd) that was removed by a prior commit and ensures poly1305 code behaves safely rat...
CVE-2025-39803
CVE-2025-39803 affects the Linux kernel in the SCSI/UFShCD UFS path. The vulnerability arises from a warning path in the UIC command completion: when the UIC completion interrupt is re-enabled mid-processing, an interrupt could trigger and hit WARN_ON_ONCE(!cmd). The fix is a patch that removes t...
CVE-2025-39814
In CVE-2025-39814, the Linux kernel ice driver contains a NULL pointer dereference when resetting a device without RDMA support. Specifically, ice_unplug_aux_dev() dereferences pf->cdev_info->adev, and pf->cdev_info may be NULL, leading to a crash during reset described in the trace. A f...
CVE-2025-39837
The CVE-2025-39837 entry concerns the Linux kernel, specifically the platform/x86 asus-wmi subsystem. The issue stems from racey driver registrations where asus_wmi_register_driver() could be invoked concurrently by multiple drivers, causing unsafe list operations and potential memory corruption ...
CVE-2025-39894
CVE-2025-39894 affects the Linux kernel netfilter bridge path (br_netfilter) specifically br_nf_local_in(). The issue arises when a broadcast packet to a tap device added to a bridge triggers br_nf_local_in() to confirm a conntrack; if another conntrack with the same hash is added, a warning may ...