CVE-2011-4127

The CVE-2011-4127 entry is supported by connected advisory data that details the vulnerability in the Linux kernel prior to 3.2.2. Affected component: SG_IO ioctl handling in the kernel (SG_IO ioctls not properly restricted). Root cause: insufficient restriction of SG_IO commands, allowing a loca...

CVE-2023-1382

The CVE-2023-1382 issue is a data race in the Linux kernel TIPC path where con is allocated before con->sock is set, causing a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c. This is a local vulnerability with MEDIUM severity (CVSS 4.7). The connected document...

CVE-2023-1989

CVE-2023-1989 affects the Linux kernel, in particular the bluetooth driver path drivers/bluetooth/btsdio.c, function btsdio_remove. A call to btsdio_remove with an unfinished job can create a race condition that leads to a use-after-free (UAF) on hdev devices. Connected Astra Linux bulletin mirro...

CVE-2016-6197

CVE-2016-6197 affects the OverlayFS implementation (fs/overlayfs/dir.c) in the Linux kernel before 4.6. The flaw allows a local user to cause a denial of service (system crash) by a rename that specifies a self-hardlink, due to incomplete verification of the upper dentry during unlink/rename. Exp...

CVE-2020-15437

CVE-2020-15437 affects the Linux kernel up to version 5.7.x, where a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() can be triggered by an uninitialized p->serial_in, enabling local denial of service. Affected component: kernel serial driver (8250) ...

CVE-2020-28915

CVE-2020-28915 is a Linux kernel vulnerability in the fbcon framebuffer code, where a buffer over-read before 5.8.15 could allow a local attacker to read kernel memory. The issue is caused by improper bounds handling in the framebuffer font-related path used by fbcon. Affected fix: upstream patch...

CVE-2021-38201

The CVE affects the Linux kernel, specifically net/sunrpc/xdr.c, where an out-of-bounds slab access (xdr_set_page_base) could be triggered by many NFS 4.2 READ_PLUS operations, allowing remote denial-of-service. Affected: Linux kernel versions prior to 5.13.4. Root cause: slab-out-of-bounds acces...

CVE-2022-49731

CVE-2022-49731 affects the Linux kernel’s ata_libata-core. The flaw is a NULL pointer dereference in ata_host_alloc_pinfo() if the ppi array starts with NULL, causing a kernel oops. The fix initializes the local pi variable to &ata_dummy_port_info to prevent the oops. This vulnerability is addres...

CVE-2023-52821

CVE-2023-52821 affects the Linux kernel’s DRM panel code. In versatile_panel_get_modes(), the return value of drm_mode_duplicate() can be NULL on failure and is not checked, causing a NULL pointer dereference. The fix adds a check to prevent NP dereference. The vulnerability is local and may cras...

CVE-2018-16882

CVE-2018-16882 is a use-after-free in the Linux kernel KVM hypervisor when handling posted interrupts with nested virtualization. In nested_get_vmcs12_pages(), an error while processing the posted interrupt address can leave pi_desc_page unmapped without resetting the pi_desc descriptor, which is...

CVE-2018-5333

This CVE affects Linux kernel up to 4.14.13, specifically the rds_cmsg_atomic() path in net/rds/rdma.c. The root cause is that rm->atomic.op_active is not cleared, causing rds_atomic_free_op() to dereference a null page link via set_page_dirty(), leading to a NULL pointer dereference. The vuln...

CVE-2023-46813

CVE-2023-46813 affects the Linux kernel before 6.5.9. The issue arises from incorrect access checking in the #VC handler and SEV-ES MMIO instruction emulation, allowing a race where an attacker with userspace MMIO access can replace an instruction before the #VC handler reads it. This can lead to...

CVE-2019-15213

CVE-2019-15213: Linux kernel before 5.2.3 contains a use-after-free in the DVB‑USB driver (drivers/media/usb/dvb-usb/dvb-usb-init.c) triggered by a malicious USB device. The issue is limited to the kernel plasma stack in this component and is mitigated by upgrading to kernel 5.2.3 or newer, per t...

CVE-2019-19073

CVE-2019-19073 is supported by connected docs: memory leaks in Linux kernel drivers/net/wireless/ath/ath9k/htc_hst.c through 5.3.11 allow local attackers to trigger wait_for_completion_timeout() failures and cause memory-based DoS. The issue involves multiple functions (htc_config_pipe_credits(),...

CVE-2019-19448

CVE-2019-19448 is a use-after-free in Linux kernel’s Btrfs code (try_merge_free_space in fs/btrfs/free-space-cache.c). It can be triggered by mounting a crafted Btrfs image and performing operations followed by a syncfs, due to a pointer alias between left and right data structures. Affected: Lin...

CVE-2022-1734

CVE-2022-1734 affects the Linux kernel nfcmrvl NFC driver (drivers/nfc/nfcmrvl/main.c). The flaw is a use-after-free caused by a race between the cleanup path and firmware download, allowing memory corruption with local access (read/write) and potentially denial of service or privilege escalation...

CVE-2022-3567

CVE-2022-3567 is a Linux Kernel vulnerability affecting the IPv6 stack, specifically the inet6_stream_ops/inet6_dgram_ops in the IPv6 Handler. The issue is a race condition introduced in the kernel code (as described in the provided sources). A patch is recommended to fix the issue. The connected...

CVE-2017-7889

CVE-2017-7889 affects the Linux kernel mm subsystem (up to 3.2); a local attacker with access to /dev/mem can read/write kernel memory due to CONFIG_STRICT_DEVMEM not being properly enforced in arch/x86/mm/init.c and drivers/char/mem.c. Public details: Debian security advisories show fixes (e.g.,...

CVE-2019-9003

CVE-2019-9003 affects the Linux kernel prior to 4.20.5. The issue is a use-after-free in drivers/char/ipmi/ipmi_msghandler.c that can trigger an oops under certain concurrent execution, demonstrated by a service ipmievd restart loop. Impact is availability disruption (HIGH) with no confidentialit...

CVE-2022-3344

CVE-2022-3344 is a vulnerability in the Linux kernel related to KVM AMD nested virtualization (SVM). The issue allows a malicious L1 guest to fail to intercept the shutdown of a cooperative nested L2 guest, which can cause a page fault and kernel panic on the host. Public sources in Connected doc...

CVE-2023-52809

CVE-2023-52809 : Linux kernel vulnerability in scsi: libfc where fc_lport_ptp_setup() could dereference a NULL pointer if fc_rport_create() returns NULL. The fix adds a check on fc_rport_create()’s return value and logs an error when it fails. Affects the kernel’s SCSI/FC path; local access requi...

CVE-2023-3141

CVE-2023-3141 : A use-after-free in the Linux kernel memstick driver (drivers/memstick/host/r592.c, function r592_remove) can crash the system on device disconnect and may lead to kernel information leaks. Affected tracked advisories confirm this issue across multiple vendor/distro kernels (e.g.,...

CVE-2023-6356

CVE-2023-6356 is a Linux kernel vulnerability in the NVMe driver affecting NVMe over TCP. The connected Nessus entries enumerate the issue as a NULL pointer dereference in the NVMe target path (nvmet_tcp_build_iovec/nvmet_tcp_execute_request/__nvmet_req_complete), which can lead to kernel panic a...

CVE-2018-5750

Technical details beyond the initial description are not present in the connected documents. The CVE-2018-5750 issue in the Linux kernel (via acpi_smbus_hc_add and SBS HC printk) is described in the Initial document as a local information disclosure; no additional public exploit/vendor-specific d...

CVE-2019-15117

CVE-2019-15117 affects the Linux kernel component parse_audio_mixer_unit in sound/usb/mixer.c. The issue arises when processing a short USB descriptor, resulting in out-of-bounds memory access. The vulnerability is local in scope with potential memory corruption as the impact. The initial entry s...

CVE-2019-17351

CVE-2019-17351 affects the Linux kernel prior to 5.2.3 in drivers/xen/balloon.c (Xen up to 4.12.x). The issue allows a guest OS user to cause a denial of service by unrestricted resource consumption during the mapping of guest memory. The connected advisories (Unity Linux, EulerOS, OpenVAS/USN re...

CVE-2019-19077

CVE-2019-19077 is a Linux kernel vulnerability affecting bnxt_re (InfiniBand) where a memory leak in bnxt_re_create_srq() in drivers/infiniband/hw/bnxt_re/ib_verbs.c can be triggered by copy to udata failures, leading to denial of service via memory exhaustion. The issue is present in kernels up ...

CVE-2019-19543

CVE-2019-19543: In the Linux kernel up to 5.1.5/5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c. A local attacker could trigger this UAF via the serial IR device support, with the impact described as potential denial of service or instability once the f...

CVE-2023-1076

CVE-2023-1076 describes a Linux kernel flaw in tun/tap initialisation where the socket uid is hardcoded to 0 due to a type confusion. The result can cause tun/tap sockets to be treated as if they have root privileges when filtering/routing decisions are made, potentially bypassing network filters...

CVE-2023-42755

CVE-2023-42755 affects the IPv4 RSVP classifier in the Linux kernel. The xprt pointer can reference beyond the skb’s linear area, causing an out-of-bounds read in rsvp_classify, which may allow a local user to crash the system and trigger denial of service. Connected advisories (Debian, Red Hat-b...

CVE-2024-56783

CVE-2024-56783 : Linux kernel netfilter nft_socket vulnerability. Root cause: a WARN_ON_ONCE could be reached from userspace due to the default cgroup maximum depth being INT_MAX; a toggle exists to cap this depth to a safer value, and the code path unneededly warned instead of securely handling ...

CVE-2016-8399

CVE-2016-8399 affects the Linux kernel networking subsystem. The issue arises from the ICMP header length not being properly validated, enabling a local attacker to trigger an out-of-bounds memory access. With CAP_NET_ADMIN, this could lead to privilege escalation or information disclosure, as de...

CVE-2019-19051

CVE-2019-19051 : A memory leak in the Linux kernel function i2400m_op_rfkill_sw_toggle() (drivers/net/wimax/i2400m/op-rfkill.c) prior to 5.3.11 can allow a local attacker to cause memory exhaustion and denial of service. The issue is fixed in 5.3.11 (ChangeLog-5.3.11). References include related ...

CVE-2022-2503

CVE-2022-2503 affects Linux kernels using Dm-verity/LoadPin. A device-mapper table reload can swap the target to an equivalent dm-linear target, bypassing verification until reboot and allowing root to load untrusted/unsigned kernel modules and firmware. This can enable arbitrary kernel execution...

CVE-2022-42722

CVE-2022-42722 affects Linux kernels 5.8–5.19.x (pre-5.19.16). Local attackers can inject WLAN frames into the mac80211 stack, triggering a NULL pointer dereference and a denial-of-service against beacon protection for P2P devices. Affected products reference Linux kernel/mac80211 internals and e...

CVE-2017-1000405

CVE-2017-1000405 affects Linux kernel THP handling in versions 2.6.38–4.14. A flawed use of pmd_mkdirty() in touch_pmd() can be reached via get_user_pages(), allowing pmds to become dirty without a COW cycle. This enables overwriting read‑only huge pages (including zero pages and sealed SHMEM map...

CVE-2017-7541

CVE-2017-7541 affects the Broadcom WLAN driver in the Linux kernel (brcmf_cfg80211_mgmt_tx in cfg80211.c). A crafted NL80211_CMD_FRAME Netlink packet can cause kernel memory corruption, leading to DoS or possible privilege escalation. Public details in connected CentOS security advisories confirm...

CVE-2018-7740

CVE-2018-7740 affects the Linux kernel, where the resv_map_release function in mm/hugetlb.c up to version 4.15.7 is vulnerable. A local attacker can cause a denial of service by crafting an app that uses mmap and a large pgoff with remap_file_pages, triggering a BUG. The connected Nessus reports ...

CVE-2019-19965

CVE-2019-19965 is a vulnerability in the Linux kernel (affecting the SAS SAS discover path) where a NULL pointer dereference occurs in drivers/scsi/libsas/sas_discover.c due to mishandling of port disconnection during discovery, related to a PHY down race condition (CID-f70267f379b5). The Unity L...

CVE-2022-1852

CVE-2022-1852 concerns a NULL pointer dereference in the Linux kernel’s KVM module during x86 emulation (x86_emulate_insn) when the guest executes an illegal instruction on Intel CPUs, which can lead to a denial of service. The vulnerability is in the KVM emulation path (arch/x86/kvm/emulate.c) a...

CVE-2023-4387

CVE-2023-4387 affects VMware’s vmxnet3 Ethernet NIC driver in the Linux kernel. A use-after-free in vmxnet3_rq_alloc_rx_buf can lead to a double-free during vmxnet3_rq_cleanup_all, causing a system crash and, per advisory text, kernel information leakage. The issue is publicly documented in Nessu...

CVE-2024-56787

CVE-2024-56787 documents a Linux kernel issue where imx8m SoC code probed as a driver caused -EPROBE_DEFER when clock driver wasn’t probed yet. The fix converts the SoC code to a platform driver and instantiates it in current device_initcall, propagating -EPROBE_DEFER through the .probe retry mec...

CVE-2025-21999

Summary: CVE-2025-21999 affects the Linux kernel’s procfs inode creation path. A use-after-free (UAF) can occur when a module is freed (rmmod) while a /proc entry’s inode is instantiated, due to dereferencing pde->proc_ops that belongs to the module, after proc entry registration. The root cau...

CVE-2017-7542

CVE-2017-7542 is a Linux kernel vulnerability described as an integer overflow in ip6_find_1stfragopt() (net/ipv6/output_core.c) that can be triggered by a local attacker who can open a raw socket, potentially causing a denial of service via an infinite loop. The initial description cites Linux k...

CVE-2018-1118

CVE-2018-1118 affects the Linux kernel vhost path used by /dev/vhost-net. The issue is improper memory initialization in vhost/vhost.c:vhost_new_msg(), enabling a local unprivileged user to read kernel memory contents. The vulnerability arises from memory not being initialized before being passed...

CVE-2018-16862

CVE-2018-16862 : Linux kernel cleancache clears an inode after the final truncation, allowing a new file with the same inode to read leftover pages from the old file. The connected doc confirms a local attacker could use this to expose sensitive information. No patch/fix details are provided in t...

CVE-2019-16232

CVE-2019-16232 affects the Linux kernel driver file drivers/net/wireless/marvell/libertas/if_sdio.c. The root cause is failure to check the return value of alloc_workqueue, which can lead to a NULL pointer dereference and a potential crash when the kernel uses that workqueue. Public references in...

CVE-2019-18683

CVE-2019-18683 affects the Linux kernel’s V4L2 vivid driver (drivers/media/platform/vivid). The issue arises from wrong mutex locking in functions vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and related kthreads, causing multiple race conditions dur...

CVE-2020-15393

CVE-2020-15393 : The Linux kernel contains a memory leak in usbtest_disconnect (drivers/usb/misc/usbtest.c) affecting 4.4–5.7.6, CID-28ebeb8db770. Connected sources confirm this CVE across multiple distributions and advisories (Debian LTS entries, Amazon Linux advisories, Mageia, etc.). The vulne...

CVE-2022-3707

CVE-2022-3707 is a double-free in the Intel GVT-g graphics support within the Linux kernel, specifically in the intel_gvt_dma_map_guest_page path. The flaw can be triggered by a local attacker and may crash the system due to memory corruption. Connected advisories confirm the issue affecting the ...