CVE-2023-0045

The CVE-2023-0045 entry concerns the Linux kernel Spectre v2 mitigation for prctl-based task toggling. The underlying issue is that IBPB is not issued immediately during the prctl syscall; ib_prctl_set updates TIFs and SPEC_CTRL MSR, but IBPB is only emitted on the next schedule after TIF checks....

CVE-2023-0210

CVE-2023-0210 affects the Linux kernel ksmbd NTLMv2 authentication. The issue is that a bug in ksmbd NTLMv2 handling can crash the OS on Linux-based systems (immediate disruption). The description in the sources states the crash, and connected advisories/cves confirm the inclusion of this CVE amo...

CVE-2024-44989

CVE-2024-44989 is a Linux kernel vulnerability affecting bonding with xfrm offload, caused by setting real_dev to NULL (callbacks assume real_dev is always set). This can lead to a null-pointer dereference in offload/add SA paths (notably bond_ipsec_offload_ok/nsim_ipsec_offload_ok) when SA setup...

CVE-2026-43284

Summary of CVE-2026-43284 (Linux kernel): The issue occurs in ESP decryption for UDP paths when using shared skb frags. Specifically, after MSG_SPLICE_PAGES attaches pages to an skb, and SKBFL_SHARED_FRAG is set, ESP input could decrypt in place on data not privately owned by the skb, if the frag...

CVE-2016-8633

CVE-2016-8633 affects the Linux kernel due to a vulnerability in drivers/firewire/net.c that can allow remote code execution when processing crafted fragmented packets on certain hardware. The connected Unity Linux advisories (UTSA-2026-003327 and related Nessus plugins) state the issue exists in...

CVE-2017-7558

CVE-2017-7558 describes a kernel data leak (out-of-bounds read) in the Linux kernel inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() that could leak up to 100 bytes of slab data to userspace. Affected: Linux kernel (4.7-rc1 through 4.13). Root cause: filling sockaddr data structures wit...

CVE-2018-16658

The CVE-2018-16658 entry concerns the Linux kernel prior to 4.18.6, where a vulnerability in cdrom_ioctl_drive_status() in drivers/cdrom/cdrom.c allows a local attacker to read kernel memory due to an unsafe cast from unsigned long to int that bypasses bounds checks. The issue is mitigated by upg...

CVE-2024-26915

CVE-2024-26915 concerns the Linux kernel DRM AMDGPU driver. The root cause is the Reset IH OVERFLOW_CLEAR bit, which allows detection of subsequent IH ring buffer overflows. Affected component: drm/amdgpu in the Linux kernel. Impact as stated: potential availability impact with local, low-privile...

CVE-2019-19049

CVE-2019-19049 corresponds to a memory leak in the Linux kernel preprocessing path: the unittest_data_add() function in drivers/of/unittest.c can leak memory when of_fdt_unflatten_tree() fails, leading to potential denial of service due to memory consumption. The affected line is in the kernel pr...

CVE-2021-3764

Summary: CVE-2021-3764 is a memory-leak DoS in the Linux kernel related to the ccp_run_aes_gcm_cmd() function in the CCP crypto path (ccp-ops). Connected sources (Astra Linux advisories and Amazon Linux advisories) corroborate a memory-leak/DoS impact similar to CVE-2019-18808, with the highest t...

CVE-2022-0494

CVE-2022-0494 is a Linux kernel information-leak flaw in scsi_ioctl.c that could let a local attacker with CAP_SYS_ADMIN or CAP_SYS_RAWIO extract kernel information, affecting confidentiality. The associated documents confirm the vulnerability and provide CVSS context (local access, high confiden...

CVE-2022-41850

CVE-2022-41850 affects the Linux kernel driver: roccat_report_event in drivers/hid/hid-roccat.c up to version 5.19.12. It describes a race condition that can lead to a use-after-free when a report is received while copying report->value, enabling local attacker impact such as denial of service...

CVE-2022-4744

CVE-2022-4744 describes a local, double-free flaw in the Linux kernel’s TUN/TAP device driver during register_netdevice failure, potentially crashing the host or enabling privilege escalation. Connected Astra Linux bulletin corroborates a Linux-5.10 kernel context with the same double-free issue ...

CVE-2023-6531

CVE-2023-6531 is a Linux kernel use-after-free race in the unix garbage collector where deletion of SKB races with unix_stream_read_generic() on the socket the SKB is queued on. The issue enables local privilege escalation as described in multiple advisories. Public documents consistently identif...

CVE-2019-10220

CVE-2019-10220 affects the Linux kernel CIFS implementation when using kernel version 4.9.0, which is vulnerable to a relative path injection in directory entry lists. The connected Nessus advisories corroborate that this CVE is referenced in multiple advisory plugins, describing the affected com...

CVE-2020-10773

CVE-2020-10773 is a local-information-disclosure flaw in the Linux kernel for s390/s390x memory-management. The issue stems from incorrect writes to the /proc/sys/vm/cmm_timeout file, enabling a local attacker to read kernel data. The provided documents confirm the vulnerability and its affected ...

CVE-2020-25669

CVE-2020-25669 is a Linux kernel use-after-free in sunkbd_reinit triggered after sunkbd interrupts and before freed; an alias remains after NULLing in sinkbd_disconnect, enabling a use-after-free condition. Documents indicate this is a kernel issue with local impact, potentially causing a crash o...

CVE-2022-2078

CVE-2022-2078 is a Linux kernel vulnerability in nft_set_desc_concat_parse() that can trigger a buffer overflow, leading to denial of service and possibly code execution. The linked AstraEU/IBM advisories reiterate the same function and impact, describing local access requirements and potential f...

CVE-2022-36280

CVE-2022-36280: An out-of-bounds memory access in the vmwgfx GPU driver (vmwgfx_kms.c) of the Linux kernel’s vmwgfx component, affecting devices using /dev/dri/renderD128. Reported as a local privilege escalation leading to DoS. Public details in connected docs confirm the vulnerability and its p...

CVE-2022-49543

CVE-2022-49543 documents a Linux kernel issue in the ath11k/mhi PM wake path. The root cause is a mismatch between mhi_deassert_dev_wake() and __mhi_device_get_sync() during recovery, where pm_state is not normal and dev_wake may remain non-zero, triggering a warning in mhi_pm_disable_transition(...

CVE-2023-2269

The CVE-2023-2269 entry concerns a denial-of-service vulnerability in the Linux kernel Device Mapper-Multipathing, caused by a possible recursive locking scenario that can deadlock in table_clear() in drivers/md/dm-ioctl.c. Affected component: Linux kernel’s DM‑multipath subsystem. Impact per the...

CVE-2023-2513

CVE-2023-2513 is a use-after-free in the Linux kernel ext4 filesystem related to handling extra inode size for extended attributes. The flaw could let a privileged local user crash the system or trigger undefined behavior. The Astra Linux bulletin confirms the same issue in Linux kernel (linux-5....

CVE-2023-52815

The connected Astra Linux advisory confirms the CVE affects the Linux kernel DRM amdgpu/vkms path. In amdgpu_vkms_conn_get_modes(), the code previously assigned the return value of drm_cvt_mode() to mode and could dereference NULL on failure. The fix adds a NULL check to prevent dereference, miti...

CVE-2024-56780

Technical details about CVE-2024-56780 are not provided in the connected documents. The initial description outlines a quota writeback flush race in Linux kernel/ext4 but lacks vendor/version/product mapping or patch specifics in these sources. Monitor for updates.

CVE-2015-8104

CVE-2015-8104 affects the KVM/Hypervisor stack in Linux kernel up to 4.2.6 and Xen up to 4.6.x. The issue arises from handling of Debug (DB) exceptions in svm.c, allowing a guest OS user to trigger many DBs to cause a host denial-of-service (panic/hang). Connected CNA/records also show a link to ...

CVE-2017-16644

The CVE-2017-16644 entry affects the Linux kernel: hdpvr_probe in drivers/media/usb/hdpvr/hdpvr-core.c (through kernel 4.13.11). The vulnerability allows local users to cause a denial of service or possibly other impact via a crafted USB device, due to improper error handling in hdpvr_probe. A fi...

CVE-2018-1000004

CVE-2018-1000004 affects the Linux kernel with a race condition in the sound subsystem that can cause a deadlock and denial of service. The description notes affected versions as 4.12, 3.10, 2.6 and possibly earlier, with no explicit exploit details provided in the included documents. Connected a...

CVE-2018-19407

CVE-2018-19407 affects the Linux kernel’s KVM x86 code path: the function vcpu_scan_ioapic in arch/x86/kvm/x86.c can trigger a NULL pointer dereference when the IOAPIC is uninitialized, leading to local denial of service. Affected scope is Linux kernels up to 4.19.2 (no explicit exploit details p...

CVE-2022-42895

CVE-2022-42895: Infoleak in Linux kernel (net/bluetooth/l2cap_core.c: l2cap_parse_conf_req) can leak kernel pointers remotely. Affected: Linux kernel (including versions cited by Astra Linux bulletin; e.g., linux-5.10/5.15 per connected docs). Root cause: information disclosure in L2CAP config re...

CVE-2023-28328

CVE-2023-28328: A NULL pointer dereference in the az6027 driver (drivers/media/usb/dev-usb/az6027.c) of the Linux kernel, caused by not validating the user-space message before transfer. Local users could crash the system or potentially cause a denial of service. Connected Astra Linux bulletin re...

CVE-2023-4244

CVE-2023-4244 is a Linux kernel use-after-free in nf_tables/netfilter. A race between the netlink control plane transaction and nft_set element garbage collection can underflow a reference counter, enabling local privilege escalation. Affected: Linux kernel nf_tables/netfilter. Root cause: refere...

CVE-2013-4343

CVE-2013-4343 is a use-after-free in drivers/net/tun.c of the Linux kernel up to and including 3.11.1. An unprivileged local user with CAP_NET_ADMIN can exploit an invalid tuntap interface name passed to TUNSETIFF to gain privileges. The vulnerability affects the tun/tap subsystem by abusing a us...

CVE-2015-7872

CVE-2015-7872 affects the Linux kernel (security/keys/gc.c: key_gc_unused_keys) up to version 4.2.6. A local attacker can trigger a DoS (OOPS) using crafted keyctl commands. Connected documents reference upstream kernel commits (f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61 and ce1fad2740c648a4340f6f6...

CVE-2019-19036

CVE-2019-19036 affects the Linux kernel's Btrfs code: btrfs_root_node in fs/btrfs/ctree.c may dereference root->node via rcu_dereference even when it is zero, causing a NULL pointer dereference in kernels up to 5.3.12. The issue is confirmed in Nessus/Unity Linux advisory UTSA-2026-003667, whi...

CVE-2019-19057

CVE-2019-19057 affects the Linux kernel mwifiex PCIe wireless driver (drivers/net/wireless/marvell/mwifiex/pcie.c). Two memory leaks in mwifiex_pcie_init_evt_ring() can occur through failures in mwifiex_map_pci_memory(), allowing a local attacker to trigger memory consumption and a denial of serv...

CVE-2019-8912

CVE-2019-8912 affects the Linux kernel up to version 4.20.11. The vulnerability stems from af_alg_release() in crypto/af_alg.c not setting a needed NULL value for a member of a structure, which enables a use-after-free in sockfs_setattr. The supplied documents describe the affected component and ...

CVE-2021-3178

CVE-2021-3178 affects the Linux kernel NFSv3 export path: when exporting a subdirectory, READDIRPLUS can leak the parent directory file handle, allowing a client to access files outside the exported subtree. Descriptions note this through kernel 5.10.8; some advisories reference fixes in patched ...

CVE-2022-24959

CVE-2022-24959 affects the Linux kernel before 5.16.5, via a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c. This can lead to denial of service due to memory exhaustion. The issue is addressed in the 5.16.5 kernel release; related advisories (e.g., Debian security updates) note...

CVE-2022-4139

CVE-2022-4139 describes an incorrect TLB flush in the Linux kernel’sGPU i915 driver, potentially causing random memory corruption or data leaks. The issue could allow a local user to crash the system or escalate privileges. The available connected documents consistently present the same descripti...

CVE-2024-26976

CVE-2024-26976 is a Linux kernel KVM vulnerability described in Astra Linux advisory as resolved. It concerns ensuring that the per-vCPU async #PF workqueue is not racing with module unload during VM/vCPU destruction. Root cause: gifting a reference to the VM (kvm_put_kvm) could deadlock because ...

CVE-2024-44937

The CVE affects the Linux kernel’s Intel VBTN (platform/x86) ACPI notify handler. A race can occur when the notify_handler() runs on multiple CPUs after a change enabling those handlers to operate on all CPUs, notably observed on Dell Venue 7140 during undocking. The race could cause the input-de...

CVE-2017-11600

CVE-2017-11600 affects the Linux kernel xfrm subsystem (net/xfrm/xfrm_policy.c) where, when CONFIG_XFRM_MIGRATE is enabled, the dir value of xfrm_userpolicy_id is not constrained to XFRM_POLICY_MAX. This can allow a local user (CAP_NET_ADMIN) to cause a denial of service (out-of-bounds access) an...

CVE-2018-1108

CVE-2018-1108 affects Linux kernel random seed handling in kernel drivers prior to 4.17-rc1. Seeds could be consumed during early boot before sufficient entropy was gathered, risking confidentiality and integrity of encrypted communications. Public documents specify that the entropy/generator had...

CVE-2018-7755

CVE-2018-7755 affects the Linux kernel floppy driver: the fd_locked_ioctl path in drivers/block/floppy.c copies a kernel pointer to user memory in response to FDGETPRM, enabling a local attacker with floppy access to discover kernel code/data locations and bypass KASLR. The issue is in kernel ver...

CVE-2018-9363

CVE-2018-9363 is a Linux-kernel vulnerability in the HIDP Bluetooth driver: hidp_process_report can overflow a buffer due to incorrect length handling, potentially causing memory corruption and DoS, with possible remote code execution. Public documents across Debian/Ubuntu/CentOS‑related advisori...

CVE-2019-15215

The CVE-2019-15215 issue is a use-after-free in the Linux kernel, caused by a malicious USB device via the cpia2_usb.c driver (drivers/media/usb/cpia2). Affected: kernel versions before 5.2.6. Impact: potential local denial of service or privilege issues due to use-after-free in USB cpia2 handlin...

CVE-2024-56779

The CVE-2024-56779 entry describes a Linux kernel vulnerability in nf sd4_open handling where concurrent opens could leak nfsd_openowner state, potentially leaving objects unfreed and triggering a warning when /proc/fs/nfsd/threads is echoed. The issue arises when two rpc_task instances race to o...

CVE-2013-2929

CVE-2013-2929 : The Linux kernel before 3.12.2 fails to properly use get_dumpable in the ptrace subsystem (kernel/ptrace.c, arch/ia64/include/asm/processor.h). This allows a local unprivileged user to bypass ptrace restrictions or read IA64 scratch registers via a crafted application. The vulnera...

CVE-2017-1000380

CVE-2017-1000380 affects the Linux kernel ALSA sound timer driver. A race between read and ioctl on /dev/snd/timer can disclose uninitialized memory to local users. Affected: kernels prior to 4.11.5. Remediation: upgrade to Linux kernel 4.11.5 or later (upstream fix referenced by ChangeLog-4.11.5...

CVE-2017-7184

The CVE-2017-7184 issue affects the Linux kernel xfrm subsystem, where xfrm_replay_verify_len in net/xfrm/xfrm_user.c up to 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, enabling a local attacker with CAP_NET_ADMIN to cause a heap-based out-of-bounds access and potent...