CVE-2019-18811

CVE-2019-18811 : A memory leak in the Linux kernel’s sound/soc/sof/ipc.c function sof_set_get_large_ctrl_data() (triggered by sof_get_ctrl_copy_params() failures) can cause memory consumption leading to Denial of Service. Affected versions are up to 5.3.9; the root cause is a memory leak in sof_s...

CVE-2023-1652

CVE-2023-1652 refers to a use-after-free in nfsd4_ssc_setup_dul (fs/nfsd/nfs4proc.c) of the Linux kernel’s NFS subsystem that can let a local attacker crash the system or leak kernel information. Connected advisories confirm the issue exists in the Linux kernel and indicate remediation via kernel...

CVE-2023-1838

The CVE-2023-1838 entry centers on a use-after-free flaw in the Linux kernel’s vhost_net_set_backend (drivers/vhost/net.c, virtio network subcomponent) caused by a double fget. This can allow a local attacker to crash the system and potentially leak kernel information. Connected documents (Astra ...

CVE-2023-3610

The CVE-2023-3610 issue is a use-after-free in the Linux kernel nf_tables (netfilter) logic, specifically in the NFT_MSG_NEWRULE abort path, caused by flawed error handling of bound chains. This vulnerability can enable local privilege escalation for an attacker possessing CAP_NET_ADMIN, within a...

CVE-2023-39191

The CVE-2023-39191 issue affects the Linux kernel eBPF subsystem: improper validation of dynamic pointers in user-supplied eBPF programs can be exploited by a user with CAP_BPF privileges to escalate privileges and run code in kernel context. Multiple connected advisories (e.g., Red Hat RHSA entr...

CVE-2024-53055

The CVE-2024-53055 issue affects the Linux kernel’s wifi: iwlwifi mvm 6 GHz scanning. It was caused by a loop variable of type u8 in the 6 GHz scan construction, which could loop forever when more than 255 colocated APs are found during 2.4/5 GHz scanning. The code was changed to use a u32 loop v...

CVE-2015-1573

CVE-2015-1573 affects the Linux kernel, where nft_flush_table() in net/netfilter/nf_tables_api.c mishandles cross-chain jumps with ruleset flushes, allowing a local user with CAP_NET_ADMIN to trigger a denial of service (panic) by flushing affected rules. Affected kernel versions are those before...

CVE-2016-9793

The CVE-2016-9793 issue affects the Linux kernel 4.8.x lineage prior to 4.8.14. The sock_setsockopt implementation in net/core/sock.c mishandles negative values for sk_sndbuf and sk_rcvbuf, enabling a local attacker with CAP_NET_ADMIN to trigger memory corruption and a potential denial of service...

CVE-2017-15868

The CVE-2017-15868 vulnerability affects the Linux kernel up to version 3.18 (pre-3.19). The issue lies in bnep_add_connection() in net/bluetooth/bnep/core.c, which does not ensure an l2cap socket is available, enabling local users to gain privileges through a crafted application. Affected compon...

CVE-2019-19807

CVE-2019-19807 affects the Linux kernel before 5.3.11, due to a use-after-free in sound/core/timer.c (snd_timer_open/snd_timer_close_locked). The timeri variable was repurposed during a refactor, leading to a faulty lifecycle for a new timer instance. Connected sources confirm an upstream fix imp...

CVE-2020-35519

CVE-2020-35519 is an out-of-bounds memory access in the Linux kernel, specifically in x25_bind() within net/x25/af_x25.c of v5.12-rc5. The bounds-check failure enables a local user to access out-of-bounds memory, potentially crashing the system or leaking kernel data. Connected advisories confirm...

CVE-2024-56551

Summary (CVE-2024-56551) : In the Linux kernel, the drm/amdgpu driver fixes a use-after-free in the slab allocator. The vulnerability is triggered by a use-after-free in the GPU scheduling path, specifically involving drm_sched_entity_flush, where a 8-byte read could occur after an object had bee...

CVE-2022-27223

The CVE-2022-27223 entry concerns Linux kernel code, specifically the udc-xilinx USB gadget driver (drivers/usb/gadget/udc/udc-xilinx.c). Affected are kernel builds before 5.16.12 where the endpoint index is not validated and can be manipulated by the host to trigger out-of-array access. The desc...

CVE-2022-45919

The CVE-2022-45919 entry affects the Linux kernel (through 6.0.10), specifically the DVB core driver path drivers/media/dvb-core/dvb_ca_en50221.c, where a use-after-free can occur after a disconnect following an open due to lack of a wait_event. Connected Astra Linux bulletin confirms the same ro...

CVE-2023-6932

CVE-2023-6932 is a Linux kernel vulnerability affecting the ipv4: igmp component. The issue is described as a use-after-free condition with a race that can cause a timer to be registered on an RCU read-locked object that is freed by another thread, enabling local privilege escalation. Connected d...

CVE-2024-26987

CVE-2024-26987 refers to a Linux kernel issue where a deadlock could occur in memory failure handling when hugetlb_optimize_vmemmap is enabled. The vulnerability is described with a deadlock scenario involving memory_failure/hard_offline_page_store and a dependency chain between cpu_hotplug_lock ...

CVE-2024-46781

CVE-2024-46781 : Linux kernel nilfs2 use-after-free during rollforward recovery error. If recovery logs are partially written (dsync) and an error occurs before the log writer starts, inodes with recovered data may remain in ns_dirty_files and not be freed. The patch adds cleanup of inodes that h...

CVE-2022-49610

The CVE-2022-49610 entry concerns the Linux kernel KVM VMX path. The vulnerability description states a theoretical RSB underflow could occur on VMX when there is a gap between the guest SPEC_CTRL write and vmenter, potentially triggered by an NMI with a deep call stack. The mitigation is to disa...

CVE-2023-3773

The CVE-2023-3773 entry describes a flaw in the Linux kernel’s XFRM (IP framework) where parsing netlink attributes can trigger a 4-byte out-of-bounds read of XFRMA_MTIMER_THRESH. This could allow a malicious user with CAP_NET_ADMIN to leak sensitive heap data to userspace. The provided descripti...

CVE-2023-52922

CVE-2023-52922 affects the Linux kernel can/bcm: Fix UAF in bcm_proc_show(). The issue arises when bcm_op is freed before the corresponding procfs entry is removed in bcm_release(), which may allow bcm_proc_show() to read a freed bcm_op. Connected advisories confirm the root cause and mention a p...

CVE-2018-13094

CVE-2018-13094 affects the Linux kernel’s XFS code: a NULL bp passed to xfs_da_shrink_inode() can trigger an OOPS in fs/xfs/libxfs/xfs_attr_leaf.c for images up to kernel 4.17.3. Public docs confirm the underlying issue is a NULL pointer dereference that can cause a crash; Debian/CentOS/Red Hat a...

CVE-2019-19082

CVE-2019-19082 : Memory leaks in the Linux kernel’s AMD display driver DC code allow memory exhaustion/DoS via multiple create_resource_pool() variants (dce120/dce110/dce100/dcn10/dce112_resource.c; CID-104c307147ad). Affects kernel up to 5.3.11; exploitation would be local and relies on resource...

CVE-2019-19083

CVE-2019-19083: In Linux kernel before 5.3.8, memory leaks in clock_source_create() under drivers/gpu/drm/amd/display/dc can cause memory exhaustion and DoS. Affects dce112_clock_source_create(), dce100_clock_source_create(), dcn10_clock_source_create(), dcn20_clock_source_create(), dce120_clock_...

CVE-2021-4204

Technical details for CVE-2021-4204 are not publicly provided in the supplied documents. Please monitor for updates from connected sources; current materials mention a Linux kernel memory access flaw but do not specify affected versions or fixes here.

CVE-2022-33743

CVE-2022-33743 maps to a Xen netfront memory-handling issue in the Linux kernel where SKBs with retained references can be freed, caused by a label move while adding XDP support. This can lead to use-after-free in the network backend and a potential Denial of Service when interacting with the Xen...

CVE-2012-0056

No public technical details about CVE-2012-0056 are present in the connected documents; the Fedora announcements do not expose affected products, versions, or fixes. Monitor for updates.

CVE-2015-5157

CVE-2015-5157 affects the Linux kernel prior to 4.1.6 on x86_64. The issue is in arch/x86/entry/entry_64.S where IRET faults during NMIs that occur in userspace are mishandled, potentially allowing a local user to gain privileges. The vulnerability is described in several connected advisories as ...

CVE-2017-18174

In Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls pinctrl_unregister, leading to a double free. Affected: kernels prior to 4.7 (various distributions). The issue was addressed in later kernel updates (e.g., commits from Linus Torvalds’ tree referenced...

CVE-2017-6001

CVE-2017-6001 is a Linux kernel race condition in the perf_events subsystem. The initial description notes a race between concurrent perf_event_open calls for moving a software group into a hardware context, allowing local privilege escalation and tied to an incomplete fix for CVE-2016-6786. Conn...

CVE-2020-10720

CVE-2020-10720 : A local attacker can crash the system due to a flaw in the Linux kernel’s GRO implementation in versions older than 5.2. The issue is specifically in GRO handling in the kernel networking path, not a remote exploit. The connected advisories reiterate the same root cause and indic...

CVE-2021-29646

CVE-2021-29646 involves the Linux kernel, where the function tipc_nl_retrieve_key in net/tipc/node.c shows insufficient validation of data sizes. Connected docs confirm concrete details: affected component is the kernel tipc subsystem, with a fix implemented in kernel 5.11.11 (and Fedora/Mariner ...

CVE-2021-4202

CVE-2021-4202 is a use-after-free in the NFC Controller Interface (NCI) path of the Linux kernel (nci_request in net/nfc/nci/core.c). A local attacker with user privileges could trigger a data race while the device is being removed, leading to privilege escalation. Connected advisories confirm th...

CVE-2022-1652

CVE-2022-1652 is a Linux kernel local-use-after-free fault in bad_flp_intr that could allow a local attacker to execute arbitrary code or cause a denial of service. Multiple connected advisories confirm the issue resides in the Linux kernel and that mitigation is to apply patched kernel updates (...

CVE-2022-3649

CVE-2022-3649 affects the Linux kernel (nilfs_new_inode in fs/nilfs2/inode.c, component BPF). The issue is a use-after-free in nilfs_new_inode that can be triggered remotely, per the initial document and connected advisories. A patch exists to fix this issue (references include a kernel commit ID...

CVE-2024-53162

Linux kernel vulnerability CVE-2024-53162 in crypto: qat/qat_4xxx driver. Off-by-one in uof_get_name() can trigger out-of-bounds read when iterating fw_objs[] (/fw_objs has num_objs elements). The fix changes a comparison from > to >= to prevent reading beyond the array. No exploitation det...

CVE-2025-21684

CVE-2025-21684 affects the Linux kernel GPIO xilinx driver. Root cause: irq_chip locking used gpio_lock (a normal spinlock) in contexts that may run under raw spinlock requirements. The fix: convert gpio_lock to a raw spinlock and apply it in the xilinx GPIO code path (e.g., xgpio_irq_unmask), ad...

CVE-2012-6689

The CVE affects the Linux kernel before 3.5.5, where net/netlink/af_netlink.c:netlink_sendmsg does not validate dst_pid, enabling local spoofing of Netlink messages. Affected product is the Linux kernel (prior to 3.5.5); impact is listed as unspecified (local) with full confidentiality/integrity/...

CVE-2020-29373

CVE-2020-29373 affects the Linux kernel (pre-5.6) in fs/io_uring.c, where the root directory is unsafely handled during path lookups inside a mount namespace, allowing a process to escape to unintended filesystem locations. The issue is confirmed by the CVE description and linked ChangeLog-5.6 an...

CVE-2021-3428

CVE-2021-3428 describes a Linux kernel flaw in ext4: crafting an ext4 extent can overflow an integer in fs/ext4/extents.c (ext4_es_cache_extent), potentially allowing a local attacker with a privileged user to crash the system and cause an availability impact. Connected Nessus entry (UNITY_LINUX_...

CVE-2022-32296

CVE-2022-32296 affects the Linux kernel where, prior to 5.17.9, the TCP source port selection (Algorithm 4, Double-Hash Port Selection from RFC 6056) can allow a remote or local observer to identify clients by observed source ports. Connected advisories confirm the issue in kernel ments and note ...

CVE-2022-3586

CVE-2022-3586 : A use-after-free in the Linux kernel networking path (sch_sfb enqueue function using SKB cb field after enqueueing/freeding into a child qdisc) allows a local, unprivileged user to crash the system, causing a denial of service. Affected component: kernel networking code; root caus...

CVE-2023-6040

CVE-2023-6040 is an out-of-bounds access in the Linux kernel netfilter nf_tables code. The issue arises when creating a new nf_tables table with an invalid nf_tables family value (pf), leading to out-of-bounds access in nf_tables_newtable. The vulnerability is classified as LOCAL with high impact...

CVE-2024-26777

CVE-2024-26777 concerns Linux kernel fbdev drivers (sis and savage) where pixclock may be used as a divisor before being validated, enabling a divide-by-zero error via user-supplied ioctl values. The root cause is that pixclock is used in calculations (e.g., drate) before a zero check, with fixes...

CVE-2024-26901

CVE-2024-26901 is a Linux kernel information-leak vulnerability identified by syzbot in do_sys_name_to_handle, where uninitialized bytes were observed during copy to userspace. The issue was mitigated by replacing a kmalloc path with kzalloc, addressing uninitialized memory (Bytes 18–19) and rela...

CVE-2016-7042

CVE-2016-7042: Linux kernel vulnerability where proc_keys_show (security/keys/proc.c) uses an incorrect buffer size for certain timeout data when built with gcc stack protector, enabling local denial of service by reading /proc/keys. Affects kernels up to 4.8.2; exploitation could cause stack mem...

CVE-2017-14051

CVE-2017-14051 : An integer overflow in the Linux kernel’s qla2x00_sysfs_write_optrom_ctl (drivers/scsi/qla2xxx/qla_attr.c) up to version 4.12.10 enables a local user with root privileges to cause memory corruption and a system crash (DoS). Affected components/versions: Linux kernel ≤ 4.12.10. Mi...

CVE-2017-18249

CVE-2017-18249 affects the Linux kernel’s f2fs implementation: the add_free_nid function in fs/f2fs/node.c fails to properly track an allocated nid, enabling local attackers to cause a denial of service via a race condition (and potentially other impact) when multiple threads run concurrently. Af...

CVE-2017-18257

CVE-2017-18257 affects the Linux kernel: the __get_data_block function in fs/f2fs/data.c (before 4.11) can be triggered by crafted open and fallocate calls via an FS_IOC_FIEMAP ioctl, causing local denial of service (integer overflow and loop). Public advisories from Unity Linux, Ubuntu USN-3696-...

CVE-2017-2583

CVE-2017-2583 affects the Linux kernel’s KVM emulation for x86, where load of a null stack selector can be incorrectly handled in long mode. The flaw allows a guest-host user to crash the guest OS (DoS) or potentially escalate privileges within the guest on affected CPUs, due to improper emulatio...

CVE-2018-1094

CVE-2018-1094 affects the Linux kernel ext4 subsystem: the ext4_fill_super routine in fs/ext4/super.c up to version 4.15.15 does not reliably initialize the crc32c checksum driver, enabling a crafted ext4 image to trigger a NULL pointer dereference in ext4_xattr_inode_hash and cause a denial of s...