CVE-2021-44879

CVE-2021-44879 affects the Linux kernel’s f2fs implementation: in gc_data_segment (fs/f2fs/gc.c) zeroing out or moving pages does not treat special files, causing a NULL pointer dereference in move_data_page and potentially a crash. The issue is fixed in Linux 5.16.3 (ChangeLog-5.16.3). Affected ...

CVE-2022-0812

CVE-2022-0812 affects the Linux kernel NFS over RDMA (net/sunrpc/xprtrdma/rpc_rdma.c) enabling an information leak under normal user privileges. Miracle Linux AXSA-2024-8651 notes xprtrdma fixes for incorrect header size calculations, which is the specified remediation. Unity Linux entries list t...

CVE-2023-2002

CVE-2023-2002 affects the Linux kernel HCI sockets (net/bluetooth/hci_sock.c) due to a missing capability check. This can allow a local attacker to reconfigure Bluetooth interfaces and potentially leak information, disrupt connections, or spoof/deny service. Public documents confirm this CVE is l...

CVE-2017-17448

CVE-2017-17448 affects the Linux kernel’s netfilter nfnetlink_cthelper.c: CAP_NET_ADMIN is not required for new/get/del operations, because nfnl_cthelper_list is shared across all net namespaces. This enables local attackers to bypass access restrictions. Impact is local privilege/access restrict...

CVE-2020-25220

CVE-2020-25220 is a Linux kernel local-use-after-free vulnerability in the cgroup subsystem caused by not accounting for skcd->no_refcnt during a backport of CVE-2020-14356. Affects 4.9.x (before 4.9.233), 4.14.x (before 4.14.194), and 4.19.x (before 4.19.140). The issue originates from backpo...

CVE-2021-20268

The CVE-2021-20268 entry is confirmed to affect the Linux kernel eBPF verifier, where an out-of-bounds access via dev_map_init_map or sock_map_alloc could crash the system or enable local privilege escalation. Affected are kernel implementations before fixes in public advisories; mitigation is to...

CVE-2025-21631

CVE-2025-21631 is a Linux kernel UAF issue in the bfq I/O scheduler. The vulnerability arises from a use-after-free involving waker_bfqq after bfq_split_bfqq, leading to slab-use-after-free in bfq_init_rq as shown by the KASAN report. Affected code paths include bfq-iosched.c: bfq_init_rq/bfq_ins...

CVE-2017-12190

CVE-2017-12190 affects the Linux kernel before 4.13.8. The issue arises in the SCSI I/O path where bio_map_user_iov and bio_unmap_user perform unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one,...

CVE-2019-19816

CVE-2019-19816 affects the Linux kernel 5.0.21: mounting a crafted btrfs image can trigger a slab-out-of-bounds write in __btrfs_map_block in fs/btrfs/volumes.c due to mishandling of the data stripes value = 1. The connected Nessus advisory blocks (Unity Linux UTSA-2026-004332 and related plugin ...

CVE-2022-0171

CVE-2022-0171 affects the Linux kernel KVM SEV API and allows a non-root host-user application to crash the host kernel by creating a confidential guest VM on AMD SEV-capable CPUs. The issue is local in scope (AV:L, AC:L, PR:L) with a CVSSv3 base score of 5.5 (I:A/H). A fix is available in the Li...

CVE-2022-45884

CVE-2022-45884: Linux kernel vulnerability in media/dvb-core/dvbdev.c that causes a use-after-free due to a race around dvb_register_device() when it dynamically allocates fops. The issue is local and could allow memory corruption or instability on affected kernels (through 6.0.9 as stated). Conn...

CVE-2023-1855

CVE-2023-1855 describes a use-after-free in xgene_hwmon_remove (drivers/hwmon/xgene-hwmon.c) of the Linux kernel hardware monitoring driver. The Astra Linux security bulletin mirrors this flaw and notes it could allow a local attacker to crash the system or leak kernel memory due to a race condit...

CVE-2024-26735

CVE-2024-26735 concerns the Linux kernel IPv6 SR subsystem. The issue is a use-after-free and a null pointer dereference in the ipv6/sr path, caused by registering the pernet operations structure for the subsystem after the generic netlink family, i.e., the pernet ops are not registered in the co...

CVE-2024-49974

CVE-2024-49974 : In the Linux kernel NFSD, there was no limit on concurrent async COPY operations, enabling potential DoS as each async COPY could create many 4MB chunks and run long. A fix introduces a simple per-namespace restriction to bound concurrent background COPY operations. When the limi...

CVE-2016-4578

CVE-2016-4578 affects the Linux kernel’s ALSA timer subsystem (snd_timer_user_ccallback and snd_timer_user_tinterrupt). The provided sources confirm a local information leak: if the snd_timer interfaces are used, uninitialized r1 data can be read from kernel stack memory, enabling a local attacke...

CVE-2017-1000255

The connected Nessus entries confirm CVE-2017-1000255 affects PowerPC Linux kernels on Power8+ where a user can craft a signal frame and sigreturn to corrupt the kernel stack by using the r1 value from the signal frame. This can overwrite arbitrary kernel memory, causing an oops and potential pan...

CVE-2017-5986

CVE-2017-5986 affects the Linux kernel SCTP implementation (net/sctp/socket.c). A race condition in sctp_wait_for_sndbuf during certain buffer-full/wait states allows a local attacker to peel off an association with another thread, leading to an assertion failure or a crash (DoS). The issue was t...

CVE-2023-2194

CVE-2023-2194 is an out-of-bounds write in the Linux kernel SLIMpro I2C driver. The userspace data->block[0] value was not capped to 0–255 and was used as the memcpy size, potentially writing beyond the end of dma_buffer. This could crash the host or, per some advisories, allow local privilege...

CVE-2018-1093

CVE-2018-1093 affects the Linux kernel (ext4) where ext4_valid_block_bitmap() in fs/ext4/balloc.c can trigger an out-of-bounds read due to missing validation of bitmap block numbers in balloc.c/ialloc.c. The issue allows a local attacker who can mount a crafted ext4 image to cause a denial of ser...

CVE-2019-15291

CVE-2019-15291 affects the Linux kernel up to 5.2.9, with a NULL pointer dereference caused by a malicious USB device in flexcop_usb_probe (drivers/media/usb/b2c2/flexcop-usb.c). Unity Nessus advisories report a security update (UTSA-2026-003882/003688/000335) addressing this issue; no exploit de...

CVE-2021-28714

Concrete details: CVE-2021-28714 and CVE-2021-28715 pertain to the Linux kernel netback driver in guests. Incoming packets for a guest are buffered until processing, with a long default client-side RX queue stall timeout (60 seconds) that can be bypassed; on fast UDP interfaces this can accumulat...

CVE-2023-1195

CVE-2023-1195 is a Linux kernel use-after-free in reconn_set_ipaddr_from_hostname (fs/cifs/connect.c) where server->hostname is not cleared, enabling a denial-of-service condition via invalid pointer use. Connected advisories (e.g., RHSA entries, MiracleLinux AXSA banners) reference this CVE a...

CVE-2024-42154

CVE-2024-42154 : In the Linux kernel, the vulnerability is in tcp_metrics: validate source addr length. The issue is that TCP_METRICS_ATTR_SADDR_IPV4 may be stored with fewer than 4 bytes and the policy lacks an entry for this attribute (IPv6 similarly manually validated). Root cause: missing len...

CVE-2024-44933

CVE-2024-44933 relates to the Linux kernel bnxt_en module, where a memory out-of-bounds could occur in bnxt_fill_hw_rss_tbl(). The root cause is a regression from a change in __bnxt_reserve_rings(): the default RSS indirection table is reset to default only when the RX ring count changes. On olde...

CVE-2011-4621

The CVE-2011-4621 entry concerns the Linux kernel prior to 2.6.37, where a clock-update optimization is flawed, allowing a local user to cause a denial of service (system hang) by running code in a loop. Affected software is the Linux kernel up to version before 2.6.37; the description does not s...

CVE-2018-5995

CVE-2018-5995 affects the Linux kernel (up to 4.14.14). The flaw is in pcpu_embed_first_chunk() in mm/percpu.c, which can let a local user read dmesg data (from a pages/cpu printk call) and disclose sensitive kernel addresses. Impact: partial kernel address disclosure with local access. Root caus...

CVE-2021-38209

CVE-2021-38209 affects the Linux kernel prior to 5.12.2, where nf_conntrack_standalone.c leaks namespace changes across all net namespaces via NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS. The issue enables observation of changes in any net namespace because updates are lea...

CVE-2024-27013

CVE-2024-27013 affects the Linux kernel tun subsystem. When vhost_worker calls tun callbacks to receive packets, excessive illegal packets trigger tun_do_read to dump packet contents, causing high CPU usage and potential soft lockups. The advisory notes using the net_ratelimit mechanism to cap su...

CVE-2022-49931

In CVE-2022-49931, the Linux kernel fix for IB/hfi1 addresses a faulty list manipulation in sc_disable() that could trigger a kernel crash (NULL pointer dereference) when a link goes down and there are waiters for a send to complete. The issue stemmed from an incorrect attempt to move a list betw...

CVE-2023-1513

CVE-2023-1513: A flaw in KVM where, on 32-bit systems, uninitialized portions of the kvm_debugregs structure could be copied to userspace via KVM_GET_DEBUGREGS, causing an information leak. Astra Linux bulletin confirms the same KVM-based issue; no fix/version details are provided in the availabl...

CVE-2023-33203

The CVE-2023-33203 entry concerns the Linux kernel prior to version 6.2.9, where a race condition can lead to a use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c when a physically proximate attacker unplugs an emac device. Affected software: Linux kernel up to 6.2.9 (including distribut...

CVE-2023-52619

The CVE-2023-52619 issue affects the Linux kernel’s pstore/ram subsystem, where setting CPU count to an odd number causes zone_size to be odd, breaking address alignment and risking crashes when accessing zone memory. The documented fix uses ALIGN_DOWN() to ensure even zone sizes, preventing non‑...

CVE-2024-26984

CVE-2024-26984 is a Linux kernel issue affecting the nouveau GPU driver where a race around pointer stores in instmem (ptrs) can yield a NULL pointer dereference under contention. The root cause is a race between nv50_instobj_acquire/refcount_set and concurrent refcount_inc_not_zero, which may le...

CVE-2024-50055

In CVE-2024-50055, the vulnerability is in the Linux kernel's driver core: bus_register() can double-free @priv after kset_register() if an error occurs, freeing it twice. The fix is to set @priv to NULL after the first free to prevent a second free. This mode C entry is supported by connected do...

CVE-2016-3134

The CVE-2016-3134 issue affects the Linux kernel netfilter/ip_tables.c, where the mark_source_chains() path can process an IPT_SET_REPLACE entry with an unvalidated next_offset. This can lead to out-of-bounds writes that enable local privilege escalation or cause a denial of service (heap memory ...

CVE-2016-7910

CVE-2016-7910 is a Linux kernel use-after-free vulnerability in the disk_seqf_stop function (block/genhd.c) that allows a local attacker to gain elevated privileges by taking advantage of a stop operation after a failed start. Affected: Linux kernel versions before 4.7.1. Root cause: use-after-fr...

CVE-2017-9074

Affected software: Linux kernel IPv6 fragmentation code. Root cause: nexthdr field may be associated with an invalid option, leading to an out-of-bounds read/BUG via crafted socket and send calls. Impact: local denial of service and potential unspecified effects (information leakage/compromise as...

CVE-2022-29968

CVE-2022-29968 affects the Linux kernel up to version 5.17.5, where io_rw_init_file in fs/io_uring.c fails to initialize kiocb->private. This can lead to kernel memory leakage or exposure as described in connected advisories (e.g., CNVD/Ubuntu notes). A patch/remediation is not explicitly deta...

CVE-2023-3640

CVE-2023-3640 – summary (Linux kernel x86 per-CPU entry area leak) A local memory leakage flaw was identified in the Linux kernel’s cpu_entry_area mapping for X86, enabling a local user to infer addresses of exception stacks and other kernel data. The vulnerability stems from partial randomness o...

CVE-2024-0841

CVE-2024-0841 : A null pointer dereference in the Linux kernel hugetlbfs (HugeTLB pages) causes local crash and could potentially enable privilege escalation via hugetlbfs_fill_super. Connected sources confirm the flaw is in the hugetlbfs path of the kernel. The available documents do not provide...

CVE-2016-10088

CVE-2016-10088 affects the Linux kernel sg path (block/bsg.c, drivers/scsi/sg.c) and is tied to KERNEL_DS handling. A local user could read/write arbitrary kernel memory or trigger use-after-free via /dev/sg, due to an incomplete fix for CVE-2016-9576. Connected advisories confirm the issue acros...

CVE-2016-7039

CVE-2016-7039 affects the Linux kernel IP stack up to version 4.8.2. An attacker can trigger the GRO path with large crafted packets (e.g., VLAN header packets), causing stack consumption and a possible panic/DoS; this is related to CVE-2016-8666. Nessus/UTSA advisories for Unity Linux reference ...

CVE-2018-8087

The CVE-2018-8087 issue affects the Linux kernel driver code in mac80211_hwsim.c (hwsim_new_radio_nl). It describes a memory leak that can be triggered by an out-of-array error, allowing local users to cause denial of service through memory consumption. The vulnerability is reported for the kerne...

CVE-2021-45480

Mode C: CVE-2021-45480 affects the Linux kernel up to 5.15.10 (before 5.15.11). Root cause: memory leak in __rds_conn_create() in net/rds/connection.c under certain conditions. Impact: potential memory leak; CVE details state a leak rather than remote code execution. Public references note mitiga...

CVE-2022-0286

Summary: CVE-2022-0286 affects the Linux kernel and is caused by a null pointer dereference in bond_ipsec_add_sa(), which can enable a local attacker to cause a denial of service. The NVD metrics indicate a Local, Low/Medium impact with a base CVSSv3.1 score of 5.5 (I/N/A high) and base CVSSv2 sc...

CVE-2022-45886

CVE-2022-45886 : Linux kernel (through 6.0.9) has a race in drivers/media/dvb-core/dvb_net.c between .disconnect and dvb_device_open that leads to a Use-After-Free vulnerability. The Connected documents confirm the affected component and root cause but do not provide an explicit public remediatio...

CVE-2024-26852

CVE-2024-26852 (Linux kernel) : A use-after-free in IPv6 route multipath logic was fixed. The root cause was a read-after-free in ip6_route_mpath_notify invoked during multipath route updates, leading to potential UAF on fib6_info objects. The patch defers fib6_info_release() to the cleanup phase...

CVE-2024-50082

CVE-2024-50082 affects the Linux kernel in blk-rq-qos handling; a race between rq_qos_wait() finishing and rq_qos_wake_function() deleting the waitentry can lead to a use-after-free-like condition where wake_up_process() is given a stale data->task. The issue manifests as crashes with page fau...

CVE-2024-56614

Summary: CVE-2024-56614 in the Linux kernel fixes an out-of-bounds write in xsk_map_delete_elem where a user-controlled signed integer can bypass bounds checks due to unsigned/signed comparison, enabling an invalid map_entry access and potential memory corruption via xchg and subsequent operation...

CVE-2018-18710

CVE-2018-18710 affects the Linux kernel up to 4.19, in the CDROM driver: cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c. A cast from unsigned long to int can bypass bounds checking, enabling a local attacker to read kernel memory (information disclosure). The issue is analogous to CVE-2018-1094...