CVE-2017-17862

CVE-2017-17862 affects the Linux kernel up to 4.14.8. The issue stems from kernel/bpf/verifier.c mis-pruning of unreachable code, which could be mishandled by JITs and enable a local denial-of-service by unprivileged users. Connected advisories and patches indicate this was addressed via kernel f...

CVE-2022-26365

Astra Linux security bulletins summarize CVE-2022-26365 among several Linux kernel issues affecting Linux-5.10/5.15 series. They describe that Linux Block and Network PV device frontends do not zero memory regions before sharing with the backend, and that grant-table granularity can co-locate unr...

CVE-2022-2938

CVE-2022-2938 : A flaw in the Linux kernel’s Pressure Stall Information (PSI) implementation could allow a local attacker to crash the system or cause memory-corruption side effects, even though PSI is disabled by default. The connected documents consistently describe the issue as a Linux kernel ...

CVE-2022-2977

CVE-2022-2977 affects the Linux kernel’s proxied virtualized TPM devices. When virtual TPMs are configured, a local attacker can trigger a use-after-free that may lead to privilege escalation. Public documents confirm the vulnerability description, but neither exploit details nor a concrete remed...

CVE-2023-52598

CVE-2023-52598 concerns the Linux kernel (s390/ptrace) where an incorrect handling of the fpc register during ptrace can corrupt fp/vx state of the tracing process. The root cause is that when a traced process’s fpc value is validated, it is temporarily loaded into the fpc register, and the trace...

CVE-2023-52683

CVE-2023-52683: Linux kernel ACPI LPIT integer-overflow in lpit_update_residency() (tsc_khz > UINT_MAX/1000) fixed by replacing a u32 multiplication with mul_u32_u32(). The MiracleLinux advisories (AXSA entries) reference this CVE among affected Linux kernel series and note remediation via ker...

CVE-2024-26669

CVE-2024-26669 (Linux kernel net/sched: flower) The issue arises when deleting a qdisc on a device using flower: the stack replays filter removals but does not send a FLOW_CLS_TMPLT_DESTROY for chain templates, causing a memory leak. The fix adds a new tmplt_reoffload operation and lets the stack...

CVE-2024-35967

CVE-2024-35967: Linux Bluetooth SCO path vulnerable to not validating setsockopt input. syzbot reports copying data without input length check, causing slab-out-of-bounds reads via copy_from_sockptr_offset in include/linux/sockptr.h and an observed slab-out-of-bounds in sco_sock_setsockopt+0xc0b/...

CVE-2024-36883

CVE-2024-36883 is a Linux kernel vulnerability in the networking code, specifically a out-of-bounds access in the function path associated with pernet ops. The root cause is a sequence where net_alloc_generic reads max_gen_ptrs twice (before and after a potential race) while net_alloc runs withou...

CVE-2024-42246

CVE-2024-42246 is a Linux kernel issue where -EPERM from a BPF program on kernel_connect() could cause xs_tcp_setup_socket() to loop and potentially freeze the kernel. The vulnerability’s root cause is EPERM propagation in the TCP/XS path; mitigations described in public notes include remapping E...

CVE-2024-42301

CVE-2024-42301 affects the Linux kernel’s dev/parport component, where an array out-of-bounds risk was introduced. The vulnerability was addressed by replacing unsafe data copying (sprintf) with snprintf to prevent buffer overflow. The initial report includes a kernel stack and Do_Hardware_Base_A...

CVE-2024-46693

CVE-2024-46693 (Linux kernel) : A race during initialization of soc: qcom: pmic_glink drivers can dereference a NULL client pointer due to the client object being used before client registration completes. The root cause is that protection-domain notifiers can fire and schedule work before the cl...

CVE-2024-50256

CVE-2024-50256 affects the Linux kernel netfilter path nf_reject_ipv6. The issue arises in nf_send_reset6() when a zero or insufficient hardware header length (dev->hard_header_len) leads to attempting to push an Ethernet header, crash, and kernel BUG in skbuff.c. The provided trace shows skb_...

CVE-2025-21858

In the Linux kernel, CVE-2025-21858 is a use-after-free in geneve_find_dev() caused by a stale geneve_dev.next linkage when nets disappear, leading to a use-after-free when creating a new geneve device in the same netns. The fix, per the description, is to call geneve_dellink() (instead of the pr...

CVE-2015-8543

CVE-2015-8543 affects the Linux kernel networking stack (up to version 4.3.3 as used in Android and others). The issue: the networking implementation does not validate protocol identifiers for certain protocol families, enabling local users to cause a NULL pointer dereference and system crash, wi...

CVE-2023-2007

CVE-2023-2007 affects the DPT I2O Controller driver in the Linux kernel. The issue arises from missing locking during object operations, enabling a local attacker to escalate privileges and execute arbitrary code in kernel context. Public references in Unity Linux (UTSA-2026-004778) and multiple ...

CVE-2023-28327

CVE-2023-28327 : A NULL pointer dereference in the Linux kernel’s UNIX protocol (net/unix/diag.c, function unix_diag_get_exact) occurs when the newly allocated skb is created without an associated sk, leaving a NULL sk pointer. This can allow a local attacker to crash the kernel or cause a denial...

CVE-2023-52565

CVE-2023-52565 is a Linux kernel vulnerability affecting the media: uvcvideo subsystem. The issue is an out-of-bounds read in uvc_query_v4l2_menu() when the user-provided index exceeds the mask size, potentially allowing reading memory outside the intended bounds. The connected MiracleLinux advis...

CVE-2024-23849

CVE-2024-23849 affects the Linux kernel’s RDS path (net/rds/af_rds.c) up to and including 6.7.1. The issue is an off-by-one in the RDS_MSG_RX_DGRAM_TRACE_MAX comparison, causing out-of-bounds access. Connected advisories confirm this vulnerability and show it in multiple vendor/OS contexts (Debia...

CVE-2024-26649

CVE-2024-26649 (linux kernel, drm/amdgpu) fixes a NULL pointer dereference in RLC firmware loading. Root cause: when RLC firmware header size is invalid, the firmware pointer is released and later dereferenced. The patch skips the validation to prevent the NULL pointer dereference during subseque...

CVE-2024-36288

CVE-2024-36288 affects the Linux kernel SUNRPC code. The issue is a loop termination condition in gss_free_in_token_pages, where the in_token->pages[] array is not NULL terminated, causing a KASAN memory access warning. Impact is described as memory access issues with potentially exploitable b...

CVE-2024-41042

Based on the provided documents, CVE-2024-41042 affects the Linux kernel nf_tables component. The vulnerability stems from the loop-detection path: nf_tables_check_loops() and its helpers were used to detect cycles in nft chains. The affected code path is nf_tables: the fix replaces or removes lo...

CVE-2024-45002

CVE-2024-45002 is a Linux kernel vulnerability affecting rtla/osnoise: a NULL dereference in error handling when tool->data allocation fails. The issue is confirmed in multiple vendor advisories (Azure Linux Nessus, Astra Linux bulletin, Debian DLA-4008) and is tied to kernel code paths involv...

CVE-2024-49884

CVE-2024-49884 : Linux kernel ext4 slab-use-after-free in ext4_split_extent_at() during unwritten/extents handling. The issue stems from use-after-free of path data (path) when updating extents after an error (-ENOMEM/-EIO). The connected Astra Linux and kernel notes describe the root cause chain...

CVE-2024-53078

In CVE-2024-53078, Linux kernel vulnerability exists in drm/tegra: probe() where the code checked for NULL after calling iommu_paging_domain_alloc(). The function does not return NULL pointers; it returns error pointers. The fix updates the check to treat error pointers correctly, aligning the pr...

CVE-2024-53156

CVE-2024-53156: In the Linux kernel’s ath9k wireless driver, insufficient verification of conn_rsp_epid in htc_connect_service() can trigger an UBSAN array-out-of-bounds in htc_hst.c (index 255 out of range for htc_endpoint[22]). Astra Linux and related advisories confirm the issue and its fix: a...

CVE-2024-56776

Technical details for CVE-2024-56776 are not provided in the supplied connected documents. Public details are unavailable here. Action: monitor for updates from security advisories.

CVE-2025-21764

The CVE-2025-21764 issue affects the Linux kernel: ndisc_alloc_skb() could be invoked without RTNL or RCU held, enabling a potential use-after-free. The published fixes add RCU protection to ndisc_alloc_skb() to prevent UAF. Affected advisories (e.g., kernel security updates in Astra Linux, ALAS/...

CVE-2015-8830

CVE-2015-8830 is a Linux kernel vulnerability caused by an integer overflow in the aio_setup_single_vector path (fs/aio.c) when handling a large AIO iovec. The issue could allow a local attacker to cause a denial of service or potentially other impact, as described in the CVE entry and reflected ...

CVE-2017-5577

CVE-2017-5577 affects the Linux kernel VideoCore DRM vc4 driver. The vc4_get_bcl function in vc4_gem.c can encounter overflow while handling size values in VC4_SUBMIT_CL, and does not set an errno value, which can lead to an incorrect pointer dereference and a kernel OOPS, causing a denial of ser...

CVE-2017-7616

CVE-2017-7616 affects the Linux kernel (mm/mempolicy.c) where incorrect error handling in set_mempolicy/mbind compat syscalls can leak uninitialized stack data to local attackers. The issue is documented across multiple advisories (e.g., Debian, CentOS, Cloud Foundry) and is mitigated by updating...

CVE-2019-19039

CVE-2019-19039 is a Linux kernel vulnerability affecting btrfs: the function __btrfs_free_extent in fs/btrfs/extent-tree.c may trigger a path in btrfs_print_leaf during an ENOENT case, enabling a local attacker to obtain potentially sensitive information about register values via dmesg. The descr...

CVE-2019-19318

The CVE-2019-19318 issue affects Linux kernel 5.3.11. Root cause: mounting a crafted btrfs image twice can trigger a use-after-free in rwsem_down_write_slowpath because rwsem_can_spin_on_owner’s rwsem_owner_flags returns an already freed pointer. Documented impact per sources indicates an availab...

CVE-2019-19813

CVE-2019-19813 is a Linux kernel use-after-free in __mutex_lock on Linux kernel 5.0.21 when mounting a crafted btrfs image, performing operations, and calling syncfs, related to mutex_can_spin_on_owner, __btrfs_qgroup_free_meta, and btrfs_insert_delayed_items. It is a local, user-interaction-requ...

CVE-2022-1199

CVE-2022-1199 is a Linux kernel flaw that can crash the kernel via user-space activity simulating amateur radio, producing a NULL pointer dereference and a use-after-free. The connected Astra Linux bulletin confirms the same vulnerability details and, for mitigating environments, Siemens’ accompa...

CVE-2022-1516

CVE-2022-1516: A NULL pointer dereference in the Linux kernel’s X.25 protocol stack allows a local attacker to crash the system during session termination via a simulated Ethernet card. Connected sources consistently describe this flaw as a local (LOCAL) impact with no remote vector provided; no ...

CVE-2023-3358

CVE-2023-3358 describes a NULL pointer dereference in the Linux kernel ISH (Integrated Sensor Hub) driver. The impact stated is that a local user could crash the system. The connected Nessus/NASL entries corroborate the same issue across multiple advisories and lists, but the provided documents d...

CVE-2023-52623

CVE-2023-52623 is a Linux kernel vulnerability related to SUNRPC where a suspicious RCU usage warning was observed: the RCU-list was traversed in a non-reader section in net/sunrpc/xprtmultipath.c:349. The connected Astra Linux and other advisories confirm this CVE and describe the fix as address...

CVE-2023-52881

CVE-2023-52881 : In the Linux kernel, a vulnerability in TCP ACK handling allowed accepting ACKs for bytes that were never sent. The fix tightens ACK validation to the RFC 5961 range and adds tp->bytes_acked in linux-4.2+. Affected: Linux kernel TCP stack; Impact: potential remote/system compr...

CVE-2024-26675

CVE-2024-26675 (Linux kernel) affects the ppp_async path. The issue arises from MRU (Maximum Receive Unit) limits not being enforced for PPP async messages, which can trigger a warning in __alloc_pages via a memory/page allocation path when handling large skb allocations during PPP input. The des...

CVE-2024-26686

CVE-2024-26686 refers to a Linux kernel issue where lock_task_sighand could trigger a hard lockup if NR_CPUS threads execute do_task_stat concurrently while a process has NR_THREADS. The fix changes do_task_stat() to gather thread/child statistics using sig->stats_lock outside the sighand lock...

CVE-2024-26906

CVE-2024-26906 : In the Linux kernel, x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault(). A bpf program reading the vsyscall page with bpf_probe_read_kernel() can trigger copy_from_kernel_nofault(), which calls __get_user_asm() and may fault because the vsyscall page is not readab...

CVE-2024-35807

CVE-2024-35807 pertains to a Linux kernel ext4 online resize corruption when resizing a filesystem larger than 16 TiB with 4k blocks. The issue occurs during on-line resize across an 8 GiB boundary, affecting the backup block group descriptor for non-meta_bg layouts and can corrupt data. The root...

CVE-2024-35886

CVE-2024-35886: Linux kernel vulnerability in IPv6 routing dump logic caused infinite recursion in fib6_dump_done() during netlink dump (AF_UNSPEC RTM_GETROUTE/more data). Logs show repeated fib6_dump_done() calls and a stack guard page hit due to recursive destructor behavior. The publicly repor...

CVE-2024-41014

The CVE CVE-2024-41014 affects the Linux kernel (xfs) and is caused by insufficient bounds checking in xlog_recover_process_data, specifically verifying the space for fixed members of xlog_op_header. A crafted XFS image can trigger an out-of-bounds read by altering the xlog_op_header and xlog_rec...

CVE-2024-43899

CVE-2024-43899 affects the Linux kernel’s DRM AMD display path. The vulnerability is a NULL pointer dereference in dcn20_resource.c that can cause a hang when MPV runs on a DCN401 dGPU, specifically during fullscreen playback after enabling fullscreen (double click). Affected component/function c...

CVE-2024-53131

CVE-2024-53131 concerns the Linux kernel nilfs2 subsystem. The issue manifests as a NULL pointer dereference when the tracepoint block_touch_buffer is exercised from __nilfs_get_folio_block() via touch_buffer(), which accesses bh->b_bdev->bd_dev even if the buffer head lacks a valid block_d...

CVE-2024-56558

CVE-2024-56558 : In the Linux kernel, the nfsd export display path could trigger a use-after-free due to a reference-count issue on the exported access (exp) object. The fix ensures exp remains active by using cache_get_rcu before exp_get, preventing a UAF when e_show is called under RCU protecti...

CVE-2014-4943

CVE-2014-4943 affects the Linux kernel up to 3.15.6, specifically the PPPoL2TP feature in net/l2tp/l2tp_ppp.c. The vulnerability arises from data-structure differences between an l2tp socket and an inet socket, enabling local privilege escalation. Public details in connected sources include PoC/e...

CVE-2016-7097

CVE-2016-7097 is a Linux kernel vulnerability in which the setgid bit was not cleared during setxattr, allowing local users to gain group privileges if a setgid executable exists with restricted execute permissions. The issue is reported across the Linux filesystem/ACL handling and was addressed ...