CVE-2024-35859

CVE-2024-35859 concerns the Linux kernel: a module reference leakage can occur in the bdev_open_by_dev error path. The vulnerability arises because a module reference is grabbed when bdev_may_open() is invoked and might not be released if that call fails. The issue was identified via code review ...

CVE-2024-35870

CVE-2024-35870: Linux kernel SMB client flaw (UAF in smb2_reconnect_server) traced to smb2_reconnect_server() accessing a session being torn down by __cifs_put_smb_ses(). Root cause is a race with ses_status being changed concurrently. The fix unconditionally sets ses_status to SES_EXITING and pr...

CVE-2024-35880

Summary of CVE-2024-35880 (Linux kernel) : A local privilege escalation fix addressing io_uring kbuf handling during mmap. The issue stems from unsafe use of the io_uring lock while mmap’ing, requiring a reference to the io_buffer_list to prevent unregistering during use. The lookup now returns t...

CVE-2024-41094

The CVE-2024-41094 issue affects the Linux kernel DRM fbdev-dma path. The root cause is unsafe handling of memory for the framebuffer when smem_start is exported via module options, which can break on systems where DMA memory is backed by vmalloc and may trigger non-linear virt_to_phys address ch...

CVE-2024-43821

Technical details beyond the description of CVE-2024-43821 are not provided in the supplied documents; no explicit affected products/versions/fixes are listed here. Monitor vendor advisories for updates.

CVE-2024-43823

CVE-2024-43823 is a Linux kernel PCI keystone issue where a DT error can cause a NULL pointer dereference in ks_pcie_setup_rc_app_regs when IORESOURCE_MEM is missing. The description in the sources states the bug occurs if a Device Tree error leads to a NULL in resource_list_first_type(), with pc...

CVE-2024-45010

CVE-2024-45010 – Linux kernel (mptcp: pm: only mark 'subflow' endp as available) The vulnerability is in the MPTCP path management where removing a 'signal' endpoint could incorrectly decrement local_addr_used for subflow endpoints. The fix ensures local_addr_used is decremented only when an ID i...

CVE-2024-45018

The connected advisories confirm CVE-2024-45018 affects the Linux kernel netfilter flowtable. It is caused by missing initialisation of extack before use in flow offload. The impact is described in the CVE entry, and remediation is to apply the kernel update/patch provided by the vendor (update t...

CVE-2024-49863

Summary (CVE-2024-49863) A Linux kernel vulnerability in vhost/scsi allowed a null pointer dereference in vhost_scsi_get_req() when handling certain AN SCSI requests. The bug occurred after vhost_scsi_ctl_handle_vq() could assign vc.target = NULL for AN requests; later, vhost_scsi_get_req() deref...

CVE-2024-50180

Technical details about CVE-2024-50180 are not publicly provided in the connected documents. Please monitor official updates and vendor advisories for the affected Linux kernel components and remediation guidance.

CVE-2024-50218

CVE-2024-50218 relates to the Linux kernel ocfs2 truncation path where passing a 64-bit value to ocfs2_truncate_inline could overflow. The fix introduces a sanity check for byte_start and byte_len in ocfs2_remove_inode_range(); if either is greater than ocfs2_max_inline_data_with_xattr, the funct...

CVE-2024-53084

CVE-2024-53084 affects the Linux kernel’s DRM/Imagination driver path for PVR, where a resource cleanup reference loop between PVR VM Context and VM Mappings could leak VM resources. The official fix breaks the loop by freeing outstanding VM mappings before destroying the PVR Context associated w...

CVE-2024-56678

There are no additional technical details about CVE-2024-56678 in the connected documents beyond what’s in the initial description. Public details in the provided sources are limited; monitor for updates.

CVE-2024-56715

CVE-2024-56715 relates to the Linux kernel fix for netdev notifier leaks when register_netdev() fails. The vulnerability occurs if a driver registers a netdev notifier but the subsequent register_netdev() call fails, causing a leak of the netdev notifier. The patch implements ionic_lif_unregister...

CVE-2024-57793

CVE-2024-57793 affects the Linux kernel in the virt: tdx-guest path, where an unrecoverable error in set_memory_decrypted() can cause decrypted memory to be leaked to the page allocator. The untrusted host in CoCo VMs can trigger set_memory_decrypted() to fail, and callers must handle such errors...

CVE-2024-57906

In the Linux kernel, CVE-2024-57906 affects the iio: adc: ti-ads8688 path, where a local buffer used to push data to userspace from a triggered buffer was not initialized for inactive channels. The root cause is failing to zero-initialize the buffer, risking information leakage to userspace. The ...

CVE-2024-57912

CVE-2024-57912 affects the Linux kernel iio: pressure: zpa2326 path. The issue stems from a local-triggered buffer where a sample struct (u32 pressure, u16 temperature, gap, u64 timestamp) contains an uninitialized hole between temperature and timestamp, risking information leakage to userspace. ...

CVE-2024-58063

CVE-2024-58063 affects the Linux kernel wireless stack (rtlwifi). The described issue is memory leaks and invalid access on probe error paths in the rtlwifi PCI handling, with deinitialization performed in reverse order when probe fails. Specifically, when init_sw_vars fails, rtl_deinit_core shou...

CVE-2025-21736

CVE-2025-21736 : In the Linux kernel, nilfs2 may overflow when computing the result of nilfs_fiemap() via nilfs_bmap_lookup_contig() if blocks up to maxblocks == INT_MAX are considered; an overflow can occur due to a left shift on blkbits. The advisory notes the fix is to cast the right-hand expr...

CVE-2025-21753

The CVE-2025-21753 entry concerns a use-after-free in the Linux kernel’s btrfs join_transaction path. Root cause: when joining the current (possibly aborted) transaction, the code reads the transaction’s aborted field after releasing fs_info->trans_lock and without holding an extra reference, ...

CVE-2025-21917

Summary of CVE-2025-21917 (Renesas USBHS issue) : In the Linux kernel, the USB Renesas USBHS driver (usb: renesas_usbhs) could crash when performing continuous unbind/bind operations on USB drivers for the Renesas RZ/G2L SoC. The root cause is related to the usbhsc_notify_hotplug() path and invol...

CVE-2025-22005

The CVE-2025-22005 issue, fixed in the Linux kernel, is a memleak in nhc_pcpu_rth_output within fib_check_nh_v6_gw(). The root cause was that fib_nh_common_init() was moved before alloc_percpu_gfp() and cleanup for nhc_pcpu_rth_output was not added on failure. The fix adds cleanup by calling fib_...

CVE-2010-3081

CVE-2010-3081 describes a local privilege-escalation in the Linux kernel’s 64-bit compat layer due to missing sanity checks in compat_alloc_user_space, enabling a local user to abuse compat_mc_getsockopt controlling a length value. Affected: kernel 2.6.x before 2.6.36-rc4-git2 on 64-bit platforms...

CVE-2010-4243

CVE-2010-4243 affects the Linux kernel up to version 2.6.37. The issue is in fs/exec.c where the OOM Killer does not assess stack memory usage of the arrays representing (1) arguments and (2) environment during an exec, enabling a local user to cause memory exhaustion (denial of service) via a cr...

CVE-2013-1798

The CVE-2013-1798 entry concerns the Linux kernel’s ioapic_read_indirect() in virt/kvm/ioapic.c up to version 3.8.4. A particular sequence of invalid IOAPIC_REG_SELECT/IOAPIC_REG_WINDOW operations can allow a privileged guest OS user to read sensitive host memory or trigger a host OOPS, per multi...

CVE-2013-7446

CVE-2013-7446 is a use-after-free vulnerability in the Linux kernel (net/unix/af_unix.c) up to version 4.3.2, fixed in 4.3.3. It allows local attackers to bypass AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. Affected: Linux kernel before 4.3.3 (inclu...

CVE-2014-8160

CVE-2014-8160 : In the Linux kernel, net/netfilter/nf_conntrack_proto_generic.c before 3.18 generates incorrect conntrack entries when handling certain iptables rule sets for SCTP, DCCP, GRE, and UDP-Lite. This can allow remote attackers to bypass intended access restrictions by sending packets w...

CVE-2016-9084

The CVE-2016-9084 entry concerns Linux kernel Vfio PCI: vfio_pci_intrs.c misuses kzalloc, enabling a local attacker with access to a vfio PCI device file to trigger an integer overflow and cause a denial of service or other impact. Connected sources (e.g., Mageia advisories MGASA-2017-0147/0148 a...

CVE-2017-2584

CVE-2017-2584 affects arch/x86/kvm/emulate.c in the Linux kernel up to version 4.9.3, enabling local users to read kernel memory or cause a use-after-free DoS via a crafted instruction-emulation application targeting fxrstor, fxsave, sgdt, and sidt. Remediation is not specified in the provided do...

CVE-2019-25045

CVE-2019-25045 is a Linux kernel use-after-free in the XFRM subsystem (xfrm_state_fini panic) reported for kernels before 5.0.19. Publicly documented references from EulerOS and Unity Linux advisories confirm the issue and link the fix to kernel 5.0.19 (and related upstream commit). The impact is...

CVE-2021-47428

CVE-2021-47428 is a Linux kernel issue in powerpc/64s emergency stack handling where the emergency path could jump into a non-trivial macro path; the fix avoids numeric labels when jumping over macros. Several vendor/MiracleUnity advisories reference the same patch and include the same descriptio...

CVE-2022-49097

CVE-2022-49097 relates to the Linux kernel NFS writeback path. In low-memory conditions, the NFS writeback code could enter infinite loops in mempool_alloc, risking a writeback stall. The issue is resolved in the kernel by allowing the writeback path to fail gracefully instead of deadlocking. The...

CVE-2022-49214

CVE-2022-49214 pertains to the Linux kernel on PowerPC 64s where Data SLB (Data Segment) faults do not set DSISR to a useful value, causing misclassification of read vs. write faults. The fix reworks the printing logic to treat SLB faults separately and only print read/write when the fault type c...

CVE-2022-49592

CVE-2022-49592 affects the Linux kernel driver net/stmmac: a left-shift overflow in MTL_RXQ_DMA_MAP1 occurs when the number of TX/RX queues exceeds four, due to a 32‑bit mask calculation. UBSAN reports show a shift-out-of-bounds during UBSAN checks, leading to a potential warning path in dwmac4_c...

CVE-2022-49595

CVE-2022-49595 is a Linux kernel data‑race vulnerability affecting the reader of the sysctl_tcp_probe_threshold variable. The issue arises because the value can be changed concurrently while read, leading to a race condition. The documented fix is to guard the reader with a READ_ONCE(), stabilizi...

CVE-2022-49599

CVE-2022-49599 concerns a data race in the Linux kernel involving sysctl_tcp_l3mdev_accept. The connected advisories confirm the vulnerability is in the kernel’s handling of sysctl_tcp_l3mdev_accept and that the fix adds READ_ONCE() to the readers to prevent concurrent modification during reads. ...

CVE-2022-49641

CVE-2022-49641 concerns the Linux kernel sysctl path, where data races in proc_douintvec() could occur due to concurrent access. The fix switches internal access to READ_ONCE() and WRITE_ONCE(), reducing load/store tearing in readers/writers. The patch notes indicate proc_douintvec() is currently...

CVE-2022-49666

CVE-2022-49666 concerns the Linux kernel, specifically the powerpc/memhotplug path. The issue arises from an add_pages override for PPC, where the kernel began validating addresses against high_memory after commit ffa0b64e3be5 (powerpc: Fix virt_addr_valid() for 64-bit). This leads to a BUG_ON in...

CVE-2023-52658

CVE-2023-52658 is referenced in MiracleLinux advisory AXSA:2024-8938:33 for MiracleLinux 9. The advisory lists a Linux kernel issue: “net/mlx5: Block entering switchdev mode with ns inconsistency” that was reverted in the upstream commit 662404b24a4c4d839839ed25e3097571f5938b9b, due to instabilit...

CVE-2023-52788

The CVE-2023-52788 entry describes a Linux kernel issue in the i915/perf interface where dereferencing the perf interface when it is not available could lead to a NULL dereference. The fix returns -ENOTSUPP when the perf interface is unavailable. This is the only explicit vulnerability detail pro...

CVE-2024-26696

CVE-2024-26696 (nilfs2 deadlock fix) In the Linux kernel, the nilfs2 fix addresses a hang in nilfs_lookup_dirty_data_buffers() triggered by a deadlock between log writer and writeback during mbind/migrate_pages_batch. The root cause was a conditional wait in nilfs_page_mkwrite() that could allow ...

CVE-2024-26746

The CVE-2024-26746 issue is a Linux kernel vulnerability where event log cache allocation used kmem_cache_create is unsafe for user copies, triggering a kernel bug when HARDENED_USERCOPY is enabled. The connected PT/ Nessus entries confirm the problem is tied to the idxd event log completion reco...

CVE-2024-26820

CVE-2024-26820 affects the Linux kernel hv_netvsc driver. The issue occurs when the hv_netvsc module is unloaded and reloaded: the NET_DEVICE_REGISTER handler can fail to register a VF because the VF registration call arrives before netvsc_probe finishes, since register_netdevice_notifier() is re...

CVE-2024-26828

In the connected Tencent/TSSA advisory for CVE-2024-26828, the Linux kernel CIFS fix is described: the underflow in parse_server_interfaces() arises from comparing ssize_t bytes_left with size_t sizeof(), causing the loop to continue when bytes_left is negative. The remediation fixes this by corr...

CVE-2024-35831

CVE-2024-35831 (Linux kernel io_uring issue) : The vulnerability arises in the error path of __io_uaddr_map where, after pinning pages, the error handler may not release the pinned pages if the function fails. This can occur under memory fragmentation and results in improper cleanup. The base CVS...

CVE-2024-36938

CVE-2024-36938 : Linux kernel vulnerability in bpf, skmsg subsystems causing NULL pointer dereference and data races in sk_psock_skb_ingress_enqueue. The issue involves concurrent access to saved_data_ready and related sk_psock state, leading to an in-kernel NULL dereference under data-race condi...

CVE-2024-42104

CVE-2024-42104 affects the Linux kernel’s nilfs2 filesystem. A missing check for inode numbers on directory entries allows internal inodes (metadata files) to be exposed in the namespace, potentially causing a use-after-free of metadata file inodes and kernel bugs in lru_add_fn() when mounting/un...

CVE-2024-42269

CVE-2024-42269 (Linux kernel) : A local DoS via NULL pointer dereference in ip6table_nat_table_init() was resolved. The root cause: ip6table_nat_table_init() accessed net->gen->ptr[...] before per-network entry was allocated. The fix: call register_pernet_subsys() before xt_register_templat...

CVE-2024-42312

CVE-2024-42312 relates to the Linux kernel vulnerability where sysctl did not consistently initialize i_uid/i_gid. The resolution initializes i_uid/i_gid inside the sysfs core so that set_ownership() can safely skip setting them. The change is documented as part of commit 5ec27ec735ba, which fixe...

CVE-2024-43870

CVE-2024-43870 : In the Linux kernel perf subsystem, a window exists during task_exit where pending sigtrap deliveries may be queued but not added to the event’s task_work due to a failure when adding the event’s callback to task_work. This creates a small window in which the event refcount can b...