13804 matches found
CVE-2024-26685
CVE-2024-26685 concerns a Linux kernel issue where end_buffer_async_write() could BUG_ON when handling the async_write flag in certain nilfs2 scenarios. The connected Astra Linux advisory confirms the vulnerability and states the fix is to remove the manipulation of the async_write flag for the r...
CVE-2024-26703
CVE-2024-26703 affects the Linux kernel tracing/timerlat: the hrtimer was previously initialized at first timerlat_fd read and destroyed on close, which could trigger a NULL pointer dereference if a user opens and closes timerlat_fd without reading. A fix was implemented to move hrtimer_init to t...
CVE-2024-27413
CVE-2024-27413 is a Linux kernel vulnerability affecting the EFI capsule loader. The defect occurs in drivers/firmware/efi/capsule-loader.c during efi_capsule_open, where an allocation uses sizeof(void*) for a phys_addr_t on 32-bit builds, leading to insufficient allocation size (4 bytes vs 8). T...
CVE-2024-35982
CVE-2024-35982 affects the Linux kernel’s batman-adv local TT handling. When an attached interface MTU becomes too small to transmit the local translation table, TT resizing can fail to converge, causing an endless loop. Symptoms include repeated log spam like “batman_adv: batadv0: Forced to purg...
CVE-2024-36897
CVE-2024-36897 — Linux kernel (drm/amd/display, DCN35) Root cause: a new UMA carveout BIOS (version 2.3) wasn’t handled by the DAL BIOS parsing, causing a NULL dereference when code attempted to access Ctx->dc_bios->integrated_info if that pointer was NULL. Affected component: drm/amd/displ...
CVE-2024-36961
CVE-2024-36961 affects the Linux kernel. The issue is in the thermal debugfs code: when a user opens the mitigations file for a thermal zone before tz_debugfs is initialized, tze_seq_start() can dereference NULL. A second race can allow thermal_debug_tz_remove() to run while another thread access...
CVE-2024-38564
CVE-2024-38564 relates to the Linux kernel BPF subsystem: a missing attach_type enforcement for BPF_PROG_TYPE_CGROUP_SKB in BPF_LINK_CREATE could allow CGROUP_SKB programs to attach to inappropriate cgroup hooks. The patch adds enforcement in link_create and uses bpf_prog_attach_check_attach_type...
CVE-2024-38597
CVE-2024-38597 affects the Linux kernel's Ethernet sungem driver. The vulnerability stems from gem_poll_controller() disabling interrupts and potentially sleeping, causing netpoll-related deadlocks when used with netpoll. The root cause is execution flow around .ndo_poll_controller, which netpoll...
CVE-2024-41000
CVE-2024-41000 : Linux kernel: block/ioctl: prefer different overflow check. UBSAN signed-overflow triggered by overflow in signed arithmetic during ioctl handling; fixed by reworking the overflow check to avoid performing an actual overflow in the check itself. The issue is linked to reintroduci...
CVE-2024-42123
CVE-2024-42123 affects the Linux kernel in the DRM/AMDGPU area. The issue is a double-free of the err_addr pointer in amdgpu_umc_handle_bad_pages during repeated execution of amdgpu_umc_bad_page_polling_timeout, which can trigger warnings. The provided fix sets err_addr to NULL to avoid these war...
CVE-2024-42132
The connected MiracleLinux advisory confirms CVE-2024-42132 affecting Linux kernel Bluetooth HCI code. Root cause: hci_le_big_sync_established_evt() could pass a handle larger than HCI_CONN_HANDLE_MAX, leading to freeing an unallocated handle and a warning in hci_conn_del(). The fix adds an upper...
CVE-2024-42278
CVE-2024-42278: In the Linux kernel ASoC TAS2781 driver, tasdev_load_calibrated_data() had a reversed if condition that could be a no-op or cause a NULL dereference. MiracleLinux AXSA advisory confirms the vulnerability was resolved in the kernel, but the provided materials do not specify a patch...
CVE-2024-46859
CVE-2024-46859 is a Linux kernel vulnerability affecting the panasonic-laptop code. The issue arises from unvalidated SINF array indices (0–SINF_CUR_BRIGHT, 0x0d), risking out-of-bounds accesses on devices with fewer SINF entries (e.g., CF-18 has ~10). The fix adds a minimum SINF array size check...
CVE-2024-47671
The CVE-2024-47671 entry concerns a Linux kernel vulnerability in USBimp: usbtiusmb? The provided connected documents confirm a kernel-infoleak in USB: usbtmc, with the root cause described as a need to clear the data structure before filling fields in usbtmc_write. The fix/workaround is to preve...
CVE-2024-47674
The CVE-2024-47674 entry concerns the Linux kernel mm subsystem: partial PFN mappings left around in error paths due to cleanup ordering. The issue arises because PFN mappings lack lifecycle tracking, so error handling could free the backing store before page tables are fully cleaned, leaving sta...
CVE-2024-47697
CVE-2024-47697: Linux kernel dvb-frontends rtl2830 had an out-of-bounds write via rtl2830_pid_filter due to a boundary check allowing index 32. The patch updates the boundary to index >= 32 (instead of index > 32) and enforces that dev->filters, a 32-bit bitmap, uses set_bit/clear_bit on...
CVE-2024-47723
CVE-2024-47723 affects the Linux kernel’s JFS subsystem, causing an out-of-bounds access in functions that manage the AG bitmap. The issue arises in dbNextAG() when bmp->db_numag can be greater or equal to MAXAG due to a polluted image, and in diAlloc() when agno may be greater or equal to MAX...
CVE-2024-49903
CVE-2024-49903 is a Linux kernel vulnerability involving a slab-use-after-free in the JFS mapping code (dbFreeBits/dbFreeDmap) caused by a race between two paths (dbUnmount and jfs_ioc_trim) that access bmap. The race can lead to uaf when trimming or unmounting JFS and subsequently freeing object...
CVE-2024-49985
CVE-2024-49985 : In the Linux kernel, the i2c-stm32f7 path could deadlock during runtime suspend/resume if a clock controller is attached to the I2C bus (e.g., Versaclock or an AIC32x4 codec). The root cause is a transfer that triggers clk_ops.prepare, which grabs clk.c’s prepare_lock and, after ...
CVE-2024-50066
CVE-2024-50066 is a Linux kernel race in mm/mremap where move_page_tables can race with retract_page_tables under THP/rmap locking. The flaw stems from reading the PMD type before acquiring rmap locks, potentially creating bogus PMD entries (e.g., mapping page 0 as a page table on x86) and enabli...
CVE-2024-50095
CVE-2024-50095 affects the Linux kernel RDMA mad path. The root cause was heavy locking contention in the timeout handler for timed-out WRs in mad_agent_priv, as the current timeout handler acquired and released the lock for every timed-out work request, which could cause softlockups (notably whe...
CVE-2024-50229
CVE-2024-50229 affects nilfs2 in the Linux kernel. Symlink creation can trigger memory reclamation causing circular lock dependencies among nilfs-related semaphores and fs locks, potentially leading to a deadlock if nilfs_evict_inode() or nilfs_dirty_inode() run while ns_segctor_sem is held. The ...
CVE-2024-50245
CVE-2024-50245 affects the Linux kernel fs/ntfs3 subsystem and is resolved by a patch that fixes a possible deadlock in mi_read caused by a mutex lock contention with the ni_lock_dir path. The flaw is within the ntfs3 code path and can result in a stall if the lock ordering interacts with another...
CVE-2024-50275
The CVE (CVE-2024-50275) affects the Linux kernel on arm64 with SVE traps. A race allows stale FPSIMD/SVE state to be reused across preemption, leading to SVE traps while TIF_SVE is set and potentially incorrect live state handling. The fix detaches from the saved CPU state when not live by calli...
CVE-2024-56543
Technical details (affected product/version, root cause, impact or fixes) for CVE-2024-56543 are not provided in the connected documents; monitor for updates from official advisories.
CVE-2024-56708
Technical details about affected products/versions are not provided in the documents. The CVE description states a fix for a double free during module unload in edac/igen6, but no vendor/version specifics are included.
CVE-2024-57910
CVE-2024-57910 : In the Linux kernel, the iio: light: vcnl4035 driver had an information leak in the triggered buffer. The local buffer used to push data to userspace contained an uninitialized element (a 16-bit value aligned to 8 bytes), leaving at least 4 bytes potentially exposed after a regma...
CVE-2024-57951
CVE-2024-57951 affects the Linux kernel and describes a race/state handling issue in hrtimers during CPU hotplug/unplug cycles. The vulnerability arises when a CPU transitions from ONLINE toward HOTUNPLUG and back, causing hrtimers_prepare_cpu() not to run and leaving cpu_base.hres_active at 1. A...
CVE-2024-57981
CVE-2024-57981 affects the Linux kernel USB xHCI code. When a command is queued to the final usable TRB and later aborted, the abort path could dereference a NULL cur_cmd, crashing due to a timer-setup path. The fix prevents timer setup if cur_cmd is NULL, and keeps the doorbell sequence safe. Af...
CVE-2024-58237
CVE-2024-58237 concerns a Linux kernel BPF tail-call vulnerability. The issue arises because tail-called programs could run helpers that invalidate skb packet pointers; the advisory recommends treating each tail call as potentially invalidating packet pointers. The fix alters bpf_helper_changes_p...
CVE-2025-22058
CVE-2025-22058 affects the Linux kernel UDP memory accounting. When INT_MAX was used for SO_RCVBUF, an overflow in udp_rmem_release() could wrap the total UDP memory, causing memory accounting to double after socket close and potentially leading to packet drops once rmem_alloc exceeded net.ipv4.u...
CVE-2025-38352
CVE-2025-38352: In the Linux kernel, a TOCTOU race affects posix-cpu-timers between handle_posix_cpu_timers() and posix_cpu_timer_del() when an exiting non-autoreaping task runs from IRQ. The fix adds a tsk->exit_state check into run_posix_cpu_timers() to prevent misdetection of timer->it.c...
CVE-2011-0711
CVE-2011-0711 affects the Linux kernel through the xfs_fs_geometry function in fs/xfs/xfs_fsops.c. The vulnerability arises because a structure member is not initialized, enabling local attackers to read potentially sensitive data from kernel stack memory via the FSGEOMETRY_V1 ioctl. The affected...
CVE-2011-1020
CVE-2011-1020 affects the Linux kernel (2.6.37 and earlier) where the proc filesystem does not restrict access to /proc after a process execs a setuid program. This can let local attackers obtain sensitive information or cause a denial of service by performing open, lseek, read, or write operatio...
CVE-2011-1745
The CVE-2011-1745 entry affects the Linux kernel: an integer overflow in the agp_generic_insert_memory function (drivers/char/agp/generic.c) in kernels before 2.6.38.5. This allows local users to gain privileges or cause a denial of service via a crafted AGPIOC_BIND agp_ioctl call. Affected platf...
CVE-2012-2136
CVE-2012-2136 affects the Linux kernel prior to 3.4.5. The sock_alloc_send_pskb function does not properly validate a length value, enabling a local user to trigger a heap-based overflow that can crash the system or potentially gain privileges via access to a TUN/TAP device. Affected software is ...
CVE-2014-2309
CVE-2014-2309 affects the Linux kernel (net/ipv6/route.c, function ip6_route_add) up to version 3.13.6. It causes memory exhaustion via a flood of ICMPv6 Router Advertisement packets, enabling a remote attacker to trigger DoS. The connected Nessus/OpenVAS advisories reference Unity Linux security...
CVE-2014-2851
CVE-2014-2851: Integer overflow in ping_init_sock (net/ipv4/ping.c) of the Linux kernel up to 3.14.1 allows local users to cause a denial of service (use‑after‑free and system crash) and potentially gain privileges via a crafted application that exploits an improperly managed reference counter. C...
CVE-2015-4700
The CVE-2015-4700 issue affects the Linux kernel (arch/x86/net/bpf_jit_comp.c) up to version 4.0.5. The bpf_int_jit_compile function can be triggered by crafted BPF instructions to cause a denial-of-service (system crash) via late convergence in the JIT compiler. Affected component is the JIT-com...
CVE-2015-7550
CVE-2015-7550 concerns the Linux kernel’s keyctl_read_key in security/keys/keyctl.c, where a missing semaphore around a race between keyctl_revoke and keyctl_read can allow a local user to trigger a NULL pointer dereference and system crash (DoS) and possibly other impact. The vulnerability exist...
CVE-2017-18193
The CVE-2017-18193 issue is in the Linux kernel’s F2FS extent_cache.c (before 4.13). It mishandles extent trees, enabling a local, multi-threaded application to trigger a denial of service. Connected advisories (Unity Linux and OpenVAS/Open Nessus entries) confirm the affected component and impac...
CVE-2019-19053
CVE-2019-19053 affects the Linux kernel (through 5.3.11). A memory leak in the function rpmsg_eptdev_write_iter() (drivers/rpmsg/rpmsg_char.c) can be triggered when copy_from_iter_full() fails, leading to a denial of service via memory consumption. The connected Nessus entries (Unity Linux UTSA a...
CVE-2021-43057
The CVE-2021-43057 issue affects the Linux kernel prior to 5.14.8, caused by a use-after-free in selinux_ptrace_traceme (SELinux handler for PTRACE_TRACEME). Local attackers could trigger memory corruption and elevate privileges by accessing the subjective credentials of another task. The advisor...
CVE-2021-47416
CVE-2021-47416 refers to a Linux kernel issue where a memory leak in the MDIO bus interface could occur due to incorrect state handling of MDIOBUS_ALLOCATED. The bug arises when device_register() is called after a partial allocation; mdiobus_free() would free only the memory with kfree(dev) inste...
CVE-2022-42432
The CVE-2022-42432 issue affects Linux Kernel 6.0-rc2, caused by uninitialized memory access in nft_osf_eval. Local attackers with high privileges can disclose sensitive information and, in combination with other vulnerabilities, may execute code in the kernel context. Public sources (including A...
CVE-2022-48738
CVE-2022-48738 corresponds to a Linux kernel vulnerability in ASoC: ops where snd_soc_put_volsw() could accept values outside the advertised valid range. The issue arises from missing validation of user-space-reported ranges, allowing out-of-range values to be processed. The connected Astra Linux...
CVE-2022-48912
CVE-2022-48912 concerns a Linux kernel use-after-free in netfilter: the fix is to avoid dereferencing new_hooks after nf_hook_mutex is released in __ nf_register_net_hook, preventing a KASAN read after free. The Astra Linux advisory reproduces the exact description, including the kasan report: Re...
CVE-2022-48944
The CVE-2022-48944 issue is a Linux kernel race in sched/fork() related to how new tasks are exposed via pidhash and runqueue handling. The description cites prior fixes that fixed a fork race vs cgroup (commit 4ef0c5c6b5ba) and a subsequent change that effectively reverted that, aiming to fix th...
CVE-2022-49145
CVE-2022-49145 affects the Linux kernel's ACPI CPPC parsing of _CPC data. The root cause is an out-of-bounds access when the NumEntries field is less than 2, which could lead to improper access of the Revision element. A fix has been implemented in the kernel to avoid this access. The vulnerabili...
CVE-2022-49288
CVE-2022-49288 concerns the Linux kernel ALSA PCM subsystem. The issue arises from races in concurrent prealloc changes via proc files, with no protection against simultaneous PCM buffer preallocation changes, potentially leading to use-after-free or other instability. The provided fix applies th...