13692 matches found
CVE-2024-53229
Summary (CVE-2024-53229) : In the Linux kernel, the RDMArxe path had a fix for qp flush warnings in req. When a QP is in an error state, WQEs in the queue must be marked as error; otherwise a kernel warning can occur (for example in rxe_completer). The provided data confirms this CVE is tracked i...
CVE-2024-56707
The connected Astra Linux and MS/ENISA/Nessus entries confirm CVE-2024-56707 affects the Linux kernel octeontx2-pf driver and states the root cause as missing error pointer checks after otx2_mbox_get_rsp in otx2_dmac_flt.c. A fix adds error pointer validation after the call. The remediation is th...
CVE-2024-53164
CVE-2024-53164 affects the Linux kernel net_sched subsystem. The root cause was an incorrect ordering of qlen updates (sch->q.qlen) around qdisc_tree_reduce_backlog(), which could fail to notify parent qdiscs when a child becomes empty. The fix ensures the qlen adjustment happens before the ca...
CVE-2024-56630
The CVE-2024-56630 issue affects the Linux kernel’s ocfs2 subsystem: when ocfs2_get_init_inode() fails, inodes could be leaked due to not iput()'ing after new_inode() succeeds and dquot_initialize() fails. The syzbot trace mentions busy inodes after unmount for commit 9c89fe0af826 and that the er...
CVE-2024-56644
CVE-2024-56644 : In the Linux kernel, the IPv6 stack vulnerability causes a leaked destination (dst) in the exception table when an expired IPv6 route’s dst is processed by ip6_negative_advice() after MTU change and TCP timeout. Root cause: an extra dst_hold() increments the reference counter, wh...
CVE-2024-57800
CVE-2024-57800 affects the Linux kernel in ALSA memalloc handling. When DMA API debugging is enabled, it may warn about a device driver failing to check a DMA address map, e.g. device address 0x00000000ffff0000, due to explicit address checks instead of using dma_mapping_error(). The documented f...
CVE-2024-56539
CVE-2024-56539 refers to a Linux kernel issue where mwifiex memcpy() would write across a field due to a one-element array, triggering a field-spanning write warning in mwifiex_config_scan(). The fix replaces the one-element array with a flexible-array member in struct mwifiex_ie_types_wildcard_s...
CVE-2024-53172
CVE-2024-53172 (Linux kernel, UBI fastmap) : The issue arises in the fast attaching path where alloc_ai() could be invoked twice with the same slab cache name 'ubi_aeb_slab_cache', triggering a kernel WARNING "kmem_cache_create_args". The root cause is duplicate slab cache names during fastmap at...
CVE-2024-53214
CVE-2024-53214 concerns the Linux kernel VFIO/PCI logic for hiding PCIe extended capabilities. The issue occurred when hiding the first-in-list capability (unknown or hidden on purpose) by zeroing the capability ID/version while preserving Next, which is safe in general but failed if cap_id excee...
CVE-2024-57888
Technical details for CVE-2024-57888 are not publicly available in the provided documents. Monitor vendor advisories and kernel commit references for remediation context and updates.
CVE-2024-56705
CVE-2024-56705 concerns the Linux kernel where ia_css_3a_statistics_allocate() fails to check the allocation result of the rgby_data memory, potentially triggering the assertion at ia_css_s3a_hmem_decode() if rgby_data allocation fails. The public technical details in connected sources indicate t...
CVE-2025-21647
The CVE-2025-21647 vulnerability affects the Linux kernel’s sched: sch_cake path, where an underflow in per-host bulk flow counters could cause out-of-bounds memory access. A fix adds bounds-checking around all accesses to per-host bulk flow counters via helper functions, moving flow mode checks ...
CVE-2024-56788
CVE-2024-56788 concerns the Linux kernel’s net: ethernet oa_tc6 implementation. The vulnerability is a race between two skb pointers used for TX: ongoing_tx_skb (being processed) and waiting_tx_skb (queued). The SPI thread moves data from ongoing_tx_skb to the next TX, then may assign NULL to ong...
CVE-2025-21704
CVE-2025-21704 affects the Linux kernel USB CDC-ACM (cdc_acm) path. The root cause is improper handling of fragmented control transfers: if the first fragment is smaller than struct usb_cdc_notification, computing expected_size can underflow as fragments arrive, leading to memory corruption when ...
CVE-2024-53183
CVE-2024-53183 concerns a Linux kernel vulnerability: in uml/net handling, the code previously used drvdata during device release, but drvdata may not exist at release time. The fix is to retrieve the uml_net instance with container_of() instead of drvdata, preventing a crash when removing a netw...
CVE-2024-57893
CVE-2024-57893 : Linux kernel ALSA: seq: oss — race in SysEx message processing can cause out-of-bounds access. Connected docs confirm the issue and state a mutex-based serialization fix was introduced to protect SysEx packets in the OSS sequencer, effectively addressing the race between 6-byte S...
CVE-2022-0847
CVE-2022-0847 (Dirty Pipe) is a Linux kernel local privilege-escalation flaw in the pipe buffer handling (flags field) where copy_page_to_iter_pipe and push_pipe fail to initialize flags, allowing an unprivileged local user to write to pages cached from read-only files. Public advisories confirm ...
CVE-2025-21662
CVE-2025-21662: In the Linux kernel, net/mlx5: Fix variable not being completed when function returns. The issue could cause a hang of the issuing task if cmd_alloc_index() fails and cmd_work_handler() does not complete ent->slotted before returning. Affected component is mlx5_core/mlx5e, with...
CVE-2024-53198
CVE-2024-53198 : In the Linux kernel, the xenbus_dev_probe() path could leak resources if drv->probe() allocated resources but the error path returned without releasing them. The fix introduces a fail_remove block (before fail_put) to ensure proper resource release when (err) is true, mirrorin...
CVE-2025-21701
CVE-2025-21701 : In the Linux kernel, a race existed between device unregistration and ethnl operations (ethnl_set_channels, ethtool checks) that could occur when a network device is being unregistered while its channels are modified. The issue arose because unregister_netdevice_many_notify could...
CVE-2024-53690
CVE-2024-53690 (Linux kernel) describes a nilfs2 inode handling flaw where a deleted inode could be mis-reused, leading to inode duplication and i_nlink underflow during rmdir. The fix involves guarding against deleted inodes by verifying i_nlink in nilfs_iget() and reclaiming the inode when its ...
CVE-2024-56616
CVE-2024-56616 (Linux kernel) affects drm_dp_mst sideband handling. The MST sideband message body length check was fixed to require at least 1 byte (accounting for the message CRC). Without this, a header with a valid header CRC but body length 0 could trigger memory corruption in drm_dp_sideband...
CVE-2024-53153
CVE-2024-53153 in the Linux kernel describes a crash condition for Qualcomm PCIe endpoints when PERST# is asserted and the host disables refclk. The issue arises because endpoint cleanup functions (e.g., dw_pcie_ep_cleanup() and pci_epc_deinit_notify()) previously ran during PERST# assert, while ...
CVE-2024-56566
The CVE-2024-56566 issue affects the Linux kernel mm/slub code. If alloc_consistency_checks fails during slab allocation, objects in that slab can be marked as used and the slab removed from the partial list, but later freeing an object could trigger remove_full() on a slab that is neither in the...
CVE-2024-53219
CVE-2024-53219 affects the Linux kernel virtiofs direct IO path when inserting a large module (e.g., 10 MB) with virtio-fs cache disabled. The root cause is a kernel memory allocation/IO path: kernel_read_file reads the module into a 10 MB vmalloc buffer, fuse_direct_io passes a 10 MB block as a ...
CVE-2024-53190
The CVE 2024-53190 entry describes a Linux kernel issue in the Realtek RTLWiFi driver, where the efuse read path (read_efuse/read_efuse_byte during rtl8192cu probe) could loop up to 10k times on failure, causing extended system hang. The mitigated behavior is to drastically reduce retry attempts ...
CVE-2024-53685
CVE-2024-53685 concerns the Linux kernel Ceph path construction: when the full path built by ceph_mdsc_build_path() exceeds PATH_MAX, the function enters an endless retry loop, effectively DoS-ing the system. The description notes the fix is to remove the retry and fail with ENAMETOOLONG instead,...
CVE-2024-56576
CVE-2024-56576 affects the Linux kernel (media: i2c: tc358743). The issue causes a crash when an error occurs in probe() while using polling, because the polling timer is not removed and may fire after its arguments have been freed. The result is a kernel crash (use-after-free scenario in timer h...
CVE-2024-56592
CVE-2024-56592 (Linux kernel) relates to BPF hash table management for maps. The vulnerability arises when a map element is freed while holding a bucket lock, triggering a lockdep warning due to bpf_map_fd_put_ptr() calling bpf_map_free_id() which acquires map_idr_lock. The fix defers free_htab_e...
CVE-2024-56701
CVE-2024-56701: Linux kernel powerpc/pseries code fixed a sleeping-lock issue by changing dtl_access_lock to a rw_semaphore because kmalloc() can sleep while held. Root cause: a non-sleeping lock protected code path that sleeps, causing a potential sleep in atomic context. Impact is local (LOCAL)...
CVE-2025-21646
Technical details about CVE-2025-21646 are not provided in the supplied documents. Monitor vendor advisories for affected products, impact, and fixes.
CVE-2024-57948
Summary (CVE-2024-57948) : In the Linux kernel, the mac802154 subsystem had a vulnerability where, during removal of an IEEE 802.15.4 network interface, a list-del operation could run on a stale sdata entry if local interfaces had not been validated first. This could allow a corrupted list path t...
CVE-2024-55881
CVE-2024-55881 : In the Linux kernel, KVM for x86 had a fix to correctly detect 64‑bit hypercalls during complete_hypercall_exit() for guests with protected state (e.g., SEV-ES/SEV-SNP). The change replaces is_64_bit_mode() with is_64_bit_hypercall() to determine 64‑bit mode when the vCPU state n...
CVE-2024-56637
CVE-2024-56637 affects the Linux kernel: netfilter ipset race where unloading ip_set while a set-type backend is being requested can crash the kernel. The issue is triggered by a race after nfnl_unlock(), e.g., when an mdelay() is inserted. A patch fixes by holding the module reference while requ...
CVE-2017-8890
CVE-2017-8890 is a Linux kernel vulnerability affecting the IPv4 networking stack. The issue is a double free in inet_csk_clone_lock() in net/ipv4/inet_connection_sock.c, which can be triggered via the accept() system call and leads to a denial of service (kernel memory corruption/crash). The Cen...
CVE-2024-53147
CVE-2024-53147 affects the Linux kernel exFAT filesystem driver. When directory size is at least a cluster and start_clu becomes an invalid/EOF cluster due to filesystem corruption, the code may access ei->hint_femp.eidx outside the directory, causing out-of-bounds access and potential filesys...
CVE-2024-53196
CVE-2024-53196 affects the Linux kernel (arm64/KVM). The issue is that KVM could retire an aborted MMIO instruction and advance the PC even when a synchronous external abort was pending, triggering a kernel WARN in kvm_emulate.h and related call paths. The documented fix is to skip MMIO emulation...
CVE-2024-41935
CVE-2024-41935 (Linux kernel, f2fs) : The issue concerns the f2fs extent tree shrink operation. The patch changes the shrink process to operate on read extent nodes in batches, reducing the time a core rwlock is held and preventing potential kernel hangs when the extent tree contains a large numb...
CVE-2024-56597
CVE-2024-56597 is a confirmed Linux kernel vulnerability affecting the JFS filesystem logic. The issue is a shift-out-of-bounds in jfs/dbSplit, triggered when dmt_budmin is less than zero, leading to errors in later stages. The fix adds a pre-check in dbAllocCtl to return an error earlier, preven...
CVE-2024-57931
CVE-2024-57931 is a Linux kernel issue in the SELinux subsystem: when evaluating extended permissions, the patch changes behavior to ignore unknown permissions instead of triggering a BUG(), allowing future permissions to be added without breaking older kernels. The unit described in connected da...
CVE-2024-56584
CVE-2024-56584 concerns the Linux kernel: a flaw in io_uring/tctx could leave tctx->xa head non-NULL after xa_store() allocation failures, even when there are no entries. Syzbot WARN_ON_ONCE(!xa_empty(&tctx->xa)) could trigger during final put of an io_uring_task. The available documents de...
CVE-2024-57904
CVE-2024-57904 affects the Linux kernel’s IIO subsystem for at91: the at91_ts_register path frees the wrong object during error handling. The code currently calls input_free_device() on st->ts_input, but the err path can run before iio_dev is assigned to st->ts_input. The fix is to call inp...
CVE-2024-57929
CVE-2024-57929 : In the Linux kernel, the vulnerability stems from dm-array: when dm_bm_read_lock() fails, a faulty dm_block pointer can be left behind, leading to a double release in dm_array_cursor_end() and a subsequent BUG_on in dm-bufio. The fix (as described in the CVE text) sets the cached...
CVE-2025-21679
CVE-2025-21679—Linux kernel (btrfs): The issue arises in get_canonical_dev_path() where d_path()’s possible error is not handled, causing an invalid memory access on the subsequent strscpy() call. The patch reintroduces proper error handling for d_path() to prevent the memory access, addressing t...
CVE-2023-52924
CVE-2023-52924 describes a Linux kernel vulnerability in nf_tables/netfilter where expired elements were wrongly skipped during a set walk, causing use-count inconsistencies and potential WARNs during chain removal. The issue arises in asymmetry between preparation/commit phases when a set elemen...
CVE-2024-27032
CVE-2024-27032 affects the Linux kernel f2fs subsystem. During recovery, if FAULT_BLOCK is enabled, f2fs_reserve_new_block() may return -ENOSPC, potentially causing a kernel panic. Additionally, with fault-injection rate 1 and only FAULT_BLOCK enabled, a deadloop in block reservation may occur. T...
CVE-2024-56590
CVE-2024-56590 is a Linux kernel vulnerability in Bluetooth hci_core: the patch fixes not checking skb length on hci_acldata_packet, which could cause access to uninitialized/invalid memory past skb->data. This is a local attack vector with low privileges and no user interaction, with a HIGH i...
CVE-2024-53220
CVE-2024-53220 (Linux kernel, f2fs) : The vulnerability stems from a data accounting error in __get_secs_required() when dirty data is involved. If checkpoint_disabling is enabled and lfs_mode is on, the allocator may trigger an out-of-place update for all overwritten data, consuming more free se...
CVE-2024-56594
CVE-2024-56594 references a Linux kernel vulnerability in the DRM/AMDGPU path where the sg segment length was not properly limited. The issue could cause over-mapping of AMDGPU sg length and trigger warnings from debug_dma_map_sg(), due to an incorrect max_segment_size. The connected advisories (...
CVE-2024-53233
CVE-2024-53233 affects the Linux kernel and describes a utf8_load() path error where a bad UTF-8 version request could trigger a kernel oops due to symbol_put() handling. The root cause is that symbol_put() was given a pointer instead of the unique symbol string, leading to a kernel BUG at kernel...