13804 matches found
CVE-2024-42102
CVE-2024-42102 concerns a Linux kernel vulnerability in the dirty throttling path used by the mm/wb subsystem. The issue centers on assuming that dirty limits in page units fit in 32 bits and a patch series titled “mm: Avoid possible overflows in dirty throttling” was applied. The entry notes tha...
CVE-2024-42289
The CVE-2024-42289 issue in the Linux kernel affects the SCSI qla2xxx driver during vport delete. It caused a crash due to stale outstanding I/O entries not completing, leading to a NULL pointer dereference in dma_direct_unmap_sg during vport deletion. The fix explicitly sends an async logout for...
CVE-2024-43839
CVE-2024-43839 : Linux kernel vulnerability fixed by increasing the internal name buffer in bna_tcb and bna_ccb from 16 to accommodate longer sprintf arguments, and replacing sprintf with snprintf. The change accounts for bnad->netdev->name and expected expansions for %d specifiers, using B...
CVE-2024-44999
CVE-2024-44999 refers to a Linux kernel issue in gtp: pull network headers in gtp_dev_xmit() where syzbot/KMSAN detected uninitialized usage in get_dev_xmit(). The problem required ensuring IPv4/IPv6 headers are pulled into skb->head before accessing their fields. The fix implemented is to use...
CVE-2024-46770
CVE-2024-46770 applies to the Linux kernel; the issue arises in the PF reset flow where netif_device_attach/detach handling allows ethtool callbacks during reset to dereference deleted resources. Root cause: ethtool coalesce access during reset can hit a NULL dereference when the driver resources...
CVE-2024-46814
CVE-2024-46814 affects the Linux kernel in the DRM AMD display path. The vulnerability arises from not validating HDCP-related message IDs (msg_id) before processing a transcation, allowing 4 overrun issues to be triggered by an invalid HDCP_MESSAGE_ID (-1) acting as an index. The root cause is a...
CVE-2024-47744
CVE-2024-47744 affects the Linux kernel in the KVM area, where a race/lock order could deadlock when guarding the kvm_usage_count. The description states the fix is to use a dedicated mutex to protect kvm_usage_count and to guard against deadlocks on x86 caused by a chain of locks and SRCU synchr...
CVE-2024-49891
CVE-2024-49891 : In the Linux kernel, the SCSI lpfc path can NULL-deref when an HBA is resetting or handling an errata event due to hdwq pointers that may have been freed. Fixes add NULL pointer checks before dereferencing hdwq pointers in affected routines (e.g., lpfc_sli_flush_io_rings, lpfc_de...
CVE-2024-49898
CVE-2024-49898 affects the Linux kernel’s drm/amd/display component. The root cause is that drr_timing and subvp_pipe are initialized to null and are not consistently re-assigned before being dereferenced, leading to two FORWARD_NULL issues reported by Coverity. The issue is addressed by kernel f...
CVE-2024-49909
The CVE-2024-49909 vulnerability affects the Linux kernel DRM AMD display path (drm/amd/display) specifically in dcn32_set_output_transfer_func, where a null pointer dereference could occur if set_output_gamma is NULL. The issue arises from dereferencing set_output_gamma after a prior NULL check ...
CVE-2024-49913
CVE-2024-49913 affects the Linux kernel’s DRM AMD display path. The issue was a potential NULL pointer dereference in commit_planes_for_stream when top_pipe_to_program could be NULL, leading to dereferencing stream_res. The fix adds a null check before accessing top_pipe_to_program to prevent the...
CVE-2024-49981
The CVE-2024-49981 issue concerns the Linux kernel Venus subsystem. A use-after-free could occur when venus_remove runs while there is unfinished work bound to venus_sys_error_handler (core->work) that is coordinated with venus_event_notify and error handling. The race can involve paths such a...
CVE-2024-50012
The CVE-2024-50012 issue is in the Linux kernel cpufreq code. In parse_perf_domain, if of_parse_phandle_with_args returns an error, the initial reference to the CPU device node would not be decremented, potentially leaving a reference handling bug. The fix declares the CPU node variable with a cl...
CVE-2024-50156
CVE-2024-50156 affects the Linux kernel’s drm/msm path. A NULL dereference could occur in msm_disp_state_print_regs() if allocation in msm_disp_state_dump_regs() failed and block->state is NULL. The fix prints "Registers not stored" when a NULL is encountered and also modernizes msm_disp_state...
CVE-2024-50158
Technical details about CVE-2024-50158 (affected software, impact, exploitability, and remediation) are not provided in the supplied documents. Please monitor for updates.
CVE-2024-53223
Technical details about CVE-2024-53223 are not provided in the connected documents. Please monitor for updates; current sources do not reveal affected products, versions, root cause, impact, or fixes.
CVE-2024-56582
CVE-2024-56582: Linux kernel btrfs use-after-free in btrfs_encoded_read_endio() identified via KASAN trace in btrfs-endio path; confirmed in the provided trace and fixed in the kernel. Affected component: btrfs in the kernel; root cause: use-after-free in btrfs_encoded_read_endio(); impact as des...
CVE-2024-56685
Technical details about CVE-2024-56685 are not provided in the connected documents. Public information and exact affected components/versions, exploitation status, and fixes are not available here; monitor for updates and official advisories.
CVE-2024-56717
CVE-2024-56717 affects the Linux kernel, specifically the net: mscc: ocelot driver. The vulnerability stems from an incorrect IFH SRC_PORT field in ocelot_ifh_set_basic(), where the code called with BIT_ULL(x) instead of the port index x. This caused the SRC_PORT to not correspond to the CPU port...
CVE-2024-58020
CVE-2024-58020 affects the Linux kernel HID multitouch driver. The issue arises when devm_kasprintf() returns NULL and the result is used in mt_input_configured() without a NULL check, risking NULL pointer dereference. Acknowledged fixes add a NULL check in mt_input_configured(); impact is listed...
CVE-2025-21758
CVE-2025-21758 : Linux kernel vulnerability where ipv6 multicast handling (mld_newpack) could be called without RTNL or RCU protection. The fix adds RCU protection to mld_newpack and changes allocations from GFP_KERNEL to alloc_skb, charging the net->ipv6.igmp_sk socket under RCU protection. P...
CVE-2025-21799
CVE-2025-21799 covers a Linux kernel net:ethernet:ti:am65-cpsw issue. The root cause is improper IRQ handling: k3_udma_glue_tx_get_irq() may return a negative error value, and a non-null check is not sufficient; the IRQ must be validated as > 0. At runtime, .set_channels can trigger a chain th...
CVE-2025-21852
Concisely: CVE-2025-21852 affects the Linux kernel net/BPF path where trace_kfree_skb could dereference a NULL rx_sk when a BPF program loads a skb trace. The fix was to add kfree_skb to raw_tp_null_args[] to allow the BPF verifier to handle NULL rx_sk safely (PTR_MAYBE_NULL handling cited in the...
CVE-2025-21853
CVE-2025-21853 affects the Linux kernel BPF mmap path. The issue arises from holding map->freeze_mutex for the entire duration of mmap mm/VMA manipulations when ensuring writeable map contents, which could deadlock. The fixed approach holds freeze_mutex only during writeability checks, increme...
CVE-2025-21872
CVE-2025-21872 – Linux kernel (EFI/MOKVAR handling) : The vulnerability arises from how the kernel validates the EFI MOKvar table. In older code, the mokvar table was fully remapped on each iteration to determine its size, which could fail if the table grew large due to early_memmap limitations, ...
CVE-2025-21883
CVE-2025-21883 affects the Linux kernel ice driver. The issue occurs when ice_ena_vfs() fails after ice_create_vf_entries(), causing VFs to be freed without removing them from the snapshot PF-VF mailbox list, leading to list corruption (possible kernel BUG in lib/list_debug.c and related traces)....
CVE-2025-22075
CVE-2025-22075 affects the Linux kernel (netlink rtnetlink path) where VF port/node GUIDs were previously included in ifinfo messages but their size wasn’t accounted for when allocating netlink messages. The issue could produce a “Message too long” warning when many VFs are configured (for exampl...
CVE-2025-23131
CVE-2025-23131 affects the Linux kernel in the DLM subsystem. The issue occurs when do_uevent returns a positive value written to event_done; this value previously caused new_lockspace to consider it a success, leaving lockspace uninitialized and leading to a NULL pointer dereference in dlm_find_...
CVE-2025-23161
CVE-2025-23161 : In the Linux kernel, the PCI vmd driver fixed a lock context issue by changing vmd_dev::cfg_lock from spinlock_t to raw_spinlock_t so it can be used with interrupts disabled in PREEMPT_RT contexts. This avoids a sleeping-lock scenario when accessing PCI config space via pci_ops r...
CVE-2025-23163
CVE-2025-23163 relates to a Linux kernel issue in VLAN handling: net: vlan: don't propagate flags on open. The root cause is a possible deadlock when opening VLAN devices due to the device instance lock, where a task may try to acquire dev->lock while already holding it (seen in dev_open + dev...
CVE-2025-37742
CVE-2025-37742 : In the Linux kernel, the jfs_imap diMount path allocates imap with kmalloc and fails to initialize it, causing uninit-value usage in hex_dump_to_buffer and a KMSAN report during mount/evict paths. Root cause: imap is not initialized after memory allocation. Remediation: replace k...
CVE-2025-37781
CVE-2025-37781 affects the Linux kernel involving the i2c Cros EC tunnel. When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent device may not be found, causing a NULL pointer dereference. The issue can be reproduced by unbinding the controller driver and re-loading the i2c-cros-e...
CVE-2025-37810
CVE-2025-37810 refers to a Linux kernel issue in the usb: dwc3 gadget path where the event count check did not validate that the count did not exceed the event buffer length. The problem could allow an out-of-bounds memcpy of an event if the count is larger than the buffer, leading to a crash (ke...
CVE-2025-37850
The CVE-2025-37850 issue relates to the Linux kernel PWM Mediatek driver. Under CONFIG_COMPILE_TEST && !CONFIG_HAVE_CLK, pwm_mediatek_config() could divide by zero when obtaining the clock rate for pc->clk_pwms[pwm->hwpwm], because clk_get_rate() may return zero in the !CONFIG_HAVE_CLK path...
CVE-2025-37885
CVE-2025-37885 affects the Linux kernel KVM/x86, where a dangling IRTE could be left posting to a vCPU if the new GSI route cannot be posted. The issue is fixed by restoring IRTE ownership to the host control when the new route isn’t postable, preventing use-after-free and incorrect interrupt del...
CVE-2025-40325
CVE-2025-40325 – Linux kernel raid10 discard handling Issue: In md/raid10, a discard BIO with REQ_NOWAIT could be returned without waiting for a barrier, potentially leaving the system with an inconsistent discard handling path. The fix enforces waiting for the barrier before returning such a dis...
CVE-2011-1162
CVE-2011-1162 is a memory-clearing flaw in the Linux kernel 2.6 tpm_read() that can let a local unprivileged user read data from a previous TPM command. The connected advisories (MiracleLinux AXSA entries, Oracle Linux ELSA advisories, and RHSA-2012:0010) explicitly list CVE-2011-1162 among kerne...
CVE-2014-5472
The CVE-2014-5472 entry affects the Linux kernel up to 3.16.1, where the parse_rock_ridge_inode_internal function in fs/isofs/rock.c is exploitable by local users via a crafted iso9660 image with a self-referential CL entry to cause a denial-of-service (unkillable mount process). Connected Nessus...
CVE-2014-9644
CVE-2014-9644 affects the Linux kernel Crypto API prior to 3.18.5. It allows a local user to load arbitrary kernel modules by abusing a bind() call on an AF_ALG socket with a module template expression (eg, vfat(aes)) in salg_name. This is a local, privilege-related issue, separate from CVE-2013-...
CVE-2015-8787
The CVE-2015-8787 entry concerns the Linux kernel, specifically the nf_nat_redirect_ipv4() function in net/netfilter/nf_nat_redirect.c. The vulnerability arises in kernel builds before 4.4, where remote attackers can send IPv4 packets to an incompletely configured interface to trigger a NULL poin...
CVE-2021-28039
CVE-2021-28039 affects the Linux kernel 5.9.x–5.11.3 (used with Xen). In some configurations, an x86 PV guest OS user can crash the Dom0 or a driver domain by generating a large amount of I/O. Root cause is the misuse of guest physical addresses when CONFIG_XEN_UNPOPULATED_ALLOC is set but CONFIG...
CVE-2021-4095
CVE-2021-4095: Linux kernel KVM NULL pointer dereference when dirty ring logging is enabled without an active vCPU context allows an unprivileged local attacker to trigger a kernel oops/DoS via KVM_XEN_HVM_SET_ATTR; affects kernels before 5.17-rc1. Remediation is upgrading to a fixed kernel versi...
CVE-2021-47110
CVE-2021-47110 affects the Linux kernel’s x86/kvm subsystem. The issue: kvmclock was only disabled on boot CPU during shutdown via machine_shutdown(), leaving other CPUs with a live kvmclock and risking memory corruption on events like Hibernate restore. Root cause: kvmclock MSR is not universall...
CVE-2021-47153
CVE-2021-47153 involves the Linux kernel i2c: i801 driver. The issue occurs when a KILL-recover/bus-reset process triggers an interrupt that the i801_isr cannot handle, potentially causing an out-of-bounds memory access in block transactions. The connected MiracleLinux advisories (AXSA) reference...
CVE-2021-47489
Concretely affected: the Linux kernel AMDGPU display driver code, specifically the drm/amdgpu_dm_debugfs.c path. A heap-based buffer overflow can be triggered by writing a string into the debug filesystem (dp_link_settings_write path), due to missing size checks when copying from userspace into a...
CVE-2022-28796
CVE-2022-28796: Linux kernel
CVE-2022-48423
CVE-2022-48423 affects the Linux kernel (fs/ntfs3/record.c) prior to version 6.1.3, where resident attribute names are not validated, allowing an out-of-bounds write. Public references in the provided documents cite kernel fixes in 6.1.3 (ChangeLog-6.1.3, commit 54e45702b6…) and related advisorie...
CVE-2022-48947
CVE-2022-48947 is a Linux kernel vulnerability related to Bluetooth L2CAP u8 overflow. By repeatedly sending L2CAP_CONF_REQ, chan->num_conf_rsp could wrap at 255. The fix adds a boundary check using L2CAP_MAX_CONF_RSP to prevent overflow. Connected advisories (e.g., Unity Linux/Astra Linux ent...
CVE-2022-49066
The CVE-2022-49066 issue affects the Linux kernel’s veth path. When a decapsulated packet is fed to a veth device with act_mirred, skb_headlen() may be 0, yet veth_xmit() forwards the skb to __dev_forward_skb() which unconditionally requires ETH_HLEN bytes of linear data. The root cause is the mi...
CVE-2022-49109
CVE-2022-49109 concerns the Linux kernel ceph subsystem. The provided text describes a leak: when ceph_get_inode() searches for or inserts an inode into the hash for a given vino, it returns a reference to the inode and may consume that reference if new is non-NULL. If error handling does not rel...