CVE-2025-21632

CVE-2025-21632: In the Linux kernel, a patch fixes shadow stack handling for x86 XSAVE state accessed via ptrace. Previously, regset get/set paths could be invoked with shadow stacks disabled (ARCH_SHSTK_SHSTK==0), causing get_xsave_addr() to return NULL and trigger a WARN_ON in ssp_get. The fix ...

CVE-2024-56636

CVE-2024-56636 refers to a Linux kernel vulnerability in the geneve path where code assumed the MAC header was already present in the output path. The fix changes the code to reference the MAC header safely by using skb_eth_hdr() instead of eth_hdr(), preventing potential misreads when mac header...

CVE-2024-56691

CVE-2024-56691 affects the Linux kernel driver path for mfd: intel_soc_pmic_bxtwc. The vulnerability stems from the driver not respecting IRQ domains when creating each MFD device, exposing a faulty IRQ handling path (WARN on IRQ 0) due to using a vIRQ rather than proper IRQ domain numbering. The...

CVE-2024-56562

CVE-2024-56562 relates to the Linux kernel i3c master code. The issue was a copy-paste error that freed the wrong pointer: it freed the dyn_addr instead of init_dyn_addr in i3c_master_put_i3c_addrs(), leading to a mismanagement of the init_dyn_addr resource when boardinfo is present. The patch re...

CVE-2024-56700

CVE-2024-56700: Linux kernel wl128x media driver fix for an atomicity race in fmc_send_cmd() with fmdev->resp_skb modification, which could allow a null dereference when skb = fmdev->resp_skb is executed after the value changes. The advisory states the fix is to perform the fmdev->resp_s...

CVE-2024-53195

CVE-2024-53195 : In the Linux kernel (arm64 KVM), a flawed use of userspace_irqchip_in_use can trigger a WARN_ON in kvm_timer_update_irq() during VM/vCPU interactions when a PMU (KVM_ARM_VCPU_PMU_V3) is requested but not fully initialized. The described scenario: a VM is created, vCPU initialized...

CVE-2024-53181

CVE-2024-53181 refers to a Linux kernel vulnerability where vector_device_release could crash due to using drvdata after release. The fix removes drvdata access in release and uses container_of() to obtain the vector_device instance, preventing a crash and kernel panic from a segfault. The issue ...

CVE-2024-56699

In CVE-2024-56699, the Linux kernel on s390 PCI (zPCI) could double-remove a hotplug slot due to zpci_exit_slot() being moved to zpci_release_device() and released only after all refs dropped. The non-reserved path tear-down incorrectly affected both configured and standby states, risking hotplug...

CVE-2024-57849

The CVE-2024-57849 issue is in the Linux kernel s390 CPUMF sampling path. When a CPU is hotplugged out while a performance event is still active on that CPU, the hotplug/removal sequence can cause SDBs (sampling data buffers) to be freed while still in use, creating a potential use-after-free con...

CVE-2024-53169

The CVE-2024-53169 issue is in the Linux kernel nvme-fabrics shutdown path. A race can occur when the nvme keep-alive async request sneaks in during controller shutdown, potentially racing with admin queue destruction and the hw/hctx queue dispatcher. If the in-flight keep-alive touches the admin...

CVE-2024-53184

CVE-2024-53184 affects the Linux kernel ubd subsystem, where release-time drvdata access could cause crashes during device removal. The fix replaces drvdata usage with container_of() to locate the ubd instance, preventing a NULL-deref crash when removing a ubd device. The advisories (Unity Linux ...

CVE-2024-53234

CVE-2024-53234 : In the Linux kernel’s EROFS, a vulnerability in handling NONHEAD lclusters with delta[1] caused inadequate decompressed lengths for FIEMAP mappings. The root cause was unconditional bailing when delta[1]==0 for NONHEAD lclusters, which could affect crafted images/filesystems from...

CVE-2024-57838

CVE-2024-57838 affects the Linux kernel on s390 where stack-depot filtering cannot de-duplicate stacks because the .irqentry.text section is empty. The root cause is that IO/EXT interrupt handlers were not correctly placed into the .irqentry.text region on s390, hindering stack trace filtering fo...

CVE-2024-56533

The CVE-2024-56533 vulnerability affects the Linux kernel’s ALSA usx2y driver. It stems from using snd_card_free() during USB disconnection, which waits for all open fds to close and can delay release, potentially blocking USB IOCTLs and causing a soft lockup. The advisory notes replacing snd_car...

CVE-2024-53152

CVE-2024-53152 is a Linux kernel vulnerability affecting Tegra194 PCIe endpoints. The issue: when PERST# is asserted and refclk is disabled, endpoint cleanup paths (dw_pcie_ep_cleanup and pci_epc_deinit_notify) access hardware registers, crashing the endpoint due to host-required refclk. The fix ...

CVE-2024-53176

CVE-2024-53176 in the Linux kernel SMB/CIFS unmount path could race with cached directory operations, leaving dentries in use and triggering kernel BUGs. The fix drops dentries via queued work (cfid_put_wq) and ensures close_all_cached_dirs() flushes that work, with final cleanup performed by ser...

CVE-2024-27058

CVE-2024-27058 affects the Linux kernel: a race in tmpfs involving dquot rb_tree handling. The root cause is that fetching the rb_tree root node was not protected by dqio_sem, allowing a concurrent tree rebalance to mislead the search and trigger a warning in shmem_release_dquot. This is addresse...

CVE-2024-57876

CVE-2024-57876 affects the Linux kernel DRM/DP MST code. The vulnerability arises when the MST topology is removed during reception of a Down/Up Sideband message, where drm_dp_mst_topology_mgr::up_req_recv and down_rep_recv states can be reset out of order by another thread via drm_dp_mst_topolog...

CVE-2024-53193

CVE-2024-53193 – Linux kernel (Loongson2 clock) vulnerability : A memory corruption bug occurred in loongson2_clk_provider where a flexible array member (clk_hw_onecell_data.hws) was placed in the middle of the provider struct, causing clp->clk_lock to be overwritten during allocation and writ...

CVE-2024-56610

CVE-2024-56610 is a Linux kernel issue where KCSAN’s report_filterlist_lock, originally protected by a non-raw spinlock, could lead to a data race on PREEMPT_RT. The patch converts the filter list lock to raw_spinlock to avoid sleeping in atomic contexts on RT kernels; it notes that memory alloca...

CVE-2024-56585

CVE-2024-56585 : In PREEMPT_RT Linux kernels on LoongArch, a sleeping-in-atomic-context issue arises due to a GFP flag change (GFP_KERNEL to GFP_ATOMIC) for alloc_pages_node() in setup_tlb_handler(). The underlying problem is that PREEMPT_RT replaces normal spinlocks with rt-spinlocks, and rt_spi...

CVE-2025-21691

The CVE-2025-21691 entry concerns the Linux kernel cachestat syscall. The issue arose because the cachestat() addition did not include the writability/ownership permission check that mincore() had, allowing potential misuse when reading page cache stats. The connected advisories confirm a code-le...

CVE-2025-21651

Technical details about CVE-2025-21651 are not present in the provided connected documents; the materials only reference the Linux kernel hns3 issue and a fix. Monitor for updates from official sources.

CVE-2025-21663

CVE-2025-21663 : In the Linux kernel, the net: stmmac: dwmac-tegra driver incorrectly reads the IOMMU Stream ID (SID) from a hard-coded MGBE0 SID for all Tegra MGBEs. This prevents proper SID handling for non-MGBE0 controllers, leading to issues such as transmit timeouts and potential kernel pani...

CVE-2024-27072

CVE-2024-27072 in the Linux kernel fixes a deadlock by removing locks in media: usbtv: usbtv_video_free() and by avoiding an unnecessary usbtv_stop() call during device unregister. The issue could manifest when disconnecting while streaming (and now even when not streaming). The patch eliminates ...

CVE-2016-5195

CVE-2016-5195 (Dirty COW) : A race condition in the Linux kernel’s memory management (mm/gup.c) allows a local user to gain write access to read‑only mappings via a faulty copy‑on‑write handling. Affected: kernel 2.x–4.x prior to 4.8.3. Exploitation was observed in the wild around Oct 2016. Impac...

CVE-2024-35796

The CVE-2024-35796 vulnerability concerns the Linux kernel net/ ll_temac code where platform_get_resource was replaced by devm_platform_ioremap_resource_byname and invoked with a 0-length name, leading to a path that ends up calling platform_get_resource_byname and dereferencing a NULL pointer in...

CVE-2024-27028

CVE-2024-27028 is confirmed with concrete details in connected docs: the Linux kernel spi-mt65xx driver had a NULL pointer dereference in the interrupt handler during spi_transfer when tx_buf could be NULL. The fix adds a check for trans->tx_buf before use, mitigating potential crashes. Affect...

CVE-2024-57883

Technical details about CVE-2024-57883 are not provided in the supplied documents. Monitor official kernel advisories and vendor security notices for affected products, scope, and fixes.

CVE-2024-27037

CVE-2024-27037 (Linux kernel) affects the zynq clock controller path. The kmalloc() failure in zynq_clk_setup() can yield NULL, risking a NULL pointer dereference when using snprintf() to write to that address. A patch replaces the kmalloc()-based allocation with a stack-allocated variable, preve...

CVE-2024-56633

The CVE-2024-56633 issue in the Linux kernel relates to tcp_bpf_sendmsg and the sk_mem_uncharge accounting in __SK_REDIRECT. The current approach pre-uncharges tosend bytes (msg->sg.size or apply_bytes), which can lead to under/over charging if actual sent bytes differ or if ret < 0. The ci...

CVE-2024-26584

CVE-2024-26584 is a Linux kernel TLS backlogging vulnerability where setting CRYPTO_TFM_REQ_MAY_BACKLOG on crypto_api requests can cause crypto_aead_encrypt/decrypt to return -EBUSY in valid cases. If the cryptd AES-NI queue is full, requests are enqueued to backlog and may be processed, triggeri...

CVE-2024-56583

CVE-2024-56583 maps to a Linux kernel issue in the SCSI/HISI SAS path. The Tencent advisory TSSA-2025:0215 lists this CVE with a fix described as adding cond_resched() for the no-forced-preemption model, to prevent watchdog-like stalls under heavy migrate/paging scenarios. The connected doc confi...

CVE-2024-56532

CVE-2024-56532 affects the Linux kernel’s ALSA us122l code path. The USB disconnect callback previously waited for all fds to close due to snd_card_free(), which could block upper-layer USB ioctls and trigger a soft lockup. The cited fixes switch to snd_card_free_when_closed(), enabling asynchron...

CVE-2024-57897

CVE-2024-57897 affects the Linux kernel’s DRM/AMDGPU/KFD path. The migration DMA map direction for the SVM DMA device map is set to BIDIRECTIONAL to match the DMA unmap setting, addressing a warning from the DMA core. The Tencent/Tenable entry includes a kernel log snippet showing a WARNING in ke...

CVE-2024-26581

CVE-2024-26581 affects the Linux kernel netfilter nft_set_rbtree end-interval GC logic, where rbtree lazy GC on insert could skip an end-interval element just added in the same transaction, potentially enabling privilege/escalation impact for local attackers. Affected: Linux kernel versions with ...

CVE-2023-52456

CVE-2023-52456 affects the Linux kernel, specifically the imx serial driver used for RS-485 when the TX state machine can deadlock if the TTY is closed mid-transmission. In that scenario, imx_uart_shutdown disables the interface and the Transmission Complete interrupt, causing imx_uart_stop_tx to...

CVE-2025-21645

CVE-2025-21645 affects the Linux kernel in platform/x86/amd/pmc where IRQ1 wakeup is disabled independent of whether i8042 enabled it. The underlying issue caused by dev_pm_ops mismatches between amd_pmc_suspend_handler() and i8042_pm_suspend() could lead to unbalanced IRQ wake disable and WARNs ...

CVE-2025-21629

CVE-2025-21629: Linux kernel vulnerability where NETIF_F_IPV6_CSUM offload for BIG TCP/IPv6 packets with extension headers was disabled by a commit; this caused skb_warn_bad_offload to fire for large TCP packets. The issue is resolved by reverting the change and re-enabling IPv6 CSUM offload for ...

CVE-2024-57898

Technical details for CVE-2024-57898 are not provided in the supplied documents. Public information about affected products, impact, or fixes is unavailable here; monitor vendor advisories for updates.

CVE-2024-57804

CVE-2024-57804 concerns the Linux kernel’s scsi mpi3mr driver, where rapid disable/enable cycles of PHYs via the SAS sysfs interface could corrupt the persistent and current SAS IO unit/Expander config pages. The root cause is PHY state/page data confusion during successive config requests, leadi...

CVE-2024-26592

CVE-2024-26592 is a Linux kernel vulnerability in ksmbd where a race between handling a new TCP connection and its disconnection can cause a use-after-free on ksmbd_tcp_new_connection()’s tcp_transport. The issue is fixed in the kernel code path that manages new connections for ksmbd, eliminating...

CVE-2023-52602

CVE-2023-52602: In the Linux kernel, the JFS slab-out-of-bounds Read vulnerability occurs while searching the current page in the sorted entry table during dtSearch, leading to an out-of-bounds access. The issue was fixed by adding a bound check. The advisory notes that the return code was set to...

CVE-2024-49571

CVE-2024-49571 affects the Linux kernel’s net/smc path. The vulnerability arises when the server processes an incoming proposal message: the fields iparea_offset and ipv6_prefixes_cnt in the proposal are supplied by the remote client and cannot be fully trusted. If iparea_offset exceeds the maxim...

CVE-2019-13272

CVE-2019-13272 affects the Linux kernel ptrace code (kernel/ptrace.c), where credentials recording during ptrace relationship establishment can fail, enabling a local attacker to obtain root privileges under certain parent/child lifecycle scenarios and potentially cause a panic. Public advisories...

CVE-2025-21656

CVE-2025-21656 is a Linux kernel issue in topology printing (cpumap) where the vsnprintf-based formatting could mutate the cpumask during output, leading to inconsistent core visibility in the printed cpumap. The fix keeps the cpumask unchanged by caching it to a temporary variable before printin...

CVE-2024-57917

CVE-2024-57917 : In the Linux kernel, the cpumask may be modified during printing of cpumap, causing mismatched lengths in kvasprintf-based formatting. The fix caches the cpumask to a temporary variable before cpumap_print_{list, cpumask}_to_buf() to keep it unchanged during printing. Impact is p...

CVE-2024-57889

CVE-2024-57889 is resolved in the Linux kernel via a patch to the pinctrl-mcp23s08 driver. The issue occurred when using MCP23xxx IO expanders to receive IRQs, where regmap locking (mutex) around regmap_update_bits_base was invoked from a context that held a spinlock in __setup_irq(), leading to ...

CVE-2024-57791

CVE-2024-57791 affects the Linux kernel net/smc component. The vulnerability arises when draining clc data: the length field in smc_clc_msg_hdr, sourced from the network, may be trusted and if it exceeds buflen in smc_clc_wait_msg, a deadloop can occur. The connected documents describe the patch ...

CVE-2023-52436

CVE-2023-52436 affects the Linux kernel in the f2fs file system. The issue arises when setting an extended attribute (xattr) because the xattr list was not guaranteed to be zeroed in unused space; the fix explicitly terminates the xattr list to avoid relying on zeroed unused space. The descriptio...