CVE-2024-49912

The CVE-2024-49912 entry concerns a Linux kernel DRM/AMD display issue. A null pointer dereference risk existed in drm/amd/display within planes_changed_for_existing_stream when stream_status could be null. The published fix adds a null check for stream_status in planes_changed_for_existing_strea...

CVE-2024-49914

CVE-2024-49914 affects the Linux kernel DRM/AMD display path. A null pointer dereference could occur in dcn20_program_pipe when pipe_ctx->plane_state is null; a patch adds a guard to verify pipe_ctx->plane_state is non-null before access. This stabilizes display pipe programming and prevent...

CVE-2024-50001

CVE-2024-50001 affects the Linux kernel, specifically the net/mlx5 multi-packet WQE transmit path. The root cause is an erroneous unmap of a DMA mapping when DMA mapping allocation fails; this can remove a DMA mapping that is still required. If the PCI function subsequently presents the IOVA, the...

CVE-2024-50096

CVE-2024-50096 pertains to the Linux kernel and fixes a vulnerability in the nouveau/dmem path during migrate_to_ram when a copy error occurs. The bug stems from nouveau_dmem_copy_one sending a copy push command to device firmware but not reliably tracking its execution status. If a copy error ha...

CVE-2024-50146

The CVE-2024-50146 entry concerns the Linux kernel mlx5e driver: when profile rollback fails in mlx5e_netdev_change_profile, the netdev profile is left NULL and the subsequent unload can crash if profile->cleanup is called. The issue is triggered during profile rollback failures (e.g., due to ...

CVE-2024-50283

Concrete details found in connected docs: CVE-2024-50283 affects the Linux kernel ksmbd via a slab-use-after-free in smb3_preauth_hash_rsp; the fix changes the call order so ksmbd_user_session_put is invoked under smb3_preauth_hash_rsp() to avoid freeing the session prematurely. The issue is tied...

CVE-2024-53202

CVE-2024-53202 : In the Linux kernel, a resource leak can occur in the firmware loader path (fw_log_firmware_info) if an alg instance is not released on the exception path. The fix ensures the alg instance is freed with crypto_free_shash when kmalloc fails. Affected area: firmware_loader/kernel, ...

CVE-2024-53216

CVE-2024-53216 (Linux kernel) : The vulnerability exists in nfsd’s handling of svc_expkey/svc_export release. When the last reference to cache_head can drop to zero in c_show/e_show, svc_export_put and expkey_put may free ex_uuid, after which access to ex_uuid can occur (use-after-free). An rcu_r...

CVE-2024-53231

The CVE-2024-53231 issue affects the Linux kernel cpufreq/CPPC: cpufreq_cpu_get_raw() may return NULL if the CPU is not in policy->cpus, leading to a NULL pointer dereference. The vulnerability has been resolved in the Linux kernel; affected code path now handles NULL returns to prevent derefe...

CVE-2024-56549

CVE-2024-56549 affects the Linux kernel cachefiles subsystem, where object->file can dereference a NULL pointer in ondemand mode due to inconsistent lifetime between the allocated fd and object->file. The root cause is the lifetime mismatch of object->file and its fd, leading to a NULL p...

CVE-2024-56579

CVE-2024-56579 : In the Linux kernel, the media: amphion driver must set video_drvdata before registering the video device; otherwise video_drvdata() may return NULL in open(), causing an oops. Remediation per the description is to ensure video_drvdata() is set prior to video device registration....

CVE-2024-56613

CVE-2024-56613 : In the Linux kernel, a memory leak in NUMA handling was fixed. Root cause: multiple threads running hackbench could observe vma->numab_state as NULL concurrently, causing vma->numab_state to be overwritten. This could leak memory during NUMA scans when hackbench creates man...

CVE-2024-56721

CVE-2024-56721 affects the Linux kernel x86/CPU/AMD handling of the erratum_1386_microcode array. The issue occurs because the array requires an empty entry at the end; without it, x86_match_cpu_with_stepping() may continue iterating past the end. The fix is to add an empty entry to the end of er...

CVE-2024-58093

CVE-2024-58093 affects the Linux kernel’s PCI/ASPM link state handling. The issue arises when removing functions on a bus with a PCIe switch/MFD: freeing the ASPM link state either too late (function 0 removed last) or too early (before all subordinate links are gone), leading to use-after-free o...

CVE-2025-21812

CVE-2025-21812 concerns AX25 code in the Linux kernel. A lockdep/potential deadlock issue was observed around ax25_setsockopt() where a syzbot thread attempting to acquire rtnl_mutex could deadlock with a thread holding sk_lock-AF_AX25, due to an existing dependency chain involving ax25_setsockop...

CVE-2025-21825

CVE-2025-21825 concerns the Linux kernel, specifically a race involving bpf_timer cancellation for PREEMPT_RT. The issue arises during updates to pre-allocated htab elements, where freeing old elements must be protected by the bucket lock to avoid reuse of freed memory under concurrent updates; a...

CVE-2025-21943

The CVE-2025-21943 entry concerns a Linux kernel vulnerability in the gpio_aggregator driver. Description: new_device_store and delete_device_store touch module-global resources (e.g., gpio_aggregator_lock). To prevent race conditions during module unload, the fix adds a reference held via try_mo...

CVE-2025-21951

Technical details about CVE-2025-21951 are not provided in the supplied documents. Monitor official advisories for updates on affected products, impact, and fixes.

CVE-2025-21956

CVE-2025-21956 : In the Linux kernel, drm/amd/display incorrectly handled color depth 14, triggering a warning in amdgpu when running on Radeon RX 6600 XT. The issue is resolved by assigning the pixel clock as pix_clk * (14 * 3) / 24, aligning with other color depths, and also fixes indentation i...

CVE-2025-22045

The connected Astra Linux entry reproduces CVE-2025-22045 and provides a concrete technical detail: the Linux kernel x86 flush_tlb_range() path could zap normal PMD entries ( pointing to page tables ) together with PTEs, via collapse_pte_mapped_thp → pmdp_collapse_flush → flush_tlb_range. The fix...

CVE-2025-23156

The CVE-2025-23156 vulnerability affects the Linux kernel’s media: venus: hfi_parser component. It is caused by a potential out-of-bounds access when parsing a payload’s words_count and data pointers; when words_count reaches the last word, data may read beyond the total payload. The issue is mit...

CVE-2025-23159

CVE-2025-23159 affects the Linux kernel (media: venus: hfi) where sfr->buf_size is in shared memory and can be modified by a local attacker. The vulnerability enables an out-of-bounds write if the declared size exceeds the actual sfr data buffer. The fix caps the size to the allocated buffer, ...

CVE-2025-37766

CVE-2025-37766 affects the Linux kernel drm/amd/pm component, where the vulnerability stems from a divide-by-zero condition when setting a speed value. If speed exceeds UINT_MAX/8, a division by zero can occur. Multiple connected advisories/plugins (Azure Linux update, Astra Linux page, CIRCL sig...

CVE-2025-37998

CVE-2025-37998: Open vSwitch Netlink attribute parsing is the vulnerability. The Debian/Amazon/Linux advisories confirm the issue exists in the Linux kernel openvswitch output_userspace path and fix by replacing the manual Netlink attribute iteration with nla_for_each_nested(), ensuring only well...

CVE-2009-4067

CVE-2009-4067 : A buffer overflow in the Auerswald Linux USB driver (function auerswald_probe ) for the Linux kernel is exploitable on kernel versions before 2.6.27. The vulnerability allows physically proximate attackers to execute arbitrary code, cause a denial of service, or take full control ...

CVE-2010-2962

The CVE-2010-2962 issue affects the Intel i915 DRM GEM in the Linux kernel prior to 2.6.36. It arises from insufficient validation of pointers to memory blocks in i915_gem.c, enabling local users to write to kernel memory via crafted ioctl usage (pwrite/pread) and potentially gain privileges.

CVE-2010-3442

Technical details for CVE-2010-3442 are not publicly provided in the connected documents. The sources reference the CVE and affected kernel versions but do not describe exploitability, impact specifics, or fixes. Monitor for vendor advisories and updates.

CVE-2010-3877

The CVE-2010-3877 issue affects the Linux kernel (as cited in MiracleLinux AXSA:2011-143:02 and related advisories) where get_name in net/tipc/socket.c does not initialize a structure, enabling local attackers to read uninitialized kernel stack memory and leak information. Impact is a local infor...

CVE-2010-4164

CVE-2010-4164 affects the Linux kernel prior to 2.6.36.2, where multiple integer underflows occur in the x25_parse_facilities function (net/x25/x25_facilities.c). This can allow a remote attacker to cause a denial of service (system crash) via malformed X.25 facility data (X25_FAC_CLASS_A/B/C/D)....

CVE-2010-4526

CVE-2010-4526 describes a race condition in the Linux kernel between 2.6.11-rc2 and 2.6.33 in sctp_icmp_proto_unreachable (net/sctp/input.c). An ICMP Unreachable to a socket that is already locked by a user can free the socket and trigger list corruption via sctp_wait_for_connect, enabling remote...

CVE-2010-4649

The CVE-2010-4649 issue affects the Linux kernel up to 2.6.37, where an Integer overflow in ib_uverbs_poll_cq (drivers/infiniband/core/uverbs_cmd.c) allows a local user to cause memory corruption and a possible DoS or other unspecified impact when a structure member is large. The vulnerability re...

CVE-2011-1010

Concretely, CVE-2011-1010 is reported in MiracleLinux advisory AXSA:2011-282:05 as affecting kernel-2.6.18-238.2.AXS3. It describes a buffer overflow in the mac_partition function (fs/partitions/mac.c) of the Linux kernel, prior to version 2.6.37.2, which can allow a local user to cause a denial ...

CVE-2011-4330

CVE-2011-4330 describes a stack-based buffer overflow in the Linux kernel 2.6, specifically in hfs_mac2asc (fs/hfs/trans.c). A crafted HFS image len field can be used by a local user to trigger a crash and, per the description, possibly execute arbitrary code. The associated connected documents c...

CVE-2014-4171

CVE-2014-4171 affects mm/shmem.c in the Linux kernel up to 3.15.1. The issue is that the interaction between range notification and hole punching is not properly implemented, allowing a local user to cause a denial of service (i_mutex hold) by using mmap to access a hole. Demonstrations in the so...

CVE-2014-4654

The CVE-2014-4654 issue affects the Linux kernel ALSA control implementation (snd_ctl_elem_add in sound/core/control.c). The root cause is a lack of authorization checks for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, allowing local attackers with access to /dev/snd/controlX to remove kernel controls....

CVE-2016-3695

CVE-2016-3695 in the Linux kernel relates to the einj_error_inject function (drivers/acpi/apei/einj.c). The issue allows a local user to simulate hardware errors and cause a denial of service by failing to disable APEI error injection via EINJ when securelevel is set. The connected documents show...

CVE-2017-14497

CVE-2017-14497 describes a vulnerability in the Linux kernel’s tpacket_rcv() path (net/packet/af_packet.c) where the code mishandles vnet headers. It is triggered by crafted system calls and, per the connected Nessus entries, could allow a local attacker to cause a denial of service via buffer ov...

CVE-2017-15127

CVE-2017-15127 affects the Linux kernel (mm/hugetlb.c: hugetlb_mcopy_atomic_pte). A superfluous implicit page unlock for VM_SHARED hugetlbfs mappings could trigger a local denial of service. Affected: Linux kernel prior to 4.13; the issue is addressed in later kernel versions (see commit 5af10dfd...

CVE-2017-18079

CVE-2017-18079 affects the Linux kernel, state: a NULL pointer dereference in drivers/input/serio/i8042.c can crash the system because the port->exists value can change after validation, leading to a denial of service or potentially other impact. Public docs specify the vulnerable condition is...

CVE-2018-14619

CVE-2018-14619 affects the Linux kernel crypto subsystem prior to version 4.15-rc4: the null skcipher was freed when af_alg_ctxs were freed instead of when the aead_tfm was freed. This can allow a local user to crash the system or potentially escalate privileges. The connected Nessus advisories (...

CVE-2021-47557

Summary (CVE-2021-47557) : In the Linux kernel, the net/sched sch_ets code could expose a NULL pointer dereference in the DRR active list when the number of DRR classes decreases, allowing a crash via cl->qdisc->ops->peek(cl->qdisc) if cl->qdisc is NULL. This affects the ETS qdisc ...

CVE-2022-3111

Mode C detected: CVE-2022-3111 affects the Linux kernel up to 5.16-rc6. The vulnerability is described as free_charger_irq() in drivers/power/supply/wm8350_power.c failing to free WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger(). The Astra Linux bulletin repeats the exact des...

CVE-2022-3113

Summary of CVE-2022-3113 : The issue is in the Linux kernel’s media/vcodec path, specifically mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c, where the return value of devm_kzalloc() is not checked, leading to a possible NULL pointer dereference. The vulnerability...

CVE-2022-3534

CVE-2022-3534 affects the libbpf component (function btf_dump_name_dups in tools/lib/bpf/btf_dump.c) with a use-after-free in Linux kernel/libbpf. Debian and other sources report a patch and version bumps: Debian DLA fixes libbpf to 0.3-2+deb11u1 (and related packages), and ALT Linux notes a fix ...

CVE-2022-48742

The CVE-2022-48742 entry relates to the Linux kernel’s rtnetlink handling. Technical details in connected documents show that the vulnerability arises from the replay logic in __rtnl_newlink(), where not refreshing master_dev/m_ops could trigger a use-after-free during a replay path. The confirme...

CVE-2022-49086

CVE-2022-49086 affects the Linux kernel Open vSwitch actions: during parsing user-provided actions, the ovs_openvswitch module can allocate memory and leak it when destroying actions due to nested actions not being freed. The root cause is that several actions can hold nested lists of actions and...

CVE-2022-49268

Summary: CVE-2022-49268 affects the Linux kernel ASoC: SOF Intel path and causes a NULL pointer dereference when ENOMEM occurs during noncontiguous DMA allocations. The issue arises if snd_dma_free_pages() is called after snd_dma_alloc_pages() returns -ENOMEM, leading to a NULL dereference in dma...

CVE-2022-49296

CVE-2022-49296: Linux kernel Ceph deadlock when holding Fwb to get inline_data. The vulnerability arises during cephfs/cephmds inline data handling (inline_version logic) causing a deadlock involving Fwb/Fsr caps during the getattr sequence, potentially locking the system. Connected docs indicate...

CVE-2022-49389

CVE-2022-49389 concerns a refcount leak in the Linux kernel USB/IP path. The issue arises because usb_get_dev() is called in stub_device_alloc(), and if stub_probe() fails afterward, the reference must be released with usb_put_dev(). The fix moves usb_put_dev() to the sdev_free error path, ensuri...

CVE-2022-49531

The CVE-2022-49531 entry concerns the Linux kernel loop driver. A vulnerability in the loop: implement ->free_disk could allow freeing a lo_device before the gendisk is freed, risking a deadlock if the device is still in use. The issue is described as resolved, with upstream fixes relaxing the...