2330 matches found
CVE-2024-50090
The CVE-2024-50090 entry concerns the Linux kernel, specifically the drm/xe/oa path. The issue arises when OA reuses a batch buffer and appends MI_BATCH_BUFFER_END on every call, causing an overflow as bb->len * 4 + bb_prefetch(q->gt) grows beyond the allocated size. The provided connected ...
CVE-2024-50183
CVE-2024-50183 relates to the Linux kernel lpfc SCSI NPIV cleanup: deleting an NPIV instance must release all fabric ndlps, or a kref imbalance race occurs. The fix forces DA_ID to complete synchronously using a wait_queue, per the description in both the original CVE entry and Astra Linux securi...
CVE-2024-50211
Technical details about CVE-2024-50211 (affected component, root cause, impact, or fix) are not provided in the supplied connected documents. Monitor for updates from upstream advisories or security bulletins.
CVE-2024-50248
CVE-2024-50248 affects the Linux kernel ntfs3 driver. Connected advisories confirm a fix that adds bounds checking in ntfs3: mi_enum_attr() to ensure attributes do not read beyond valid memory. This addresses potential memory-safety issues arising from unchecked attribute enumeration. The Debian/...
CVE-2010-3432
CVE-2010-3432 affects the Linux kernel SCTP stack: sctp_packet_config in net/sctp/output.c initializes packet data structures too aggressively in kernels before 2.6.35.6, enabling remote attackers to trigger a denial of service (panic) via a specific SCTP traffic sequence. Affected component: ker...
CVE-2012-0879
CVE-2012-0879 affects the Linux kernel prior to 2.6.33, where the I/O implementation for block devices mishandles the CLONE_IO feature. Local attackers can create multiple processes sharing an I/O context, causing I/O instability and a denial of service. The vulnerability is evidenced across mult...
CVE-2012-3400
CVE-2012-3400 describes a heap-based buffer overflow in the udf_load_logicalvol function (fs/udf/super.c) of the Linux kernel up to version 3.4.5. The flaw allows remote attackers to cause a denial of service (system crash) or potentially other impact via a crafted UDF filesystem. Connected advis...
CVE-2014-0069
The CVE-2014-0069 entry affects the Linux kernel (fs/cifs/file.c: cifs_iovec_write) up to version 3.13.5. The vulnerability stems from improper handling of uncached write operations that copy fewer bytes than requested, enabling local users to read kernel memory (information disclosure), cause me...
CVE-2022-49567
The CVE-2022-49567 issue is a Linux kernel vulnerability in mm/mempolicy where uninitialized nodemask data can be accessed when policy mode is MPOL_LOCAL, leading to potential read of pol->w.cpuset_mems_allowed during mpol_rebind_policy. The root cause is that mpol_set_nodemask() does not init...
CVE-2023-52915
The CVE-2023-52915 issue affects the Linux kernel driver media: dvb-usb-v2 (af9035) where af9035_i2c_master_xfer processes user-controlled msg entries; if msg[i].buf is null and msg[i].len is zero, previous checks on msg[i].buf could pass, allowing data to reach af9035_i2c_master_xfer and potenti...
CVE-2024-35943
The CVE-2024-35943 entry pertains to the Linux kernel, specifically a vulnerability in TI-related pmdomain handling where omap_prm_domain_init lacked a null-pointer check after a dynamic allocation. The issue arises because devm_kasprintf() can return NULL on allocation failure, and without verif...
CVE-2024-39483
CVE-2024-39483 affects Linux kernel KVM: SVM where a warning is raised for vNMI + NMI window when NMIs are masked, such as during an STI shadow or GIF=0, potentially causing a spurious WARN. The vulnerability centers on KVM’s NMI window handling: KVM injects one NMI and pends the other; with vNMI...
CVE-2024-44939
The CVE-2024-44939 entry describes a Linux kernel vulnerability in the JFS filesystem (dtInsertEntry in fs/jfs/jfs_dtree.c). The issue arises when a pointer h equals p; after UniStrncpy_to_le writes the name, p->header.flag is cleared, causing the test p->header.flag & BT-LEAF to flip from ...
CVE-2024-47670
This CVE (CVE-2024-47670) affects the Linux kernel OCFS2 subsystem. The vulnerability arises from insufficient bounds checking in ocfs2_xattr_find_entry(), allowing potential out-of-bounds memory access while scanning for a match in OCFS2 extended attributes. The advisory states that a paranoia c...
CVE-2024-49892
CVE-2024-49892 (Linux kernel) : Affects the DRM/AMD display path. The bug was caused by get_bytes_per_element() potentially returning 0, leading to multiple DIVIDE_BY_ZERO errors. The patch initializes the default to 1, ensuring bytes_per_element_y and bytes_per_element_c are never denominators o...
CVE-2024-49900
CVE-2024-49900 (Linux kernel) : Fixes an uninitialized access in jfs/xattr.c where ea_buf->new_ea was not initialized, causing an uninit-value path observed by KMSAN in lzo1x_1_do_compress. The patch initializes the buffer by applying memset at the start of ea_get(), preventing uninitialized w...
CVE-2024-49971
CVE-2024-49971 affects the Linux kernel DRM/AMD display code. The root cause is an out-of-bounds access when dml2_core_shared_mode_support and dml_core_mode_support read the third element of the two-element dummy_boolean array (hw_debug5 = &s->dummy_boolean[2]), causing an OVERRUN. The fix inc...
CVE-2024-58001
Technical details about CVE-2024-58001 are not publicly provided in the supplied documents. Monitor for updates from official advisories; the sources reference related advisories but do not reveal vulnerability specifics, affected products, or fixes.
CVE-2025-37841
CVE-2025-37841: In the Linux kernel, the vulnerability affects the pm: cpupower: bench path. If malloc returns NULL due to low memory, the config pointer can be NULL, leading to a NULL dereference. The issue has a tracked fix described as adding a NULL check to prevent dereferencing config when m...
CVE-2026-43500
Summary: CVE-2026-43500 affects the Linux kernel RXRPC path for DATA/RESPONSE packets. The issue occurs when skb fragments are externally owned (e.g., via splice() or frag lists) and the code path decrypts in place, binding frag pages into the AEAD/skcipher SGL. The fix extends the gate to unshar...
CVE-2016-2053
CVE-2016-2053: The Linux kernel’s asn1_ber_decoder in lib/asn1_decoder.c is vulnerable to denial-of-service (panic) via a crafted ASN.1 BER file that lacks a public key. The issue occurs in kernel builds prior to 4.3. Consequence is a local DoS without authenticated user interaction. Affected com...
CVE-2017-16529
CVE-2017-16529 affects the Linux kernel’s snd_usb_create_streams in sound/usb/card.c, allowing a local attacker to trigger an out-of-bounds read and system crash via a crafted USB device, with impact described as a denial of service and potentially other effects. The issue is present in kernels p...
CVE-2018-16597
CVE-2018-16597 affects the Linux kernel prior to version 4.8. The issue is an incorrect access check in overlayfs mounts, which could allow a local attacker to modify or truncate files on the underlying filesystem. The connected Nessus/OpenVAS advisories reference kernel updates to fix this vulne...
CVE-2022-3115
Mode C: CVE-2022-3115 affects the Linux kernel up to 5.16-rc6. The malidp_crtc_reset path in drivers/gpu/drm/arm/malidp_crtc.c does not check kzalloc() return, causing a NULL pointer dereference. Impact is local, potentially enabling kernel denial of service. Public details confirm the exact vuln...
CVE-2022-3606
CVE-2022-3606 affects the Linux kernel libbpf component (function find_prog_by_sec_insn in tools/lib/bpf/libbpf.c). The issue is a NULL pointer dereference; advisories recommend applying a patch. Connected sources confirm this CVE is tracked in VDB-211749 and is fixed in downstream packages (e.g....
CVE-2022-49179
CVE-2022-49179 is a Linux kernel UAF in the block I/O BFQ scheduler (block, bfq: don’t move oom_bfqq). The issue manifests as a use-after-free in bfq_put_async_bfqq() during module removal (rmmod) and BFQ/blk-mq teardown, with 1024-byte slab allocations implicated. Unity Linux advisories UTSA-202...
CVE-2022-49430
The CVE-2022-49430 entry affects the Linux kernel in the gpio_keys controller. The issue arises from canceling a delayed work handle when the gpio_keys module unloads and an interrupt pin is used instead of GPIO; the module initializes delayed work only for GPIO-backed paths and not for interrupt...
CVE-2022-49728
CVE-2022-49728 affects the Linux kernel’s IPv6 path. The issue is a signed integer overflow in __ip6_append_data, triggered by computing [length] that could exceed int range (UBSAN report: 2147479552 + 8567 cannot be represented in type int). The fix implemented across patches changes the [length...
CVE-2023-35827
CVE-2023-35827 : A use-after-free in the Linux kernel up to version 6.3.8 is reported, specifically in ravb_remove() inside drivers/net/ethernet/renesas/ravb_main.c. The issue arises from a use-after-free in the Renesas AVB/RAVB driver, as described in Astra Linux and Nessus feeds. The vulnerabil...
CVE-2024-42081
CVE-2024-42081 affects the Linux kernel component drm/ xe/ xe_devcoredump. The root cause was assigning xe_devcoredump_snapshot* and xe_device* unconditionally; the fix adds a NULL check and only assigns these pointers when coredump is not NULL. CVSS: Low-Privilege Local access with Medium overal...
CVE-2024-43893
CVE-2024-43893 (Linux kernel) fixes a divide-by-zero in uart_get_divisor triggered by TIOCSSERIAL with an invalid baud_base when uartclk becomes zero. The patch adds a zero-check for uartclk in uart_set_info() before subsequent serial_setup calls, preventing a divide-by-zero and potential oops on...
CVE-2024-43901
CVE-2024-43901 — Linux kernel DRM/AMD display NULL pointer dereference in DTN log (DCN401) Affected software: Linux kernel with AMD display driver (DCN401). Root cause: reading the DTN log attempts to access the gamut_remap callback when the DCN401 ASIC does not implement it, leading to a NULL po...
CVE-2024-46751
CVE-2024-46751 affects the Linux kernel's BTRFS path btrfs_lookup_extent_info(), where a 0 reference count could trigger a BUG_ON(). The fix replaces BUG_ON() with returning -EUCLEAN, aborting the transaction, and logging an error. This is documented in Debian/Ubuntu advisories and included in pa...
CVE-2024-47809
CVE-2024-47809 (Linux kernel) fixes a possible NULL pointer dereference in the DLM code path when a lock block (lkb) is created but the lkb_resource is not yet assigned (until attach_lkb via validate_lock_args). The issue could occur when request_lock() calls, potentially exposing a crash; anothe...
CVE-2024-49919
CVE-2024-49919 describes a null pointer dereference in the Linux kernel DRM AMD display path. Specifically, in dcn201_acquire_free_pipe_for_layer, the code could assume head_pipe was non-null and perform an assertion when it was null. The fix adds an explicit null check for head_pipe and, if it i...
CVE-2024-50108
CVE-2024-50108 affects the Linux kernel DRM-AMD display path. The issue arises from PSR-SU handling for Parade 08-01 TCON, where at boot and during fullscreen VA-API playback a ~1s black screen occurs and kernel warnings are logged when calling dmub_psr_enable(). The vulnerability is mitigated by...
CVE-2024-50196
CVE-2024-50196 affects the Linux kernel pinctrl/ocelot subsystem. The issue causes a system hang when a GPIO interrupt is configured in level mode while the parent interrupt is configured in edge mode, because chained_irq_enter() may not be called if the GPIO interrupt is cleared before the paren...
CVE-2024-53108
The CVE-2024-53108 issue affects the Linux kernel’s DRM/AMD display stack, specifically the AMD kernel driver path (drm/amd/display) and the function amdgpu_dm_update_freesync_caps. The root cause is an out-of-bounds read caused by ID extraction for the replay check in the AMD EDID being performe...
CVE-2024-56369
CVE-2024-56369 affects the Linux kernel DRM code: drm/modes/drm_mode_vrefresh() attempted to avoid divide-by-zero by checking htotal/vtotal, but can still trigger div-by-zero (vtotalhtotal ...). This can lead to a crash/denial of service (availability impact). The issue is fixed in the upstream k...
CVE-2025-21957
The CVE refers to a Linux kernel issue affecting the SCSI qla1280 driver. When the driver is compiled with DEBUG_QLA1280 and ql_debug_level > 2, a null dereference can cause an oops. The root cause is incorrect handling of debug printing, where sg_next(s) was used instead of sg_dma_len(s). The...
CVE-2011-1182
CVE-2011-1182 affects the Linux kernel’s signal handling: kernel/signal.c before 2.6.39 allows local users to spoof the UID and PID of a signal sender via sigqueueinfo. Affected in MiracleLinux 3 (kernel 2.6.18-274.1.AXS3) per AXSA-2011-313:06; the issue is described as a kill-signal spoofing vul...
CVE-2011-1776
The CVE-2011-1776 issue affects the Linux kernel’s is_gpt_valid function (fs/partitions/efi.c). It does not validate the size of a GPT entry, allowing physically proximate attackers to trigger a heap-based buffer overflow and OOPS or potentially read kernel heap memory when a crafted GPT storage ...
CVE-2011-3191
CVE-2011-3191 affects the Linux kernel CIFS implementation (fs/cifs/cifssmb.c: CIFSFindNext). It is caused by an integer signedness error, existing in kernels before 3.1, which can allow a remote CIFS server to trigger memory corruption or other impact via a large length value in a directory read...
CVE-2014-3180
CVE-2014-3180 affects the Linux kernel prior to 3.17, specifically the compatibility code path in kernel/compat.c. The vulnerability is an out-of-bounds read where restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. Note: the description states the code path is unreachab...
CVE-2021-46283
CVE-2021-46283 affects the Linux kernel’s nf_tables_newset in nf_tables_api.c, where missing initialization of nft_set_elem_expr_alloc can trigger a NULL pointer dereference/GPF when a local user creates a netfilter table expression in their namespace, leading to a denial of service. The vulnerab...
CVE-2021-47356
CVE-2021-47356 : The issue is in the Linux kernel mISDN driver where its remove path could use-after-free a timer because del_timer() doesn’t wait for the handler to finish. The advisory notes the fix is to call del_timer_sync() to ensure the timer handler has finished and cannot reschedule. Affe...
CVE-2022-49123
CVE-2022-49123 affects the ath11k driver in Linux kernels where frames flush of management frames could deadlock, leading to queue flush failures. The vulnerability has upstream fixes (kernel commits referenced in the CVE entry) and downstream patches appear in OS advisories for Root-OS (Ubuntu 2...
CVE-2023-52591
CVE-2023-52591 affects the Linux kernel’s reiserfs rename path. The issue arises when renaming a directory where the parent directory does not change; the VFS previously could touch a renamed directory due to lack of proper locking, risking filesystem corruption. The fix adjusts the reiserfs rena...
CVE-2023-52593
CVE-2023-52593 concerns a potential NULL pointer dereference in the Linux kernel’s wifi driver wfx. The issue arises because ieee80211_beacon_get() can return NULL, and wfx_set_mfp_ap() did not validate this before inspecting skb data. The fix converts wfx_set_mfp_ap() to return an error code whe...
CVE-2024-36893
CVE-2024-36893 – Linux kernel : A NULL pointer dereference in usb: typec: tcpm due to typec_register_partner() not guaranteeing partner registration. If port->partner is invalid (NULL or an error value) and is not checked before dereferencing, it can crash the kernel (e.g., kernel NULL pointer...