2330 matches found
CVE-2022-49297
CVE-2022-49297 is a Linux kernel vulnerability related to the NBD (network block device) disconnect flow that could cause IO hangs when a device is disconnected. The issue occurs in the NBD path during disconnect and socket clearing, with inflight requests potentially not completing due to how NB...
CVE-2023-51042
CVE-2023-51042 affects the Linux kernel up to 6.4.12 where amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c may dereference a freed fence (use-after-free). The issue is fixed in ChangeLog-6.4.12; Astra Linux bulletin also notes the same vulnerability. Impact details and remedia...
CVE-2024-26763
CVE-2024-26763 is a Linux kernel vulnerability in dm-crypt related to authenticated encryption. The issue arises when data is modified during encryption, which could produce an invalid tag. The fix copies the data into a clone bio and encrypts there, avoiding in-place modification and potential d...
CVE-2024-35849
CVE-2024-35849 affects the Linux kernel btrfs_ioctl_logical_to_ino path. The issue is an information leak: a struct btrfs_data_container allocated with kvmalloc() is copied back to user space without zero-filling, exposing uninitialized memory (Bytes 40-65535) to user-space. The root cause is lac...
CVE-2024-49868
CVE-2024-49868 : Linux kernel (btrfs) vulnerability causing a NULL pointer dereference in btrfs_update_reloc_root during balance/relocation cleanup. Root cause: a window where fs_info->reloc_ctl can be NULL between set_reloc_contrl() andunset_reloc_control(), leading to dereferencing NULL in c...
CVE-2024-49891
CVE-2024-49891 : In the Linux kernel, the SCSI lpfc path can NULL-deref when an HBA is resetting or handling an errata event due to hdwq pointers that may have been freed. Fixes add NULL pointer checks before dereferencing hdwq pointers in affected routines (e.g., lpfc_sli_flush_io_rings, lpfc_de...
CVE-2024-49897
CVE-2024-49897 concerns the Linux kernel DRM/AMD display path. The issue arises in drm/amd/display where dcn32_enable_phantom_stream can return NULL, leading to a NULL dereference if the returned value is used without checks. The fix adds a check for phantom_stream before use, addressing a NULL_R...
CVE-2024-49898
CVE-2024-49898 affects the Linux kernel’s drm/amd/display component. The root cause is that drr_timing and subvp_pipe are initialized to null and are not consistently re-assigned before being dereferenced, leading to two FORWARD_NULL issues reported by Coverity. The issue is addressed by kernel f...
CVE-2024-49909
The CVE-2024-49909 vulnerability affects the Linux kernel DRM AMD display path (drm/amd/display) specifically in dcn32_set_output_transfer_func, where a null pointer dereference could occur if set_output_gamma is NULL. The issue arises from dereferencing set_output_gamma after a prior NULL check ...
CVE-2024-50012
The CVE-2024-50012 issue is in the Linux kernel cpufreq code. In parse_perf_domain, if of_parse_phandle_with_args returns an error, the initial reference to the CPU device node would not be decremented, potentially leaving a reference handling bug. The fix declares the CPU node variable with a cl...
CVE-2025-23161
CVE-2025-23161 : In the Linux kernel, the PCI vmd driver fixed a lock context issue by changing vmd_dev::cfg_lock from spinlock_t to raw_spinlock_t so it can be used with interrupts disabled in PREEMPT_RT contexts. This avoids a sleeping-lock scenario when accessing PCI config space via pci_ops r...
CVE-2025-23163
CVE-2025-23163 relates to a Linux kernel issue in VLAN handling: net: vlan: don't propagate flags on open. The root cause is a possible deadlock when opening VLAN devices due to the device instance lock, where a task may try to acquire dev->lock while already holding it (seen in dev_open + dev...
CVE-2014-9644
CVE-2014-9644 affects the Linux kernel Crypto API prior to 3.18.5. It allows a local user to load arbitrary kernel modules by abusing a bind() call on an AF_ALG socket with a module template expression (eg, vfat(aes)) in salg_name. This is a local, privilege-related issue, separate from CVE-2013-...
CVE-2021-47110
CVE-2021-47110 affects the Linux kernel’s x86/kvm subsystem. The issue: kvmclock was only disabled on boot CPU during shutdown via machine_shutdown(), leaving other CPUs with a live kvmclock and risking memory corruption on events like Hibernate restore. Root cause: kvmclock MSR is not universall...
CVE-2022-48947
CVE-2022-48947 is a Linux kernel vulnerability related to Bluetooth L2CAP u8 overflow. By repeatedly sending L2CAP_CONF_REQ, chan->num_conf_rsp could wrap at 255. The fix adds a boundary check using L2CAP_MAX_CONF_RSP to prevent overflow. Connected advisories (e.g., Unity Linux/Astra Linux ent...
CVE-2022-49295
CVE-2022-49295 documents a race in the Linux kernel nbd subsystem: during module removal, netlink command handling can race with cleanup unless genl_unregister_family() is called first in nbd_cleanup(). The described oops is a NULL pointer dereference (addr 0x98) in down_write(), with a trace thr...
CVE-2022-49504
The CVE-2022-49504 issue affects the Linux kernel SCSI lpfc path, where after an external loopback test the system oopsed in llpfc_set_rrq_active() due to a mismanaged ABTS completion and ref counting. The root cause was a mixup in completing the new FLOGI/ABTS flow, causing the original ABTS to ...
CVE-2023-6039
CVE-2023-6039 : A use-after-free vulnerability in the Linux kernel’s LAN78XX USB Ethernet driver (lan78xx_disconnect in drivers/net/usb/lan78xx.c) can crash the system when a LAN78XX USB device is detached. The issue is local in scope and affects the network sub-system (net/usb/lan78xx). The CVE ...
CVE-2024-49921
CVE-2024-49921 concerns the Linux kernel DRM display driver (drm/amd/display) specifically around null-pointer usage; fixes were applied to ensure pointers such as dc->clk_mgr are checked before use, addressing 10 FORWARD_NULL issues reported by Coverity. The connected OSV entries confirm patc...
CVE-2024-50017
CVE-2024-50017 affects the Linux kernel’s identity-mapping code (x86/mm/ident_map). When ident_pud_init() creates identity maps using only GB pages, it can map large address ranges not requested (a 4K request could yield a full 1GB mapping), potentially including BIOS-reserved areas. This enables...
CVE-2010-4163
The CVE-2010-4163 issue affects the Linux kernel, where blk_rq_map_user_iov in block/blk-map.c is vulnerable before version 2.6.36.2. A local attacker can trigger a denial of service (kernel panic) by submitting a zero-length I/O request via a device ioctl to a SCSI device. The description explic...
CVE-2011-1585
Technical details for CVE-2011-1585 are not publicly provided in the supplied connected documents. Monitor for updates from vendor advisories or security bulletins to obtain affected products, impact, and fixes.
CVE-2021-4148
CVE-2021-4148 : Linux kernel vulnerability in the function block_invalidatepage (fs/buffer.c) where a missing sanity check can allow a local user with privileges to cause a denial of service. The connected advisories corroborate a local DoS impact but do not provide vendor-specific patch details ...
CVE-2022-48765
The CVE-2022-48765 entry corresponds to a Linux kernel issue in KVM LAPIC handling during SET_LAPIC. The accompanying (unpatched) Nessus/OpenVAS notes describe a scenario where rebooting a guest with tsc-deadline mode not exposed can trigger a preemption timer cancellation via apic_update_lvtt(),...
CVE-2022-49563
CVE-2022-49563 affects the Linux kernel crypto qat RSA path. The issue arises when copying the source scatterlist into a linear buffer: requests with a source buffer larger than the key are rejected to prevent a possible integer underflow. The CVE is listed as fixed in kernel updates, with relate...
CVE-2023-34256
CVE-2023-34256 describes an out-of-bounds read in crc16 in lib/crc16.c when invoked from fs/ext4/super.c due to incomplete offset checks in ext4_group_desc_csum, affecting the Linux kernel up to but not including 6.3.3. The issue can enable local denial of service or information leaks via a craft...
CVE-2024-41017
Public technical details (affected products/versions, root cause, impact or patch) for CVE-2024-41017 are not provided in the connected documents. Monitor vendor advisories and CVE feeds for updates.
CVE-2024-42145
CVE-2024-42145 pertains to the Linux kernel’s IB/core subsystem, addressing an unbounded UMAD receive list in ib_umad. The fix implements a hard limit of 200k packets on the UMAD receive list; packets beyond the limit are dropped, on the assumption they will time out before user-space handling. P...
CVE-2024-46715
CVE-2024-46715: Linux kernel vulnerability in iio_info callback access where certain callbacks could be accessed without checks, leading to a NULL pointer dereference and potential kernel oops if a driver does not implement callbacks. The issue was fixed by adding missing validation for iio_info ...
CVE-2024-49922
The CVE-2024-49922 entry concerns the Linux kernel DRM AMD display driver. The issue arises from using pointers that may be NULL in a path where they had been validated earlier in the same function, triggering null-pointer handling after use. The vulnerability is mitigated by a fix that adds null...
CVE-2024-50193
CVE-2024-50193 affects the Linux kernel on x86. The vulnerability is in x86/entry_32 where CPU buffers were cleared after exc_nmi but before restoring registers. The fix moves CLEAR_CPU_BUFFERS to after RESTORE_ALL_NMI, addressing RDFS mitigation requirements. Public metrics show CVSS v3.1 base s...
CVE-2024-50242
CVE-2024-50242 affects the Linux kernel ntfs3 implementation. The issue is described as an “Additional check in ntfs_file_release” in the ntfs_file_release path, with CVSSv3.1: LOCAL, Low attack complexity, Low privileges required, UI: None, S:U, and metrics indicating high confidentiality, integ...
CVE-2024-56692
CVE-2024-56692 involves a Linux kernel bug in the f2fs filesystem where an on-disk nat entry blkaddr may be corrupted, triggering a kernel panic in f2fs_invalidate_blocks during truncate_node. The root cause is a lacking sanity check on nat blkaddr, which can be exploited indirectly by fuzzed ima...
CVE-2025-23141
CVE-2025-23141 affects the Linux kernel with KVM on x86. The vulnerability arises from acquiring SRCU in KVM_GET_MP_STATE to protect guest memory accesses during a window where APIC events (INIT/SIPI) and a pending triple_fault can trigger nested VM-exits, potentially allowing guest memory access...
CVE-2010-3296
CVE-2010-3296 affects the Linux kernel driver cxgb3 (cxgb_extension_ioctl in drivers/net/cxgb3/cxgb3_main.c). The advisory states that the code path in kernels up to 2.6.36-rc5 does not properly initialize a structure member, allowing a local user to potentially read sensitive data from kernel st...
CVE-2010-3875
CVE-2010-3875 affects the Linux kernel, specifically the ax25_getname function in net/ax25/af_ax25.c. The root cause is that a structure is not initialized, enabling local users to read a copy of kernel stack memory and potentially obtain sensitive information. The issue is tied to kernels prior ...
CVE-2010-4075
The CVE-2010-4075 entry affects the Linux kernel module code: uart_get_count (drivers/serial/serial_core.c) in versions prior to 2.6.37-rc1. The vulnerability arises from not properly initializing a certain structure member, enabling local users to read potentially sensitive information from kern...
CVE-2011-1013
CVE-2011-1013 is an integer signedness error in the drm_modeset_ctl ioctl handling that affects the Linux kernel prior to 2.6.38 and OpenBSD prior to 4.9, allowing local users to trigger out-of-bounds writes and potentially crash the system or cause other impact via a crafted vb_num in an ioctl. ...
CVE-2011-2699
CVE-2011-2699 affects the Linux kernel IPv6 implementation. The vulnerability is that, before version 3.1, Fragment Identification values were not generated separately for each destination, enabling remote attackers to cause a denial of service by sending crafted packets. Connected advisories ref...
CVE-2012-3412
CVE-2012-3412 affects the sfc (Solarflare Solarstorm) driver in the Linux kernel, specifically versions before 3.2.30. The vulnerability allows remote attackers to trigger a denial of service by sending crafted TCP packets that induce a small MSS value, leading to DMA descriptor consumption and n...
CVE-2019-20422
The CVE-2019-20422 issue affects the Linux kernel prior to 5.3.4, where fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, potentially causing a crash identified by syzkaller (CID-7b09c2d052db). The vulnerability arises from incorrect ...
CVE-2022-3111
Mode C detected: CVE-2022-3111 affects the Linux kernel up to 5.16-rc6. The vulnerability is described as free_charger_irq() in drivers/power/supply/wm8350_power.c failing to free WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger(). The Astra Linux bulletin repeats the exact des...
CVE-2022-48733
The CVE-2022-48733 issue affects the Linux kernel (btrfs) where a use-after-free can occur in create_snapshot() if btrfs_commit_transaction() fails and the pending snapshot is freed, leaving it in the transaction list. The root cause is improper lifecycle handling of the pending snapshot during t...
CVE-2022-48827
CVE-2022-48827 (Linux kernel NFSD READ near OFFSET_MAX) : The vulnerability arises when the client-side NFS read request is aligned to a server rsize of 0x1000 due to a buffer alignment change. This can cause a loff_t overflow on the server when reading near the maximum file offset, leading the s...
CVE-2022-49537
CVE-2022-49537 is related to the Linux kernel SCSI lpfc path with CMF enabled. The issue arises from this_cpu_ptr() using smp_processor_id() in a preemptible context, leading to an invalid call trace (systemd-udevd 31711) and potential preemption-related bugs. The documented fix is to replace thi...
CVE-2024-26644
CVE-2024-26644 : Linux kernel Btrfs snapshot logic fails when the source is a deleted subvolume. The code copies the source root item (including refs) to the new root item; since refs is 0 for a deleted subvolume, btrfs_get_new_fs_root() returns -ENOENT and the snapshot creation aborts. The docum...
CVE-2024-26845
CVE-2024-26845 (Linux kernel) involves the SCSI target core handling of TMF in tmr_list. The issue: an abort processed by iSCSI could be added to tmr_list but not handled by target core, causing a LUN_RESET path to wait for an abort that never completes. Public advisories show debug traces (e.g.,...
CVE-2024-46707
CVE-2024-46707 affects the Linux kernel KVM for arm64. When a guest is configured without vGICv3 and the host cannot emulate GICv2, writes to ICC_SGI EL1 are trapped to EL2, leading to an attempted SGI emulation that dereferences a NULL interrupt pointer. The public details confirm the root cause...
CVE-2024-46772
CVE-2024-46772 affects the Linux kernel (drm/amd/display). The vulnerability arises from not guarding the denominator crb_pipes before use, risking a divide-by-zero. The patch fixes two divide-by-zero issues by ensuring the denominator is checked prior to its use, and is noted as resolved in down...
CVE-2024-46861
CVE-2024-46861 - Linux kernel USB net driver (usbnet/ipheth) : The issue arises when RX callbacks fail in usbnet ipheth; causes could be payload too short, incorrect payload framing (e.g., bad NCM framing), or memory pressure. These failures previously could cause the driver to seize up. The docu...