2330 matches found
CVE-2024-47661
The CVE-2024-47661 issue affects the Linux kernel’s drm/amd/display path, where dmub_rb_cmd's ramping_boundary was defined as uint8_t but assigned 0xFFFF. The fix changes ramping_boundary to a uint8_t value of 0xFF, addressing two integer-overflow problems reported by Coverity. Affected component...
CVE-2024-49899
CVE-2024-49899 affects the Linux kernel’s DRM AMD display code. The vulnerability arises from denominators that could be zero due to uninitialized defaults; the fix sets denominators’ default to 1 to prevent division by zero. This resolves 10 DIVIDE_BY_ZERO issues reported by Coverity. The linked...
CVE-2024-50283
Concrete details found in connected docs: CVE-2024-50283 affects the Linux kernel ksmbd via a slab-use-after-free in smb3_preauth_hash_rsp; the fix changes the call order so ksmbd_user_session_put is invoked under smb3_preauth_hash_rsp() to avoid freeing the session prematurely. The issue is tied...
CVE-2025-37740
The CVE-2025-37740 entry concerns the Linux kernel JFS code: a zero AG width in dmapctl can cause a divide error when computing the control page level in dbAllocAG. The vulnerability is fixed by adding a sanity check for agwidth in dbAllocAG (to avoid division by zero). Affected component: JFS in...
CVE-2025-37803
CVE-2025-37803 : Linux kernel vulnerability in udmabuf where a buffer size overflow can occur during udmabuf creation. The root cause is improper size calculation, mitigated by casting size_limit_mb to u64 when computing pglimit. Connected advisories corroborate a kernel fix; patches are deployed...
CVE-2025-37862
CVE-2025-37862 affects the Linux kernel HID PIDFF code. The vulnerability is a NULL pointer dereference in pidff_find_fields (and pidff_find_special_field) when searching for a report not implemented on the device, potentially triggering a crash. The issue could occur for both optional and requir...
CVE-2015-8962
CVE-2015-8962: Double free in sg_common_write (drivers/scsi/sg.c) of the Linux kernel before 4.4. A local user can gain privileges or cause memory corruption/system crash by detaching a device during an SG_IO ioctl. Remediation: upgrade to Linux kernel 4.4+ or apply vendor patch; exploitation con...
CVE-2022-48893
CVE-2022-48893 affects the Linux kernel's drm/i915/gt engine discovery. If driver initialization is aborted mid-gt/engine discovery, some engines stay incompletely set up and leak allocated objects because engine->release may be NULL. The entry notes a fix: drop the destroy_pinned_context() he...
CVE-2022-49177
CVE-2022-49177 : In the Linux kernel, the cavium hwrng driver fix addresses a NULL pointer dereference in cavium RNG handling. The issue manifested as a NULL dereference of 'pdev' in cavium-rng-vf.c (line 182) when dereferenced, triggering a coccicheck warning. The upstream patch fixes the NULL-d...
CVE-2024-42069
CVE-2024-42069 is a Linux kernel vulnerability: the net: mana double-free in an error path was fixed. When auxiliary_device_add() fails and calls auxiliary_device_uninit(), the adev_release callback could free makedev twice via kfree(madev). The fix prevents this by setting madev to NULL in the e...
CVE-2024-42093
CVE-2024-42093 – Linux kernel vulnerability in net/dpaa2: cpumask allocation on stack. For CONFIG_CPUMASK_OFFSTACK=y, explicit allocation of cpumask on the stack can overflow the stack. The fix is to use the *cpumask_var API(s) to allocate cpumask variables in a config-neutral way, leaving alloca...
CVE-2024-42134
CVE-2024-42134 : In the Linux kernel, virtio-pci may dereference vp_dev->is_avq when determining admin virtqueues in vp_del_vqs, since vp_dev->is_avq can be empty on some installations (virtio_pci_legacy). The bug could crash guests; the fix is to validate vp_dev->is_avq before use. Conn...
CVE-2024-46812
CVE-2024-46812 concerns the Linux kernel DRM/AMD display code. The vulnerability arises from memory access issues addressed by skipping inactive planes in ModeSupportAndSystemConfiguration, as reported by Coverity. The fix is implemented in the kernel to prevent illegal accesses by not processing...
CVE-2024-46841
Technical details about CVE-2024-46841 are not publicly available in the provided connected documents. Monitor for updates from official advisories and vendor pages.
CVE-2024-47704
CVE-2024-47704 affects the Linux kernel in the drm/amd/display path. The issue arises when dp_enable_link_phy/dp_disable_link_phy pass link_res without initializing hpo_dp_link_enc, leading to null dereference (two forward_null issues). The connected Nessus/NASL entries confirm the vulnerability ...
CVE-2024-49890
CVE-2024-49890 : Linux kernel fix for a NULL dereference in drm/amd/pm by ensuring fw_info is not NULL before use. The issue manifested as a null dereference warning reported by Coverity; the patch prevents dereferencing a NULL fw_info and thus mitigates the vulnerability as described in the entr...
CVE-2024-49895
Summary: CVE-2024-49895 affects the Linux kernel DRM/AMD display path for DCN30, where a degamma hardware-format translation could access transfer function points out of bounds. The root cause is an index variable “i” that could exceed TRANSFER_FUNC_POINTS, leading to a potential buffer overflow ...
CVE-2024-49901
CVE-2024-49901 concerns the Linux kernel DRM MSM Adreno path. The root cause was a NULL pointer dereference during cleanup when gpu->pdev may still be NULL during early initialization, including cases where speedbin data exists but opp/hw data in DT is missing. The vulnerability was resolved b...
CVE-2024-49912
The CVE-2024-49912 entry concerns a Linux kernel DRM/AMD display issue. A null pointer dereference risk existed in drm/amd/display within planes_changed_for_existing_stream when stream_status could be null. The published fix adds a null check for stream_status in planes_changed_for_existing_strea...
CVE-2024-49914
CVE-2024-49914 affects the Linux kernel DRM/AMD display path. A null pointer dereference could occur in dcn20_program_pipe when pipe_ctx->plane_state is null; a patch adds a guard to verify pipe_ctx->plane_state is non-null before access. This stabilizes display pipe programming and prevent...
CVE-2024-49931
The CVE-2024-49931 issue in Linux kernel WiFi driver ath12k (SoC stats) is a concrete fix: ath12k_dp_rx_process() previously indexed hal_reo_error with the REO destination SRNG ring ID, which is incorrect and caused an out-of-bounds access. The fix uses the normal ring ID directly to prevent out-...
CVE-2024-49992
CVE-2024-49992 affects the Linux kernel DRM STM path. Specifically, ltdc_load() calls drm_crtc_init_with_planes(), drm_universal_plane_init(), and drm_encoder_init() with devm_kzalloc()-allocated resources, which can lead to use-after-free in CRTC/plane handling. Root cause: allocations not manag...
CVE-2009-4067
CVE-2009-4067 : A buffer overflow in the Auerswald Linux USB driver (function auerswald_probe ) for the Linux kernel is exploitable on kernel versions before 2.6.27. The vulnerability allows physically proximate attackers to execute arbitrary code, cause a denial of service, or take full control ...
CVE-2010-2962
The CVE-2010-2962 issue affects the Intel i915 DRM GEM in the Linux kernel prior to 2.6.36. It arises from insufficient validation of pointers to memory blocks in i915_gem.c, enabling local users to write to kernel memory via crafted ioctl usage (pwrite/pread) and potentially gain privileges.
CVE-2010-3442
Technical details for CVE-2010-3442 are not publicly provided in the connected documents. The sources reference the CVE and affected kernel versions but do not describe exploitability, impact specifics, or fixes. Monitor for vendor advisories and updates.
CVE-2010-3877
The CVE-2010-3877 issue affects the Linux kernel (as cited in MiracleLinux AXSA:2011-143:02 and related advisories) where get_name in net/tipc/socket.c does not initialize a structure, enabling local attackers to read uninitialized kernel stack memory and leak information. Impact is a local infor...
CVE-2010-4164
CVE-2010-4164 affects the Linux kernel prior to 2.6.36.2, where multiple integer underflows occur in the x25_parse_facilities function (net/x25/x25_facilities.c). This can allow a remote attacker to cause a denial of service (system crash) via malformed X.25 facility data (X25_FAC_CLASS_A/B/C/D)....
CVE-2010-4649
The CVE-2010-4649 issue affects the Linux kernel up to 2.6.37, where an Integer overflow in ib_uverbs_poll_cq (drivers/infiniband/core/uverbs_cmd.c) allows a local user to cause memory corruption and a possible DoS or other unspecified impact when a structure member is large. The vulnerability re...
CVE-2011-1010
Concretely, CVE-2011-1010 is reported in MiracleLinux advisory AXSA:2011-282:05 as affecting kernel-2.6.18-238.2.AXS3. It describes a buffer overflow in the mac_partition function (fs/partitions/mac.c) of the Linux kernel, prior to version 2.6.37.2, which can allow a local user to cause a denial ...
CVE-2011-4330
CVE-2011-4330 describes a stack-based buffer overflow in the Linux kernel 2.6, specifically in hfs_mac2asc (fs/hfs/trans.c). A crafted HFS image len field can be used by a local user to trigger a crash and, per the description, possibly execute arbitrary code. The associated connected documents c...
CVE-2014-4654
The CVE-2014-4654 issue affects the Linux kernel ALSA control implementation (snd_ctl_elem_add in sound/core/control.c). The root cause is a lack of authorization checks for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, allowing local attackers with access to /dev/snd/controlX to remove kernel controls....
CVE-2017-15127
CVE-2017-15127 affects the Linux kernel (mm/hugetlb.c: hugetlb_mcopy_atomic_pte). A superfluous implicit page unlock for VM_SHARED hugetlbfs mappings could trigger a local denial of service. Affected: Linux kernel prior to 4.13; the issue is addressed in later kernel versions (see commit 5af10dfd...
CVE-2017-18079
CVE-2017-18079 affects the Linux kernel, state: a NULL pointer dereference in drivers/input/serio/i8042.c can crash the system because the port->exists value can change after validation, leading to a denial of service or potentially other impact. Public docs specify the vulnerable condition is...
CVE-2022-3113
Summary of CVE-2022-3113 : The issue is in the Linux kernel’s media/vcodec path, specifically mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c, where the return value of devm_kzalloc() is not checked, leading to a possible NULL pointer dereference. The vulnerability...
CVE-2022-49531
The CVE-2022-49531 entry concerns the Linux kernel loop driver. A vulnerability in the loop: implement ->free_disk could allow freeing a lo_device before the gendisk is freed, risking a deadlock if the device is still in use. The issue is described as resolved, with upstream fixes relaxing the...
CVE-2022-49546
Technical details (affected product/version, root cause, impact, fix specifics) are not publicly provided in the connected documents. Monitor for updates.
CVE-2024-26726
CVE-2024-26726 : In the Linux kernel, a Btrfs bug could panic when writing the free-space inode because the extent map was dropped on a write error and then looked up again, yielding EXTENT_MAP_HOLE on a second pass. The fix removes dropping the extent_map range for the failed free-space cache wr...
CVE-2024-46733
The CVE-2024-46733 issue is in the Linux kernel, specifically the btrfs qgroup reserve leaks in cow_file_range during buffered writes. The root cause is that in the dirty page path the qgroup reserve remains owned until an ordered_extent is created; if an error occurs before allocation of the ord...
CVE-2024-46818
CVE-2024-46818 affects the Linux kernel’s DRM/AMD display driver. The root cause is using GPIO_ID_UNKNOWN (-1) as an array index; a patch adds a pre-check before indexing the gpio_id, fixing 5 Coverity-reported overrun issues. The vulnerability is addressed in kernel updates that include the drm/...
CVE-2024-46840
CVE-2024-46840 relates to the Linux kernel bug in btrfs where handling for refs == 0 in snapshot delete could yield an incorrect answer because of missing locks. The fix converts BUG_ON(refs == 0) sites in reada, walk_down_proc, and walk_up_proc to proper error handling, returning -EUCLEAN (later...
CVE-2024-49905
CVE-2024-49905 refers to a fix in the Linux kernel’s AMD GPU driver code, specifically for the DRM/AMD display path. The vulnerability arose from using the variable afb in amdgpu_dm_plane_handle_cursor_update without a null check; the commit added a null check to prevent potential null pointer de...
CVE-2024-49907
CVE-2024-49907 : Linux kernel DRM/AMD display vulnerability where a NULL dereference can occur by dereferencing dc->clk_mgr in the idle-power path if it is NULL. The fix adds a NULL check before calling dc->hwss.apply_idle_power_optimizations (which may call dcn35_apply_idle_power_optimizat...
CVE-2024-50003
CVE-2024-50003 affects the Linux kernel component drm/amd/display. The issue causes a system hang on resume when a Thunderbolt (TBT) monitor is connected, because the HPD during resume triggers drm_client_modeset_probe() while connector->dev->master is NULL, potentially corrupting pipe topo...
CVE-2024-53089
CVE-2024-53089 concerns the Linux kernel on LoongArch with KVM. The issue arises from hrtimers that may be canceled/called in contexts that violate PREEMPT_RT rules, after timers are unmarked to expire in soft expiry but then canceled from a preempt-notifier with preemption disabled. The fix make...
CVE-2025-37849
CVE-2025-37849 affects the Linux kernel KVM arm64; the issue occurs when kvm_arch_vcpu_create() fails to share the vCPU page with the hypervisor, leaving vGIC vCPU data initialised. This can leak memory on vCPU destruction and may cause use-after-free in redistributor handling. The fix adds prope...
CVE-2009-1072
CVE-2009-1072 affects the Linux kernel prior to 2.6.28.9. nfsd in the kernel does not drop the CAP_MKNOD capability before handling a user request in a thread, enabling local users on an exported filesystem using root_squash to create device nodes. MiracleLinux 3 lists this as fixed in kernel-2.6...
CVE-2010-3859
CVE-2010-3859 stems from multiple signedness errors in the Linux kernel’s TIPC implementation, allowing local privilege escalation via a crafted sendmsg that triggers a heap-based buffer overflow in tipc_msg_build and related iovec handling (verify_iovec). Public sources confirm affected historic...
CVE-2010-3880
CVE-2010-3880 affects the Linux kernel (net/ipv4/inet_diag.c) prior to 2.6.37-rc2. The issue is improper auditing of INET_DIAG bytecode, enabling a local user to trigger a kernel infinite loop and cause a denial of service via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message conta...
CVE-2021-47082
CVE-2021-47082 affects the Linux kernel tun/tun.c: a double-free in tun_free_netdev is caused by deferring dev->tstats and tun->security allocations to a new ndo_init routine (tun_net_init) that runs via register_netdevice(). If register_netdevice() fails, the destructor previously would no...
CVE-2022-3104
The CVE-2022-3104 entry concerns the Linux kernel (up to 5.16-rc6) where lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c does not check the return value of kmalloc(), enabling a NULL pointer dereference. Affected software is the Linux kernel, with root cause in unchecked kmalloc return leading to...