CVE-2022-48951

The CVE-2022-48951 vulnerability is in the Linux kernel ASoC path: snd_soc_put_volsw_sx() does bounds checks only for the first channel, allowing potential out-of-bounds writes to the second channel in stereo controls. This is fixed upstream by adding proper checks (e.g., kernel commits cf611d......

CVE-2022-49326

CVE-2022-49326 affects RTL818x wireless in Linux kernel (rtl8180/rtl8185/rtl8187se family). The issue arises from using not initialized tx queues, where reading ring->entries when zero can crash the kernel. The fix patches the driver to ignore priority for cards with a single TX queue and to p...

CVE-2022-50020

CVE-2022-50020 affects the Linux kernel ext4 filesystem: the patch prevents online resizing to an unaligned/partial cluster boundary. The issue could cause the last resize iteration to grow the filesystem by a negative amount, tripping a BUG_ON and leaving the in-memory superblock corrupted. Conn...

CVE-2023-52511

CVE-2023-52511 (Linux kernel, spi sun6i) : The issue stems from RX SPI transfers with DMA enabled where data could be corrupted during DMA to memory when transfers span more than a single byte. The fix reduces the width of each DMA read to the RX FIFO to a single byte, mitigating data loss. Publi...

CVE-2023-52641

CVE-2023-52641 : Linux kernel vulnerability in the ntfs3 file system driver. A NULL pointer dereference could occur at the end of attr_allocate_frame(); a patch adds NULL pointer checks and directs exit via the out: label to avoid dereference of debugging helpers. The issue is resolved by this fi...

CVE-2023-52810

CVE-2023-52810 refers to a Linux kernel issue in fs/jfs where l2nbperpage could become negative, causing a shift-out-of-bounds UBSAN failure in jfs_dmap.c. Reports indicate UBSAN: shift-out-of-bounds with shift exponent -16777216 and that the fix adds a validity check for negative db_l2nbperpage ...

CVE-2024-26829

CVE-2024-26829 : Linux kernel vulnerability in media: ir_toy where a memleak could occur if the command path and irtoy_tx allocation are used and the command fails; the leak is mitigated by freeing the allocated buffer (buf) when irtoy_command fails. Connected advisories confirm the issue and des...

CVE-2024-40970

The CVE-2024-40970 entry concerns a Linux kernel vulnerability in the dw-axi-dmac component that can cause a kernel panic due to an overrun of the hw_desc array when a descriptor chain expands (example: nr_buffers=3 with 3 segments per descriptor, totaling 9). The proposed fix, as described in mu...

CVE-2024-41068

CVE-2024-41068 – Linux kernel (s390 sclp_init cleanup) Affected: Linux kernel on s390. Root cause: sclp_init() could fail and leave sclp_state_change_event entries in sclp_reg_list, causing a list_add double add warning if multiple init attempts occur. Impact: local privilege or denial conditions...

CVE-2024-42063

CVE-2024-42063: In the Linux kernel, a KMSAN-flagged uninitialized memory issue was identified in BPF devmap when calling map_lookup_elem/map_delete_elem in interpreter mode. Reproducer shows uninitialized value paths through __dev_map_lookup_elem and bpf_map_lookup_elem during BPF program execut...

CVE-2024-42097

CVE-2024-42097 corresponds to a Linux kernel issue in ALSA emux patch handling where load_data() validation and skipping of the main info block was not aligned with load_guspatch(), and load_guspatch() lacked a check that the patch length matches the data. The connected Nessus entries confirm the...

CVE-2024-46842

The CVE-2024-46842 entry concerns the Linux kernel SCSI lpfc mailbox timeout handling. The MBX_TIMEOUT return wasn’t checked in lpfc_get_sfp_info, causing mailbox memory to be freed regardless of status; if firmware provides SFP data later, the reply memory could reference freed memory in the com...

CVE-2024-57950

The CVE-2024-57950 entry concerns the Linux kernel drm/amd/display path, where a defect caused denominators used in calculations to potentially be uninitialized or set to zero, risking division by zero. The resolved description states the fix: initialize denominator defaults to 1 to avoid DIVIDE_...

CVE-2025-37857

CVE-2025-37857 affects the Linux kernel scsi: st driver. It fixes an array overflow in st_setup() by changing the array size from a fixed value to follow the parms size.

CVE-2025-37883

CVE-2025-37883 affects the Linux kernel in s390/sclp code. The fix adds a check for the return value of get_zeroed_page() in sclp_console_init() to prevent null pointer dereference, and introduces a free helper to address a memory leak from the loop allocation. Impact described in the sources inc...

CVE-2025-37963

CVE-2025-37963 affects the Linux kernel on arm64 in the BPF subsystem. The vulnerability arises in the mitigation scope for eBPF: only cBPF programs loaded by unprivileged users are mitigated, as support for unprivileged eBPF is typically disabled and privileged users can still load the same prog...

CVE-2009-3238

CVE-2009-3238 affects the Linux kernel (pre-2.6.30) where get_random_int in drivers/char/random.c produced insufficiently random numbers, enabling prediction of return values and potentially defeating defenses based on randomness. Several OS advisories (e.g., RHSA-2009:1438, ELSA-2009-1106/1438, ...

CVE-2010-3861

CVE-2010-3861 affects the Linux kernel up to version 2.6.36. The vulnerability arises in the ethtool_get_rxnfc function in net/core/ethtool.c, which fails to initialize a certain block of heap memory. This can allow a local user to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLA...

CVE-2011-3637

CVE-2011-3637 is a vulnerability in the Linux kernel where the m_stop function in fs/proc/task_mmu.c can trigger an OOPS via vectors that cause an m_start error. Affected: Linux kernel versions prior to 2.6.39 (i.e., 2.6.38 and earlier). Impact: local denial of service (kernel oops) without remot...

CVE-2012-1090

CVE-2012-1090 affects the Linux kernel: the cifs_lookup function in fs/cifs/dir.c can trigger a local denial of service (OOPS) when a local user accesses a specially crafted file (e.g., a FIFO). The issue exists in kernel versions prior to 3.2.10. Exploitation requires local access. The documente...

CVE-2014-4014

The CVE-2014-4014 issue is a Linux kernel local privilege escalation affecting versions before 3.14.8. The root cause is that namespaces are inapplicable to inodes, allowing a local user who creates a user namespace to bypass chmod restrictions by setting the setgid bit on a file with root group ...

CVE-2015-8963

CVE-2015-8963 : The Linux kernel contains a race condition in kernel/events/core.c related to swevent handling during a CPU unplug operation. Affected: Linux kernel versions before 4.4. Impact: local privilege escalation or denial of service (use‑after‑free) as described in the vulnerability entr...

CVE-2021-47202

Summary (concrete details from connected docs): CVE-2021-47202 affects the Linux kernel’s thermal subsystem. The vulnerability arises in of_parse_thermal_zones(), which registers a thermal_zone for each subnode of thermal-zones. If a thermal zone uses a thermal sensor whose device has not yet pro...

CVE-2021-47345

Concrete details found: CVE-2021-47345 affects the Linux kernel’s RDMA/cma path, specifically a memory leak in rdma_resolve_route() when called repeatedly on the same rdma_cm_id. The trigger described in multiple sources is that cma_query_handler() may cause RDMA_CM_EVENT_ROUTE_ERROR, returning t...

CVE-2022-49134

Technical details about CVE-2022-49134 are not publicly provided in the supplied documents; no affected products/versions/fixes are specified here. Monitor for updates.

CVE-2022-49139

CVE-2022-49139 affects the Linux kernel Bluetooth stack. The issue occurs in the HCI handling path: upon receiving a HCI_Synchronous_Connection_Complete for a BDADDR of an existing LE connection, with LE link type and a status triggering the second packet-processing case, a NULL pointer dereferen...

CVE-2023-22997

CVE-2023-22997 affects the Linux kernel prior to 6.1.2. The vulnerability resides in module/decompress.c where the function module_get_next_page can return an error pointer, but code treats it as NULL in the error case, potentially causing a denial of service. The issue is local in scope; CVSS in...

CVE-2023-3108

CVE-2023-3108 affects the Linux kernel, specifically the get_user_pages_fast path in the skcipher_recvmsg interface for symmetric-key ciphers (crypto/algif_skcipher.c). The flaw allows a local user to crash the system. Public details in the provided documents confirm the vulnerable component and ...

CVE-2024-26844

Linux kernel vulnerability CVE-2024-26844 was resolved by patching the block layer to address a harmful iov_iter direction issue. A Syzkaller warning reported that an iov_iter could be used in both directions due to a transfer direction SG_DXFER_TO_FROM_DEV, which would copy user buffers into the...

CVE-2024-42067

CVE-2024-42067 : In the Linux kernel, the vulnerability involves BPF/JIT memory protection. The function set_memory_rox() can fail, leaving memory unprotected. The fix makes the code check the return value of set_memory_rox() via bpf_jit_binary_lock_ro() and bail out if an error occurs, ensuring ...

CVE-2024-46728

CVE-2024-46728 affects the Linux kernel (drm/amd/display) where there is a fix for using aux_rd_interval: the value of aux_rd_interval (size 7) must be checked before use. The connected Azure/Linux Nessus entries confirm the advisory references this vulnerability and describe the fix as preventin...

CVE-2024-46773

The CVE-2024-46773 issue in the Linux kernel concerns the drm/amd/display path where a division could be performed with a zero denominator (pbn_div). The root cause is a denominator that could be zero; upstream patch adds a check before use to prevent a DIVIDE_BY_ZERO. Public documents confirm th...

CVE-2024-46827

The CVE-2024-46827 entry describes a Linux kernel fix for ath12k Wi‑Fi: when an association request contains an Extended HE Capabilities Element with an invalid MCS-NSS, the driver passes a zero peer_nss to firmware, potentially crashing it. The remediation implements validation of peer_nss and f...

CVE-2024-47664

The CVE affects the Linux kernel SPI driver for Hisilicon Kunpeng (spi: hisi-kunpeng). The root cause is a division by zero in hisi_calc_effective_speed() when max_speed_hz (provided by firmware) is 0. The firmware-supplied value is treated as trusted, but 0 is now explicitly invalidated, and an ...

CVE-2010-2963

CVE-2010-2963 affects the Linux kernel’s Video4Linux (V4L) implementation on x86_64, where a flaw in the v4l2-compat ioctl32 code fails to validate the destination of a memory copy, enabling a local user to write arbitrary kernel memory via VIDIOCSTUNER on a /dev/video device followed by VIDIOCSM...

CVE-2010-4082

CVE-2010-4082 affects the Linux kernel prior to 2.6.36-rc5, where viafb_ioctl_get_viafb_info in drivers/video/via/ioctl.c fails to initialize a structure member. This can allow local users to leak potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call. The issu...

CVE-2010-4162

CVE-2010-4162: Linux kernel before 2.6.36.2 contains multiple integer overflows in fs/bio.c that allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device. MiracleLinux AXSA:2011-57 lists CVE-2010-4162 among affected kernel issues and references a f...

CVE-2011-2491

The CVE-2011-2491 issue affects the Linux kernel’s NFS client NLM protocol implementation. It allows a local attacker to cause a denial of service (system hang) by abusing a LOCK_UN flock system call. The vulnerability is rooted in the NLM handling in the kernel prior to 3.0. The referenced fix/c...

CVE-2011-2723

CVE-2011-2723 affects the Linux kernel prior to 2.6.39.4 where the skb_gro_header_slow handling under GRO can reset fields incorrectly, enabling remote attackers to cause a denial of service (system crash) via crafted network traffic. Connected advisories confirm this CVE is referenced alongside ...

CVE-2011-3363

The CVE-2011-3363 issue affects the Linux kernel up to version 2.6.38, specifically the setup_cifs_sb function in fs/cifs/connect.c. The root cause is improper handling of DFS referrals, enabling a remote CIFS server to trigger a denial-of-service (system crash) by placing a referral at the root ...

CVE-2015-4002

CVE-2015-4002 affects the OZWPAN driver in the Linux kernel (drivers/staging/ozwpan/ozusbsvc1.c) up to version 4.0.5. The issue is a length-value handling flaw where certain length values are not sufficiently large, enabling remote attackers to cause a denial of service (system crash or large loo...

CVE-2021-47511

The CVE-2021-47511 issue affects the Linux kernel ALSA: pcm: oss path, where period size calculation could produce negative values treated as positive due to size_t. The OSS layer could pass an oversized period/buffer to lower layers. The authenticated fix changes handling to ssize_t with proper ...

CVE-2022-48841

Vulnerability CVE-2022-48841 affects the Linux kernel ice driver: NULL pointer dereference in ice_update_vsi_tx_ring_stats() during Tx ring stats update. If the ring pointer is NULL, a later access to propagate Tx stats to VSI stats could crash. The fix changes logic to move to the next ring when...

CVE-2022-49103

CVE-2022-49103 is a Linux kernel issue where NFSv4.2 _nfs42_proc_copy_notify() leaks refcounts on two error paths after get_nfs_open_context() is called. The root cause is that refcount balancing is omitted on error returns, leading to leaks of the object ctx. The connected security documents con...

CVE-2022-49307

CVE-2022-49307 : In the Linux kernel, the tty synclink_gt driver can trigger a null-pointer dereference in slgt_clean() when alloc_hdlcdev() fails and the module is removed. Affected component: the synclink_gt (tty) HDLC driver path in the kernel. The root cause is a null dereference of info->...

CVE-2023-0030

CVE-2023-0030 describes a use-after-free in the Linux kernel nouveau driver related to triggering a memory overflow that causes nvkm_vma_tail to fail. Affected component: nouveau driver in the Linux kernel; root cause is use-after-free leading to crash and potential local privilege escalation. Pr...

CVE-2023-52590

CVE-2023-52590 affects the Linux kernel OCFS2 rename path. The issue arises when renaming a directory where the parent does not change; the VFS could lock-touch the renamed directory, risking filesystem corruption. The fix ensures ocfs2 rename code avoids touching a renamed directory if its paren...

CVE-2023-52596

CVE-2023-52596: Linux kernel sysctl out-of-bounds access when registering empty sysctl directories. Root cause: a check tests the first element of ctl_table for a permanently empty directory, leading to out-of-bounds. Mitigation in the patched code: register_sysctl_mount_point now passes a ctl_ta...

CVE-2023-52633

CVE-2023-52633 affects the Linux kernel time-travel feature. In basic time-travel mode, timer_read() may process a timer interrupt after computing the forward time but before finishing the update, causing the interrupt to set a time that is incompatible with the forward, which can make time go ba...

CVE-2023-53101

CVE-2023-53101 affects the Linux kernel ext4 bootloader inode handling. The issue arises when EXT4_IOC_SWAP_BOOT initializes an inode with a non-zero i_size, causing i_disksize to remain non-zero and creating an i_size vs i_disksize inconsistency that can trigger a kernel warning (as shown in the...