2330 matches found
CVE-2021-47551
CVE-2021-47551 : In the Linux kernel, the issue affects the DRM AMD amdkfd driver used with SR-IOV configurations. The root cause is a kernel panic that can occur when a reset has failed and is triggered again; the driver may attempt uninitialization again and fail to resume cpsch, since there is...
CVE-2022-48824
CVE-2022-48824 : In the Linux kernel, the scsi myrs driver can crash during error handling. If privdata->hw_init() fails non‑zero, myrs_detect() leaves cs->disable_intr as NULL and myrs_cleanup() dereferences a NULL pointer, causing a kernel crash with a NULL pointer dereference. The issue ...
CVE-2022-48826
Mode C: CVE-2022-48826 affects the Linux kernel drm/vc4, where a deadlock can occur during DSI device attach error when the host device lock is held. Specifically, in the device attach error path, un-registering the host can deadlock with a call trace involving device_del/unregister, mipi_dsi_hos...
CVE-2022-49128
The CVE concerns the Linux kernel DRM bridge PM runtime: calling pm_runtime_get_sync() could increment the runtime PM counter even on error, risking a refcount leak. The provided fix replaces this API with pm_runtime_resume_and_get() (which does not change the runtime PM counter on error) and add...
CVE-2022-49174
The CVE-2022-49174 entry concerns the Linux kernel ext4 code: when flex_bg with fast_commit is enabled, ext4_mb_mark_bb() may read the block bitmap buffer_head only for the starting block group, failing to refresh it when an inode extents crosses a block-group boundary. This can cause memory acce...
CVE-2022-49529
CVE-2022-49529 affects the Linux kernel’s DRM/AMDGPU PM code. Root cause: during context release with software SMU disabled, pp_funcs may be uninitialized, causing a NULL pointer dereference and kernel panic (as shown by the amdgpu_dpm_force_performance_level trace). The vulnerability is resolved...
CVE-2022-49618
In CVE-2022-49618, the Linux kernel pinctrl: aspeed driver fixes a potential NULL pointer dereference in aspeed_pinmux_set_mux() where pdesc could be null but dereferenced pdesc->name. The patch adds a null check before dereferencing, preventing null pointer access. Connected Astra Linux advis...
CVE-2022-49619
CVE-2022-49619 affects the Linux kernel net/sfp path. The vulnerability stems from sfp_probe() allocating memory via sfp_alloc() and not freeing it when devm_add_action() fails, causing a memory leak. The connected Astra/Tencent/Tenable entries confirm the fix is to replace devm_add_action() with...
CVE-2007-6762
The vulnerability is in the Linux kernel before 2.6.20, caused by an off-by-one error in net/netlabel/netlabel_cipso_v4.c that can overflow the doi_def->tags[] array. Affected component is the kernel’s netlabel CipSO v4 handling. The provided connected sources confirm the off-by-one overflow c...
CVE-2010-2478
CVE-2010-2478: The Linux kernel before 2.6.33.7 on 32-bit platforms has an integer overflow in ethtool_get_rxnfc(), triggered by a large info.rule_cnt via ETHTOOL_GRXCLSRLALL. Local users can cause a denial of service or potentially other impact (as described in the connected Mirage/Linux advisor...
CVE-2010-4805
CVE-2010-4805 affects the Linux kernel socket backlog handling in net/core/sock.c prior to 2.6.35, allowing remote DoS via large traffic (backlog management related to sk_add_backlog and sk_rmem_alloc). The entry notes this vulnerability exists due to an incomplete fix for CVE-2010-4251. The conn...
CVE-2014-2673
CVE-2014-2673 : Linux kernel TM implementation on PowerPC has a flaw in arch_dup_task_struct interacting with clone/fork. In kernels before 3.13.7, this can allow a local user to trigger a denial of service (Program Check and system crash) by executing instructions while the processor is in Trans...
CVE-2021-47207
CVE-2021-47207 (Linux kernel) : A null pointer dereference in ALSA gus handling (snd_gf1_dma_next_block) could occur if the pointer block returned null. The issue is fixed by adding a null check before dereferencing the pointer. Impact per the entry: local attack vector, low privileges required, ...
CVE-2021-47258
CVE-2021-47258 affects the Linux kernel scsi subsystem. The vulnerability arises from incorrect error handling in scsi_host_alloc, leading to a leaked device name if the device is not freed after initialization or when its name is set via dev_set_name. The published fixes replace kfree() with put...
CVE-2021-47339
In CVE-2021-47339, the Linux kernel fix targets media: v4l2-core, addressing uninitialized kernel stack data that could be used as input for driver ioctl handlers due to mistakes in compat ioctl implementation. The resolution requires explicitly clearing the entire ioctl input buffer before conve...
CVE-2021-47357
CVE-2021-47357 : In the Linux kernel, the atm: iphase removal path calls del_timer(), which can leave a timer handler running after the driver remove completes, causing a possible use-after-free. The fix uses del_timer_sync() to wait for the timer handler to finish and prevent rescheduling. Conne...
CVE-2021-47493
CVE-2021-47493 is a Linux kernel issue affecting ocfs2 where a race between searching chunks and releasing journal_head from a buffer_head can lead to a page fault or panic. The root cause is a race between ocfs2_test_bg_bit_allocatable() and jbd2_journal_put_journal_head(), with bg_bh->b_priv...
CVE-2021-47522
CVE-2021-47522 affects the Linux kernel HID bigbenff handling in uhid. When emulating the device, if no output reports exist, report_field may be NULL, risking a NULL pointer dereference. The issue has been resolved in the Linux kernel (as described in connected Astra Linux advisory blocks). Impa...
CVE-2021-47552
CVE-2021-47552 – Linux kernel : The vulnerability stems from blk-mq dispatch cancellation logic. Previously, blk_mq_quiesce_queue() was not invoked in blk_cleanup_queue(), delaying cancellation to disk_release(), which allowed a race where a scsi_device could be freed before blk_release_queue() r...
CVE-2022-48739
CVE-2022-48739 affects the Linux kernel ASoC hdmi-codec subsystem. The vulnerability arises from out-of-bounds memory accesses during memcpy(), caused by an incorrect size for the iec_status array. The fix aligns the size of iec_status with the status array of struct snd_aes_iec958, eliminating t...
CVE-2022-48852
The CVE (CVE-2022-48852) affects the Linux kernel DRM/VC4 HDMI driver. The issue arises because the HDMI codec device is registered on bind but not unregistered on unbind, causing a device leak. Root cause: unbind path does not unregister the HDMI codec device, leaving orphaned device state. The ...
CVE-2022-49157
CVE-2022-49157 affects the Linux kernel scsi/qla2xxx driver. After a recoverable PCI error is detected and recovered, the qla2xxx driver may perform premature hardware access if the error condition persists or resume signaling is not yet received. The description and logs show a PCI disconnect an...
CVE-2022-49171
CVE-2022-49171 is a Linux kernel issue in the mm/gup.c path affecting ext4. The race causes [un]pin_user_pages_remote to dirty pages without proper pre-notification to ext4, which can lead to data loss. While the root cause is classed as a bug in mm/gup.c, ext4 is particularly fragile: if another...
CVE-2022-49303
CVE-2022-49303 concerns a Linux kernel deadlock in the rtl8192eu driver (drivers/staging/rtl8192eu) during rtw_joinbss_event_prehandle. The provided details describe a lock-order issue: thread 1 holds pmlmepriv->lock while waiting on del_timer_sync(), but the timer handler (thread 2) also need...
CVE-2022-49432
CVE-2022-49432 affects the Linux kernel on PowerPC/xics: a refcount leak in icp_opal_init() was fixed. The root cause is that of_find_compatible_node() returns a node pointer with refcount already incremented, and the fix is to call of_node_put() on it when done. The upstream description notes th...
CVE-2022-49440
CVE-2022-49440 affects the Linux kernel (PowerPC RTAS path). The root cause is MSR[RI] not being preserved when entering RTAS, while RTAS runs in real mode and may trigger a panic/ watchdog lockup if MSR[RI] is unset. The fix updates how MSR is computed before calling RTAS, ensuring a hardcoded v...
CVE-2022-49977
Summary of CVE-2022-49977 – Linux kernel ftrace NULL pointer dereference Root cause: When ftrace is dead and ftrace_startup_enable fails to modify the ftrace state, the registration may leave an op in ftrace_ops_list. If the op is dynamically allocated, is_ftrace_trampoline can access a NULL op i...
CVE-2023-52754
CVE-2023-52754 is a Linux kernel vulnerability in the imon USB driver. The driver could memory-corrupt by naively assuming the first interface is bound to imon when probing the second interface; a malformed descriptor could bind the first interface to another driver. A patch adds a sanity check a...
CVE-2023-52799
In Linux kernel, CVE-2023-52799 relates to an array-index-out-of-bounds in the JFS path during dmtree_t searches for free blocks (tp->dm_stree). The fix adds a parameter to dbFindLeaf to determine the dmtree type, enabling an out-of-bounds check and preventing access beyond array bounds. Affec...
CVE-2023-52898
CVE-2023-52898 is a Linux kernel vulnerability in the xHCI USB host controller code. The issue is a potential null pointer dereference when the host dies, caused by a race between xhci_free_dev() freeing virt devices and xhci_kill_endpoint_urbs() iterating endpoints. The fix synchronizes access b...
CVE-2024-49990
CVE-2024-49990 is described in the initial document as a Linux kernel issue in drm/xe/hdcp where xe_gsc could be null when performing an HDCP capability check. The vulnerability was addressed by adding a GSC structure validity check to avoid a NULL pointer dereference. The Nessus plugin UNPATCHED...
CVE-2025-37878
CVE-2025-37878 (Linux kernel) : The vulnerability arises in perf/core during partial initialization of a child event. The fix defers the refcount update and the assignment of child_event->ctx until after child_event->pmu_ctx is set and immediately after the initial validation, ensuring chil...
CVE-2025-38068
CVE-2025-38068: In the Linux kernel, the crypto/lzo path fixed a compression buffer overrun by adding a safe compression interface that checks the end of the output buffer before each write and using it in crypto/lzo. This corrects a prior assumption that the caller always provided sufficient buf...
CVE-2007-4998
CVE-2007-4998 is a local, user‑assisted vulnerability in cp when preserving symlinks across multiple OSes. The issue allows an attacker to cause a race/symlink attack that can overwrite arbitrary files by crafting directories with multiple source files copied to the same destination. Multiple con...
CVE-2008-3275
The CVE-2008-3275 issue affects the Linux kernel before 2.6.25.15, where the real_lookup and __lookup_hash functions in fs/namei.c fail to prevent creating a child dentry for a deleted (S_DEAD) directory. This enables a local attacker to trigger a denial of service by repeatedly creating files wi...
CVE-2009-4895
CVE-2009-4895 describes a race condition in the Linux kernel's tty_fasync path (drivers/char/tty_io.c) prior to 2.6.32.6, enabling local users to cause a denial of service via a NULL pointer dereference and system crash. The issue is tied to put_tty_queue and __f_setown, with a note that it was a...
CVE-2021-47253
CVE-2021-47253 affects the Linux kernel’s DRM/AMD display path, where DMUB hw_init could leak memory on suspend/resume due to kzalloc allocation without guard. The fix ensures the DC wrapper memory is only allocated if it was not previously allocated, avoiding reallocation on suspend/resume. Docu...
CVE-2021-47328
Mode C: CVE-2021-47328 affects the Linux kernel in the SCSI/ISCSI stack. The issue is a use-after-free in iscsi_conn during resets when an unbind target call hasn’t occurred, leading to a race where iscsi_conn_teardown may free the connection while EH/threads access it. The fix moves TMF fields f...
CVE-2021-47355
CVE-2021-47355 relates to the Linux kernel ATM nicstar driver. The issue is a use-after-free in nicstar_cleanup() caused by removing a timer with del_timer() instead of del_timer_sync(), which may allow the timer handler to still run after the device removal. The fix ensures the timer finishes an...
CVE-2022-48761
CVE-2022-48761 affects the Linux kernel USB xhci-plat code. The issue occurs on platforms like i.MX8QM during suspend with remote wake enabled, where xhci_suspend disables the hub wake and then accesses registers after the device clock is gated by run-time suspend. The underlying root cause was t...
CVE-2022-49493
CVE-2022-49493: Linux kernel ASoC rt5645 cleanup order bug can cause use-after-free due to rt5645_i2c_remove() cancelling jack_detect_work before del_timer_sync, which may race with rt5645_btn_check_callback(). The fix moves del_timer_sync before cancel_delayed_work_sync, addressing the race. Con...
CVE-2022-49497
CVE-2022-49497 is a Linux kernel issue in the networking code where two BUG() calls were present in skb_checksum_help(). The vulnerability was resolved by removing these BUG()s and replacing them with WARN_ON_ONCE() so skb_checksum_help() can return an error code instead of triggering a crash whe...
CVE-2022-49621
The CVE-2022-49621 issue is a Linux kernel cpufreq.pmac32-cpufreq refcount leak bug. The root cause is missing of_node_put() for three node pointers whose refcounts were incremented by of_find_node_by_name() in pmac_cpufreq_init_MacRISC3(); the fix adds the corresponding of_node_put() calls to dr...
CVE-2022-49740
CVE-2022-49740 concerns the Linux kernel brcmfmac driver. The vulnerability arises when the device-provided channel spec count exceeds the allocated list length in brcmf_construct_chaninfo() and brcmf_enable_bw40_2g(), causing slab-out-of-bounds reads. The patch adds bounds checks so these functi...
CVE-2023-52737
CVE-2023-52737: In the Linux kernel, when using Btrfs, fiemap could deadlock with an in-flight fsync due to not taking the inode lock (i_mutex) before fiemap operations. The root cause is that fiemap_fill_next_extent() could fault while accessing user space buffers, which creates a lock-order cyc...
CVE-2023-52899
CVE-2023-52899 – kernel vulnerability (Linux kernel) has concrete details in connected advisories: a missing protection in the AXI channel error handling path (axi_chan_handle_err) for the vd signal can lead to a NULL pointer dereference and kernel panic. The issue is described as “Add exception ...
CVE-2023-53091
CVE-2023-53091 is an ext4 kernel issue fixed in EulerOS kernel advisories. When mounting a crafted ext4 image, s_journal_inum may change after journal replay, which could bypass checks in ext4_get_journal and trigger a null pointer dereference. The patch resolves this by ignoring the inum change ...
CVE-2025-38040
CVE-2025-38040 affects the Linux kernel’s serial/mctrl_gpio path. The advisory reports a fix for a denial of service/privilege implications by splitting the disabling of modem lines (disable_ms) into two APIs: sync and no_sync, addressing a sleeping function being called from an atomic context (d...
CVE-2008-4934
The CVE-2008-4934 issue affects the Linux kernel 2.6.x prior to 2.6.28-rc1 in the hfsplus code path. Specifically, hfsplus_block_allocate in fs/hfsplus/bitmap.c fails to verify the return value of read_mapping_page before invoking kmap, enabling a crafted hfsplus filesystem image to trigger a den...
CVE-2009-1242
CVE-2009-1242: In the Linux kernel, the vmx_set_msr function of the KVM VMX implementation (arch/x86/kvm/vmx.c) on i386 allowed a local guest OS user to trigger a denial of service (OOPS) by setting the EFER_LME bit in the EFER MSR. The issue affects kernel versions before 2.6.29.1 and is tied to...