2330 matches found
CVE-2025-4598
The CVE-2025-4598 entry concerns a race condition in systemd-coredump that can let a local attacker read a crashed SUID process’s core dump. Affected component is systemd and its coredump handling; root cause is a kill-and-replace race where the kernel recycles a PID before systemd-coredump can a...
CVE-2021-31916
CVE-2021-31916 is a Linux kernel vulnerability in the device-mapper code (drivers/md/dm-ioctl.c, list_devices) causing an out-of-bounds memory write due to a bound check failure in kernels before 5.12. An attacker with CAP_SYS_ADMIN (local, no user interaction) can trigger a heap overrun, potenti...
CVE-2017-11176
CVE-2017-11176 is a local vulnerability in the Linux kernel’s Netlink mq_notify path. The issue arises because mq_notify does not set the sock pointer to NULL when entering retry logic, enabling a use-after-free scenario during a user-space close of a Netlink socket. Public sources describe poten...
CVE-2019-19067
Summary (CVE-2019-19067) Four memory leaks in the acp_hw_init() function of amdgpu/acp.c in the Linux kernel (before 5.3.8) can cause memory consumption and denial of service when mfd_add_hotplug_devices() or pm_genpd_add_device() fail. The issue is reported as exploitable by a local attacker wit...
CVE-2022-28356
CVE-2022-28356 is a Linux kernel vulnerability describing a refcount leak in net/llc/af_llc.c that affects kernels before 5.17.1. Connected docs confirm the issue and reference a fix in 5.17.1 (and advisories in Debian DSA 5127-1/DSA-5173-1, Astra/Linux bulletins). The CVSS v3.1 base score is 5.5...
CVE-2019-19533
CVE-2019-19533 affects the Linux kernel prior to 5.3.4 and is caused by an info-leak in the ttusb_dec.c USB driver (drivers/media/usb/ttusb-dec/ttusb_dec.c) when handling a malicious USB device. The vulnerability can lead to partial information disclosure (confidentiality impact). Public referenc...
CVE-2024-0340
CVE-2024-0340 is confirmed in the Linux kernel, affecting the vhost_new_msg path in drivers/vhost/vhost.c. The issue arises from memory not being properly initialized when building messages exchanged between virtual guests and the host via /dev/vhost-net, enabling local privileged users to read k...
CVE-2020-28974
CVE-2020-28974 is a slab-out-of-bounds read in the Linux kernel’s fbcon driver, fixed in kernel 5.9.7. The flaw arises in KD_FONT_OP_COPY within drivers/tty/vt/vt.c and could allow a local attacker to read privileged kernel memory or cause a kernel crash. Several connected documents describe the ...
CVE-2010-3873
CVE-2010-3873 affects the Linux kernel X.25 implementation prior to 2.6.36.2. The vulnerability arises from improper parsing of facilities, allowing a remote attacker to trigger heap memory corruption and a kernel panic (partial availability) via malformed X25_FAC_CALLING_AE or X25_FAC_CALLED_AE ...
CVE-2017-6074
CVE-2017-6074 affects the Linux kernel up to 4.9.11, where dccp_rcv_state_process in net/dccp/input.c mishandles DCCP_PKT_REQUEST data in LISTEN state. This can allow a local user to gain root privileges or trigger a denial of service (double free) via an application using IPV6_RECVPKTINFO setsoc...
CVE-2019-15214
CVE-2019-15214 refers to a use-after-free in the Linux kernel sound subsystem (before 5.0.10), triggered when a card is disconnected and data structures are deleted too early. Affected components: sound/core/init.c and sound/core/info.c. Impact described in sources: local attacker could potential...
CVE-2021-45868
CVE-2021-45868: Linux kernel before 5.15.3 does not validate the on-disk quota_tree block number in quota_tree.c, which can lead to a use-after-free in kernel/locking/rwsem.c if a quota file is corrupted. Affected: Linux kernel up to 5.15.2 (and older) with quota support. Impact: potential kernel...
CVE-2022-1012
CVE-2022-1012 affects the Linux kernel TCP source port generation (net/ipv4/tcp.c) due to a small table perturb size, enabling information leakage and potential denial of service. Multiple connected advisories reiterate the memory-leak flaw in the TCP source port algorithm and indicate a patched ...
CVE-2023-30456
CVE-2023-30456 affects Linux kernels with arch/x86/kvm/vmx/nested.c pre-6.2.8. The root cause is missing consistency checks for CR0 and CR4 in nVMX on x86_64, which can enable state inconsistency between VMX and guest. Public references indicate this has been addressed by 6.2.8 and via various AL...
CVE-2018-1120
CVE-2018-1120 affects the Linux kernel prior to 4.17. By mmap()ing a FUSE-backed file into a process’s memory that contains command line arguments or environment strings, a local attacker can cause utilities that read /proc//cmdline or /proc//environ (e.g., ps, w) to block indefinitely or for a b...
CVE-2018-19854
CVE-2018-19854 affects the Linux kernel pre-4.19.3. In crypto/crypto_user.c (crypto user configuration API), structures copied to userspace are not fully initialized, potentially leaking memory to user processes. This is a regression from CVE-2013-2547 but with easier exploitability, requiring CO...
CVE-2022-25258
The CVE-2022-25258 issue affects the Linux kernel USB Gadget subsystem, specifically drivers/usb/gadget/composite.c, where interface OS descriptor requests with large indices or NULL function pointer handling were not properly validated, enabling memory corruption. It affects kernels before 5.16....
CVE-2023-1998
CVE-2023-1998 affects the Linux kernel. Root cause: when using legacy IBRS, the IBRS bit is cleared on returning to userspace, disabling implicit STIBP and leaving some spectre-BTI protections ineffective; attackers on a local machine could exploit cross-thread branch target injection despite mit...
CVE-2021-4002
CVE-2021-4002 describes a memory-leak flaw in the Linux kernel hugetlbfs memory usage caused by mappings being created twice (via shmget) for regions aligned to PUD, enabling a local user to access data that should be protected. The connected documents confirm this vulnerability across multiple L...
CVE-2020-13974
CVE-2020-13974 affects the Linux kernel in drivers/tty/vt/keyboard.c, caused by a signed integer overflow in k_ascii when invoked repeatedly. Connected docs confirm impacted products include Linux kernel 4.4–5.7.1 and note potential local code execution risk (IBM bulletin and MSRC description) th...
CVE-2018-10853
CVE-2018-10853: A security flaw in the Linux kernel KVM hypervisor (pre-4.18) where emulation of certain unprivileged instructions (sgdt, sidt, fxsave, fxrstor) did not check CPL, potentially allowing an unprivileged guest process to escalate privileges inside the guest. The CVE is linked to comm...
CVE-2023-3863
CVE-2023-3863 is a use-after-free vulnerability in the Linux kernel’s NFC stack (nfc_llcp_find_local in net/nfc/llcp_core.c). A local privileged user could trigger memory misuse leading to kernel information leak (impact on confidentiality; I=H, A=H in some advisories) and potential escalation. P...
CVE-2021-20317
The connected documents confirm CVE-2021-20317 as a Linux kernel timerqueue race condition: a corrupted timer tree in timerqueue_add can cause wakeups to be missed, enabling a local attacker with special privileges to cause a denial of service (system hang/crash) while the system runs. No explici...
CVE-2017-1000410
Summary of CVE-2017-1000410 (Linux kernel info leak) : The vulnerability affects Linux kernel 3.3-rc1 and later in how L2CAP ConfigRequest/ConfigResponse are parsed. A stack variable (struct l2cap_conf_efs efs) is declared uninitialized and, depending on parsing flow and input, can be leaked back...
CVE-2019-20812
CVE-2019-20812 affects the Linux kernel prior to 5.4.7. The issue is in the function prb_calc_retire_blk_tmo() in net/packet/af_packet.c , which can cause a denial of service (high CPU usage and soft lockup) in a failure case when using TPACKET_V3 . Impact is localized (local access required) and...
CVE-2020-25672
The CVE-2020-25672 entry refers to a memory-leak vulnerability in the Linux kernel NFC LLCP path (llcp_sock_connect). The issue is described as a memory leak in the NFC LLCP implementation, which can lead to resource exhaustion and denial of service when non-blocking socket operations trigger the...
CVE-2022-0168
CVE-2022-0168 is a Linux kernel local DoS in smb2_ioctl_query_info in fs/cifs/smb2ops.c caused by an incorrect return from memdup_user, allowing a privileged (CAP_SYS_ADMIN) local attacker to crash the system. Public details in connected sources reaffirm the same kernel-level flaw affecting CIFS ...
CVE-2019-19065
CVE-2019-19065 corresponds to a memory leak in the Linux kernel’s sdma_init() (drivers/infiniband/hw/hfi1/sdma.c). The condition is triggered by rhashtable_init() failures during sdma_init(), leading to memory consumption and potential DoS. The root cause is that the call path invokes sdma_init()...
CVE-2021-3483
CVE-2021-3483 refers to a vulnerability in the Linux kernel Nosy driver where a device can be inserted twice into a doubly-linked list, causing a use-after-free when one is removed. This affects versions before 5.12-rc6 and impacts confidentiality, integrity, and availability. The incident is loc...
CVE-2020-11609
CVE-2020-11609 affects the Linux kernel, specifically the stv06xx USB video driver family. The issue arises from mishandling of invalid USB device descriptors in the stv06xx.c and stv06xx_pb0100.c code paths, leading to a NULL pointer dereference. This can allow a locally‑present attacker with ac...
CVE-2021-38199
CVE-2021-38199 concerns the Linux kernel’s NFSv4 client. The vulnerability arises from incorrect connection-setup ordering in fs/nfs/nfs4client.c, which can be triggered by remote NFSv4 servers during trunking detection, potentially causing a denial of service by hanging mounts. Connected advisor...
CVE-2024-26587
The CVE-2024-26587 issue in Linux kernel netdevsim could crash when destroying a netdevsim with VFs instantiated. The root cause was that PHC gets initialised in nsim_init_netdevsim() (only called for PF ports), but mock_phc_destroy() was not placed there, leading to a NULL pointer dereference du...
CVE-2019-15219
This CVE (CVE-2019-15219) affects the Linux kernel prior to 5.1.8. Description confirms a NULL pointer dereference caused by a malicious USB device in drivers/usb/misc/sisusbvga/sisusb.c, enabling local hardware interaction to crash the system. Connected advisories (Unity Linux UTSA-2026-003808 a...
CVE-2022-1015
CVE-2022-1015: A local out-of-bounds write in Linux kernel nf_tables_api.c (netfilter/nf_tables) is reported. Connected Astra/Linux documents confirm the vulnerability and recommend updating to a later kernel version (e.g., via vendor/KMS updates) to mitigate. Exploitation details are not provide...
CVE-2017-7895
CVE-2017-7895 affects the Linux kernel NFSv2/v3 server (fs/nfsd/nfs3xdr.c, fs/nfsd/nfsxdr.c). A remote attacker can craft requests that bypass end-of-buffer checks, triggering pointer-arithmetic errors or other unspecified impacts. Affected kernels include up to 4.10.13; remediation is to upgrade...
CVE-2023-52445
The CVE-2023-52445 vulnerability (Linux kernel, media: pvrusb2) stems from a use-after-free when a context is disconnected during module load; a kthread may call pvr2_context_destroy and free the context before usb hub_event notification. The patch adds a sanity check to prevent the invalid read ...
CVE-2020-25645
Summary: CVE-2020-25645 describes a confidentiality flaw in the Linux kernel’s GENEVE tunnel code when IPsec is used to encrypt traffic for the tunnel’s UDP port. In kernels before 5.9-rc7, traffic between two Geneve endpoints may be left unencrypted, allowing an attacker between the endpoints to...
CVE-2024-53150
The CVE-2024-53150 issue affects the Linux kernel USB-audio (ALSA: usb-audio). The root cause is that the driver does not validate the bLength field of descriptors while traversing clock-related descriptors, allowing a bogus shorter descriptor to cause out-of-bounds reads. The public patch adds s...
CVE-2023-4273
CVE-2023-4273 affects the Linux kernel exFAT driver. The vulnerability arises from how file name reconstruction copies file name data into a stack variable, enabling a local privileged attacker to overflow the kernel stack. Connected advisories confirm real-world impact and list affected kernels;...
CVE-2023-4459
CVE-2023-4459 is rejected/not used; this CVE record does not represent an active vulnerability entry.
CVE-2019-15921
CVE-2019-15921 : In the Linux kernel prior to 5.0.6, a memory leak occurs in genl_register_family() when idr_alloc() fails (net/netlink/genetlink.c). This can lead to resource leakage in affected systems. Root cause is a failure path not freeing partial allocations; impact is limited to memory/re...
CVE-2019-20095
CVE-2019-20095 affects the Linux kernel mwifiex driver (drivers/net/wireless/marvell/mwifiex/cfg80211.c). The description states that certain error-handling paths do not free allocated hostcmd memory, causing a memory leak that can lead to a denial of service. The issue is fixed in kernel version...
CVE-2022-4662
CVE-2022-4662 is a Linux kernel USB core subsystem vulnerability describing improper access control when a user attaches a USB device. A local attacker could trigger a crash by exploiting the flawed USB device handling. The connected IBM bulletin for Spectrum Protect Plus notes a remediation: fix...
CVE-2019-20636
CVE-2019-20636 affects the Linux kernel prior to 5.4.12. The vulnerability is an out-of-bounds write in drivers/input/input.c via a crafted keycode table in input_set_keycode, enabling a local attacker with root privileges to corrupt memory and potentially execute arbitrary code or cause a denial...
CVE-2024-0641
CVE-2024-0641 describes a denial-of-service vulnerability in the Linux kernel’s TIPC subsystem, specifically in tipc_crypto_key_revoke in net/tipc/crypto.c. The flaw allows guests with local user privileges to trigger a deadlock, potentially crashing the system. Connected sources (Astra Linux bul...
CVE-2016-10905
CVE-2016-10905: A use-after-free in Linux kernel fs/gfs2/rgrp.c (pre-4.8) is caused by gfs2_clear_rgrpd and read_rindex_entry. Several Nessus/OpenVAS/SUSE/F5 advisories reference this CVE and map it to vulnerable kernel versions and affected distributions; the public text confirms the flaw but do...
CVE-2020-36310
CVE-2020-36310 affects the Linux kernel prior to 5.8, specifically arch/x86/kvm/svm/svm.c, where set_memory_region_test can infinite-loop on certain nested page faults (CID-e72436bc3a52). The connected Nessus/OSS documents confirm this exact issue in Unity Linux kernels and Debian/openSUSE adviso...
CVE-2023-2985
CVE-2023-2985 describes a use-after-free in hfsplus_put_super (fs/hfsplus/super.c) of the Linux kernel, enabling a local attacker to cause a denial of service. Connected documents confirm the flaw and its local impact, but do not provide a vendor-specific fix or patch details. No additional explo...
CVE-2019-19534
Summary: CVE-2019-19534 affects the Linux kernel before 5.3.11, enabling a local info-leak via the Peak USB CAN driver (drivers/net/can/usb/peak_usb/pcan_usb_core.c) when a malicious USB device is connected. The root cause is missing initialization of certain structures in the peak_usb CAN driver...
CVE-2019-20908
CVE-2019-20908 affects the Linux kernel up to 5.3: in drivers/firmware/efi/efi.c, efivar_ssdt ACPI variable permissions can be too permissive, enabling local attackers to bypass lockdown or secure boot restrictions. Affected: Linux kernels prior to 5.4 (as referenced by Unity Linux and MiracleLin...