2330 matches found
CVE-2021-3743
CVE-2021-3743 is an out-of-bounds memory read flaw in the Linux kernel’s Qualcomm IPC router protocol. The issue arises from a missing sanity check, allowing a local attacker to read out-of-bounds kernel memory, potentially causing system crashes or information leakage. Documents consistently des...
CVE-2024-42229
CVE-2024-42229 concerns a Linux kernel cryptography hardening issue in the AEAD/cipher path. The description states that after cryptographic operations, the key buffer must be zeroized, in line with I.G 9.7.B for FIPS 140-3 guidance. The fix involves zeroizing buffers that previously held private...
CVE-2022-43945
CVE-2022-43945 affects the Linux kernel NFSD: in versions prior to 5.19.17 and 6.0.2, an RPC message over TCP can cause the send buffer to be oversized, leading NFSD to write beyond allocated space and crash (DoS). The issue is caused by combining receive and send buffers into a single page array...
CVE-2023-52817
CVE-2023-52817: Linux kernel DRM/AMDGPU fix for a NULL pointer dereference when the smc_rreg pointer is NULL while reading amdgpu_regs_smc (VEGA20). The patch adds a NULL check to amdgpu_debugfs_regs_smc_read path, preventing a kernel NULL pointer dereference when users read /sys/kernel/debug/dri...
CVE-2020-12768
CVE-2020-12768 affects the Linux kernel before 5.6, specifically svm_cpu_uninit in arch/x86/kvm/svm.c. The issue is a memory leak that occurs at boot time; third parties dispute its severity, noting the leak is one-time and its size is negligible and not triggerable at will. Public sources in con...
CVE-2018-10940
CVE-2018-10940 affects the Linux kernel, where cdrom_ioctl_media_changed in drivers/cdrom/cdrom.c allows a local attacker to read kernel memory due to an incorrect bounds check in the CDROM_MEDIA_CHANGED ioctl. The vulnerability exists in versions before the 4.16.6 patch, which was released in th...
CVE-2019-19537
CVE-2019-19537 is a race condition in the Linux kernel USB stack (drivers/usb/core/file.c and related USB character device layer) triggered by a malicious USB device. The vulnerability could allow a local attacker to cause a denial of service by making the kernel stop responding. Public reference...
CVE-2023-1095
CVE-2023-1095 refers to a Linux kernel issue in the nf_tables_updtable path. When nf_tables_table_enable returns an error, nft_trans_destroy frees the transaction object by calling list_del(), but the transaction was never placed on a list (the list head is zeroed), resulting in a NULL pointer de...
CVE-2014-2523
CVE-2014-2523 applies to the Linux kernel code path net/netfilter/nf_conntrack_proto_dccp.c up to version 3.13.6. The vulnerability arises from incorrect handling of a DCCP header pointer, which could allow remote attackers to cause a system crash ( denial of service ) or potentially execute arbi...
CVE-2022-24958
CVE-2022-24958 relates to the Linux kernel USB gadget subsystem, specifically drivers/usb/gadget/legacy/inode.c up to version 5.16.8, where dev->buf release is mishandled. The consequence is a use‑after‑free condition in the USB gadget legacy path, which can lead to a local denial of service a...
CVE-2020-36312
CVE-2020-36312 affects the Linux kernel up to version 5.8.9, where in virt/kvm/kvm_main.c a kmalloc failure can trigger a memory leak in kvm_io_bus_unregister_dev. The connected Nessus advisories confirm the issue as a kernel-level leak and reference the fixed patch in 5.8.10 (ChangeLog-5.8.10; c...
CVE-2019-19966
CVE-2019-19966 affects the Linux kernel prior to 5.1.6, where a use-after-free in cpia2_exit() (drivers/media/usb/cpia2/cpia2_v4l.c) can lead to denial of service. Connected advisories (Unity Linux UTSA-2026-004036 and related Nessus plugins) reference the same issue and note a fix in kernel 5.1....
CVE-2017-10661
CVE-2017-10661 is a race condition in Linux kernel timerfd (fs/timerfd.c) that affects versions before 4.10.15. The flaw arises from improper protection of the might_cancel queue during concurrent timerfd operations, enabling local attackers to cause a denial of service or gain privileges via lis...
CVE-2019-15807
CVE-2019-15807 : In the Linux kernel prior to 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails, which can cause a BUG and result in a denial of service. The issue is addressed in kernel 5.1.13 as indicated by ChangeLog-5.1.13. Affected product...
CVE-2019-16994
CVE-2019-16994 affects the Linux kernel prior to 5.0, where a memory leak in sit_init_net() (net/ipv6/sit.c) may occur if register_netdev() fails to register sitn->fb_tunnel_dev, potentially enabling denial of service. Connected advisories (e.g., Unity/UTSA) corroborate the kernel version rang...
CVE-2018-1130
CVE-2018-1130 is a Linux kernel vulnerability: a NULL pointer dereference in dccp_write_xmit() of net/dccp/output.c that can crash the system via crafted system calls, allowing local DoS. The Initial Description notes Linux kernel before 4.16-rc7 as vulnerable; connected advisories (Debian, CentO...
CVE-2019-20810
CVE-2019-20810 affects the Linux kernel’s go7007 driver: go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c fails to call snd_card_free on a failure path, causing a memory leak (CID-9453264ef586). Public docs specify this vulnerability exists in kernels before 5.6. The described remediation...
CVE-2018-10879
CVE-2018-10879 is a Linux kernel ext4 use-after-free vulnerability in ext4_xattr_set_entry. A local attacker can trigger a denial of service or other unspecified impact by renaming a file within a crafted ext4 image. The Connected documents corroborate the issue and list multiple advisories, but ...
CVE-2018-10883
The CVE-2018-10883 issue affects the Linux kernel ext4 implementation. A local attacker can cause an out-of-bounds write in jbd2_journal_dirty_metadata() by mounting and operating on a crafted ext4 filesystem image, leading to denial of service and potential system crash. Public sources (USN-3871...
CVE-2023-6270
CVE-2023-6270 affects the Linux kernel AoE (ATA over Ethernet) driver. The flaw is in aoecmd_cfg_pkts(), which improperly updates the refcount of thestruct net_device, allowing a use-after-free when freeing the device and accessing it via the skbtxq queue. This can lead to a denial of service or ...
CVE-2018-15594
CVE-2018-15594 affects the Linux kernel arch/x86/paravirt.c, where mishandling of certain indirect calls weakens Spectre-v2 mitigations for paravirtual guests. The issue is addressed in kernel updates up to 4.18.1 (ChangeLog-4.18.1, commit 5800dc5c…). In practice, vulnerable systems running affec...
CVE-2018-10675
The CVE-2018-10675 issue affects the Linux kernel prior to 4.12.9, where the do_get_mempolicy function in mm/mempolicy.c allows a local attacker to trigger a use-after-free, leading to denial of service and potentially other impact. Affected versions include kernels compiled into Linux-based prod...
CVE-2019-15218
CVE-2019-15218: Linux kernel before 5.1.8 contains a NULL pointer dereference in drivers/media/usb/siano/smsusb.c triggered by a malicious USB device. Affected is the Linux kernel version range up to 5.1.7; exploitation could lead to a crash or denial of service on affected systems. Remediation i...
CVE-2019-15924
CVE-2019-15924 : The issue is in the Linux kernel before 5.0.11, where fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c can dereference NULL when an alloc_workqueue failure occurs due to missing -ENOMEM handling. This can lead to a crash or potential denial of service on affecte...
CVE-2020-12652
CVE-2020-12652 concerns the Linux kernel. The issue is in the function "__mptctl_ioctl" in drivers/message/fusion/mptctl.c, where an operation may hold an incorrect lock during an ioctl, enabling a local race condition (double fetch). The vulnerability affects Linux kernels prior to 5.4.14. Explo...
CVE-2021-45486
CVE-2021-45486 affects the Linux kernel IPv4 stack, specifically net/ipv4/route.c, where a very small hash table enables information leakage. The vulnerability arises from the hash table size and is documented to be addressed in Linux kernel 5.12.4 (ChangeLog-5.12.4). Public-connected materials (...
CVE-2022-0480
CVE-2022-0480 is a Linux kernel vulnerability in filelock_init (fs/locks.c) where memory exhaustion can occur because memcg does not limit the number of POSIX file locks. Connected documents confirm the issue across multiple Linux distributions (Astra Linux, AlmaLinux, IBM Power PowerVM advisory)...
CVE-2019-15216
CVE-2019-15216 affects the Linux kernel prior to 5.0.14, with a NULL pointer dereference triggered by a malicious USB device in drivers/usb/misc/yurex.c. Exploitation could cause a denial of service; impact is indicated as HIGH for availability. A fix is available in kernel 5.0.14 and later. Reme...
CVE-2023-0590
CVE-2023-0590: A use-after-free in qdisc_graft (net/sched/sch_api.c) due to a race condition in the Linux kernel can lead to denial of service. The issue is noted in multiple public bulletins (e.g., Astra Linux and IBM QRadar) referencing the same kernel component, with remediation via patch ebda...
CVE-2024-53051
CVE-2024-53051 is addressed in the Linux kernel's DRM/I915 driver: a change to intel_hdcp_get_capability adds an encoder check to avoid a NULL pointer dereference when an encoder isn’t initialized during hotplug or suspend/resume. This is the stated fix in connected documentation (drm/i915/hdcp: ...
CVE-2020-36386
The CVE-2020-36386 vulnerability affects the Linux kernel prior to 5.8.1 and is located in net/bluetooth/hci_event.c (hci_extended_inquiry_result_evt). A slab-out-of-bounds read in this function could disclose information or contribute to a DoS condition. Exploitation requires local access (AV:L,...
CVE-2019-19524
CVE-2019-19524 affects the Linux kernel (before 5.3.12) with a use-after-free in drivers/input/ff-memless.c caused by a malicious USB device, leading to kernel panics. upstream patch available (e.g., ChangeLog-5.3.12) and vendor advisories reference mitigations and fixes. The connected documents ...
CVE-2019-19074
The CVE-2019-19074 entry describes a memory leak in the ath9k_wmi_cmd() function (drivers/net/wireless/ath/ath9k/wmi.c) of the Linux kernel up to version 5.3.11, which can be exploited to cause a denial of service via memory consumption. Root cause is a leak within ath9k_wmi_cmd() that enables me...
CVE-2018-20854
CVE-2018-20854 affects the Linux kernel up to version 4.20, where an off-by-one error in drivers/phy/mscc/phy-ocelot-serdes.c can cause a ctrl->phys out-of-bounds read. The issue is rooted in a boundary condition in that SerDes driver, leading to potential information disclosure or instability...
CVE-2022-2153
CVE-2022-2153 is a vulnerability in the Linux kernel’s KVM related to setting a SynIC IRQ. The issue allows a misbehaving VMM to write to SYNIC/STIMER MSRs, which can cause a NULL pointer dereference and a kernel oops, enabling an unprivileged local attacker on the host to trigger a denial of ser...
CVE-2021-3744
CVE-2021-3744 is a memory-leak DoS in the Linux kernel: the flaw occurs in the ccp_run_aes_gcm_cmd() function (drivers/crypto/ccp/ccp-ops.c), allowing memory consumption-based denial of service. Connected advisories (Astra Linux and Amazon Linux 2 kernel updates) confirm the same root cause and n...
CVE-2022-3108
CVE-2022-3108 is a Linux kernel vulnerability affecting kernels up to 5.16-rc6 where kfd_parse_subtype_iolink (drivers/gpu/drm/amd/amdkfd/kfd_crat.c) does not check the return value of kmemdup(). The issue is a missing return-value check in memory copy logic, which could enable memory corruption ...
CVE-2021-38198
CVE-2021-38198 affects the Linux kernel’s KVM implementation for x86. The vulnerability resides in arch/x86/kvm/mmu/paging_tmpl.h where shadow page access permissions are computed incorrectly, leading to a missing guest protection page fault. This can undermine guest isolation and may enable inst...
CVE-2021-38205
CVE-2021-38205 affects the xilinx_emaclite driver in the Linux kernel. The vulnerability arises because the driver prints a real IOMEM/kernel pointer, which can aid attackers in bypassing ASLR and facilitate information disclosure. Affected state is Linux kernels before 5.13.3; remediation is to ...
CVE-2021-20321
CVE-2021-20321 is a race-condition vulnerability in the Linux kernel OverlayFS subsystem affecting how file renames are performed, potentially allowing a local attacker to crash the system via OverlayFS misuse. Connected advisories corroborate that the issue resides in OverlayFS file object handl...
CVE-2021-28972
CVE-2021-28972 affects the Linux kernel RPA PCI Hotplug driver (drivers/pci/hotplug/rpadlpar_sysfs.c) up to version 5.11.8. It is a user‑tolerable buffer overflow caused by improper handling of drc_name termination in add_slot_store/remove_slot_store, allowing userspace to write into the kernel s...
CVE-2022-41858
The CVE-2022-41858 entry concerns a NULL pointer dereference in the Linux kernel slip driver path, specifically detaching in sl_tx_timeout (drivers/net/slip/slip.c). The connected Astra Linux bulletin reiterates the same description for the Linux kernel 5.x variant, confirming the vulnerability i...
CVE-2021-3753
CVE-2021-3753 describes a race in the Linux kernel’s vt_k_ioctl() (vt_ioctl.c) that may cause an out-of-bounds read in vt as vc_mode write access is not protected by a lock. Impact is listed as data confidentiality; exploitation details are not provided in the supplied documents. Connected source...
CVE-2018-10878
CVE-2018-10878 is confirmed in the Linux kernel ext4 filesystem. The connected Nessus advisories reference a local attacker mounting a crafted ext4 image to trigger an out-of-bounds write, leading to denial of service and potential other impacts. Unity Linux UTSA advisories (e.g., UTSA-2026-00113...
CVE-2018-10880
CVE-2018-10880 is a Linux kernel/ext4 vulnerability: a stack-out-of-bounds write in ext4_update_inline_data() when mounting or writing to a crafted ext4 image, leading to a potential system crash and DoS. The issue originates from insufficient bounds checking in ext4’s handling of inline data dur...
CVE-2022-24448
CVE-2022-24448 affects the Linux kernel’s NFS path: in fs/nfs/dir.c, if an application opens a regular file with O_DIRECTORY set, nfs_atomic_open() does a regular lookup and returns uninitialized data in the file descriptor when a regular file is found instead of ENOTDIR. This issue is documented...
CVE-2023-52340
The CVE concerns the Linux kernel IPv6 implementation (net/ipv6/route.c) where a max_size threshold can be exhausted, enabling a denial-of-service condition (network is unreachable) when IPv6 packets loop via a raw socket. Affected: Linux kernel versions prior to 6.3. Impact is denial of service ...
CVE-2023-52443
CVE-2023-52443 affects the Linux kernel AppArmor parser. A packed profile containing a name like ":samba-dcerpcd" can be treated as only a namespace, causing tmpname to be NULL while tmpns remains non-NULL, which leads to a NULL dereference in aa_alloc_profile during unpack_profile/a a_unpack pat...
CVE-2024-43907
CVE-2024-43907 relates to Linux kernel: in the DRM AMDGPU driver, a null pointer could be dereferenced in drm/amdgpu/pm during apply_state_adjust_rules. The fix adds a pointer check to avoid dereferencing NULL, addressing a potential crash. The initial description shows a concrete fix for null de...
CVE-2019-19922
CVE-2019-19922 affects the Linux kernel sched subsystem (kernel/sched/fair.c) and is triggered when cpu.cfs_quota_us is in use (e.g., with Kubernetes). The issue allows a local attacker to cause a denial of service for non–CPU-bound applications by generating work that triggers slice expiration, ...