CVE-2021-38208

The CVE-2021-38208 entry affects the Linux kernel NFC LLCP path: net/nfc/llcp_sock.c before 5.12.10. A local unprivileged user can trigger a denial of service (NULL pointer dereference and BUG) by performing getsockname after a failed bind. This is a local-privilege scenario with a direct impact ...

CVE-2017-15115

CVE-2017-15115: Linux kernel prior to 4.14 allows local users to trigger a denial of service (use-after-free in sctp_do_peeloff in net/sctp/socket.c) via crafted system calls. Impact is system crash; no explicit exploit details provided in the documents beyond this. The IBM bulletin references th...

CVE-2019-16413

CVE-2019-16413 : Affects the Linux kernel prior to 5.0.4 where the 9p filesystem does not properly protect i_size_write(), causing i_size_read() to loop indefinitely and trigger a denial of service on SMP systems. The public evidence ties this to a kernel patch in ChangeLog-5.0.4 and the commit r...

CVE-2019-19338

CVE-2019-19338 describes a flaw in the Linux kernel related to the handling of TAA/MDS interactions in TSX-enabled cascaded environments, affecting guests on Cascade Lake hosts with TSX enabled and a host-side fix for CVE-2019-11135 in kernels prior to 5.5. The Connected documents confirm affecte...

CVE-2020-27815

CVE-2020-27815 is a vulnerability in the Linux kernel JFS filesystem code allowing a local attacker who can set extended attributes to trigger a system panic, memory corruption, or privilege escalation. Publicly documented impact: confidentiality, integrity, and availability may be affected. The ...

CVE-2021-29265

CVE-2021-29265 affects the Linux kernel prior to 5.11.7. The vulnerability is in the usbip_sockfd_store function (drivers/usb/usbip/stub_dev.c) where the stub-up sequence has race conditions during updates of local and shared status, enabling a local attacker to trigger a denial of service (kerne...

CVE-2023-39198

CVE-2023-39198 describes a race condition in the Linux kernel’s QXL driver. The qxl_mode_dumb_create() path dereferences the qxl_gem_object_create_with_handle() result while the handle is the sole reference, enabling a caller to guess the handle value and trigger a use-after-free. This can lead t...

CVE-2018-6927

CVE-2018-6927 concerns the Linux kernel futex_requeue implementation in kernel/futex.c. Multiple connected documents confirm a flaw where triggering a negative wake or requeue value can cause a denial of service via an integer overflow. Affected are kernel versions prior to 4.14.15 (and related u...

CVE-2019-12817

CVE-2019-12817 affects the PowerPC Linux kernel: a bug in arch/powerpc/mm/mmu_context_book3s64.c before 5.1.15 can allow unrelated processes to read/write each other’s memory via an mmap above 512 TB on a subset of PowerPC systems. The issue is limited to those platforms; impact is memory confide...

CVE-2024-43908

The CVE-2024-43908 issue is confirmed in the Linux kernel’s DRM/AMDGPU code: a null pointer dereference in ras_manager that can arise when ras_manager is consulted. The published fix is to check ras_manager before using it, preventing dereference of a null pointer. The connected Nessus advisories...

CVE-2016-10906

CVE-2016-10906 affects the Linux kernel’s arc_emac_main.c (drivers/net/ethernet/arc) with a use-after-free caused by a race between arc_emac_tx and arc_emac_tx_clean. The issue occurs in kernels prior to 4.5, enabling local attackers to exploit the race and potentially compromise kernel memory. T...

CVE-2017-17807

CVE-2017-17807 : Linux kernel KEYS subsystem vulnerability where the request_key() path can bypass access control when adding a key to the current task’s default request-key keyring. An unpatched kernel (pre-4.14.6) could allow a local attacker to craft a sequence of system calls to insert keys i...

CVE-2020-11669

CVE-2020-11669 affects the Linux kernel before 5.2 on the powerpc platform. The issue is in arch/powerpc/kernel/idle_book3s.S where save/restore for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR is missing (CID-53a712bae5dd). This can impact availability (per CVSS 3.1: Availabili...

CVE-2022-4543

CVE-2022-4543, described as EntryBleed, is a Linux kernel vulnerability in the Page Table Isolation (KPTI) path that could allow a local attacker to leak the KASLR base address via prefetch side-channels based on TLB timing on Intel CPUs. The connected sources confirm the issue’s existence and it...

CVE-2017-18551

CVE-2017-18551 : The Linux kernel contains an out-of-bounds write in drivers/i2c/i2c-core-smbus.c, specifically in the function i2c_smbus_xfer_emulated, affecting kernels prior to 4.14.15. The vulnerability can enable local attacker privilege/escalation due to memory corruption. Remediation is to...

CVE-2020-25668

CVE-2020-25668 is a Linux kernel vulnerability in the TTY subsystem (con_font_op) caused by unsynchronized access to fg_console, leading to a use-after-free. According to Debian, this can cause a crash or memory corruption and may enable privilege escalation; CloudLinux notes a fix was applied in...

CVE-2022-45869

CVE-2022-45869 is a Linux kernel issue describing a race condition in the x86 KVM subsystem that can be triggered when nested virtualization and the TDP MMU are enabled. The vulnerability affects the Linux kernel up to version 6.1-rc6 as described in the Astra Linux security bulletin, which mirro...

CVE-2024-43909

Technical details about CVE-2024-43909 (AMDGPU SMU7 null pointer dereference) are not provided in the connected documents. The initial description notes a fix but lacks vendor/product/version specifics or remediation steps beyond general description. Monitor for updates.

CVE-2023-52429

CVE-2023-52429 affects the Linux kernel driver path drivers/md/dm-table.c. The issue arises in dm_table_create’s alloc_targets path where, due to a missing check for struct dm_ioctl.target_count, it can allocate more than INT_MAX bytes and crash. Public sources in connected Nessus plugins confirm...

CVE-2018-7191

CVE-2018-7191 affects the Linux kernel tun subsystem prior to 4.13.14. Root cause: dev_get_valid_name is not called before register_netdevice, enabling a local user to trigger a NULL pointer dereference via ioctl(TUNSETIFF) with a device name containing a “/” character, potentially causing a deni...

CVE-2019-15212

CVE-2019-15212 describes a vulnerability in the Linux kernel prior to 5.1.8 where a malicious USB device can trigger a double-free in drivers/usb/misc/rio500.c. This is a local/physical-access issue with potential impact to availability as per CVSS metrics shown. The connected Unity Nessus adviso...

CVE-2022-3524

CVE-2022-3524 affects the Linux kernel IPv6 Handler’s ipv6_renew_options, causing a memory leak. The vulnerability can be triggered remotely per some sources; a patch is available and applies to mitigate the issue. Review the Linux kernel patches referenced in the CVE details and apply the approp...

CVE-2022-3594

CVE-2022-3594 is a Linux kernel vulnerability in the BPF component: the intr_callback in drivers/net/usb/r8152.c can cause logging of excessive data. It is exploitable remotely as described; a patch/update is recommended. Connected advisories (Astra Linux, Amazon Linux livepatch) mirror these det...

CVE-2022-39188

CVE-2022-39188 describes a race in include/asm-generic/tlb.h in the Linux kernel up to version 5.18/5.19 where unmap_mapping_range races with munmap for VM_PFNMAP VMAs can free a page still holding stale TLB entries. This can cause a page to be freed while TLBs still cache old mappings, potential...

CVE-2017-18509

CVE-2017-18509 targets the Linux kernel (net/ipv6/ip6mr.c). By sending a specific socket option, an attacker can manipulate a kernel pointer in ip6_mroute_* and trigger an inet_csk_listen_stop general protection fault, potentially enabling arbitrary code execution with root privileges. Impact can...

CVE-2021-3506

CVE-2021-3506 : An out-of-bounds memory access in fs/f2fs/node.c of the Linux kernel (f2fs module) allows a local attacker to read/write out-of-bounds memory, leading to a system crash or leakage of kernel information. Affected are kernel versions before 5.12.0-rc4. The description notes the high...

CVE-2023-52814

CVE-2023-52814 : Linux kernel has fixed a potential NULL pointer dereference in the AMDGPU driver. The function amdgpu_ras_get_context may return NULL if the device does not support ras, and the code now checks for NULL before dereferencing. This (local) vulnerability could crash the kernel if NU...

CVE-2017-18344

CVE-2017-18344 affects the Linux kernel before 4.14.8. The timer_create syscall in kernel/time/posix-timers.c fails to validate sigevent->sigev_notify, causing out-of-bounds access in show_timer when /proc/$PID/timers is read and enabling a local user to read arbitrary kernel memory on builds ...

CVE-2019-15919

CVE-2019-15919 affects the Linux kernel before 5.0.10. The vulnerability is in SMB2_write (fs/cifs/smb2pdu.c) due to a use-after-free in the SMB2 write path, with partial confidentiality impact (I: partial) and no explicit exploitation details provided. Remediation: upgrade to kernel 5.0.10 or la...

CVE-2022-39842

CVE-2022-39842 affects the Linux kernel up to version 5.19, specifically in drivers/video/fbdev/pxa3xx-gcu.c (pxa3xx_gcu_write). The count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check; this value is then passed as the third argument ...

CVE-2023-7192

CVE-2023-7192 : Linux Kernel contains a memory-leak/denial-of-service issue in ctnetlink_create_conntrack() within net/netfilter/nf_conntrack_netlink.c. A local attacker with CAP_NET_ADMIN can trigger a refcount overflow to cause DoS. The initial documents confirm the vulnerability and its local-...

CVE-2022-0850

CVE-2022-0850 affects the Linux kernel’s ext4 filesystem by an information leak via the ext4_extent_header to userspace. The connected sources corroborate a kernel information leak (information disclosure) in ext4_extent_header and note fixes in various distributions:CloudLinux/CSLAs reference “e...

CVE-2019-15920

CVE-2019-15920 affects the Linux kernel prior to 5.0.10, with a use-after-free in SMB2_read (fs/cifs/smb2pdu.c). The issue was not fixed in 5.0.10; the 5.0.11 ChangeLog documents a memory leak related to this area. Connected advisories (Unity Linux Nessus plugins) reference the same root cause an...

CVE-2021-33656

CVE-2021-33656 affects the Linux kernel: setting a font with malicious data via the PIO_FONT ioctl can cause a memory out-of-bounds write. Affected: kernel font handling path; root cause: out-of-bounds write in ioctl processing. Impact: local code execution is not explicitly stated; exploitation ...

CVE-2021-42252

The CVE-2021-42252 issue affects the Linux kernel up to version 5.14.5 in aspeed_lpc_ctrl_mmap (drivers/soc/aspeed/aspeed-lpc-ctrl.c). A memory overwrite can occur via the Aspeed LPC control interface when a comparison uses non-memory-size values, enabling a local attacker to potentially escalate...

CVE-2024-53050

The CVE-2024-53050 issue affects the Linux kernel’s DRM/i915 HDCP path. The vulnerability arises from a missing encoder check in hdcp2_get_capability, and a fix was applied to Add encoder check in intel_hdcp2_get_capability to prevent a null pointer dereference. The description indicates the prob...

CVE-2023-2124

CVE-2023-2124 is an out-of-bounds memory access flaw in the Linux kernel XFS image restore path after failure with a dirty log journal. It can crash a local user or potentially escalate privileges when mounting/correcting a corrupted XFS disk image. Public advisories (e.g., Debian DSA-5448-1 and ...

CVE-2018-18021

CVE-2018-18021 affects arch/arm64/kvm/guest.c in the Linux kernel before 4.18.12. The KVM_SET_ON_REG ioctl is mishandled, allowing a local attacker who can create VMs to arbitrarily redirect the hypervisor flow of control (full register control) and potentially cause a hypervisor panic via an ill...

CVE-2019-19081

CVE-2019-19081 is a memory-leak/DoS vulnerability in the Linux kernel at drivers/net/ethernet/netronome/nfp/flower/main.c: nfp_flower_spawn_vnic_reprs() leaks memory, enabling denial of service via memory consumption. Affected: Linux kernel versions prior to 5.3.4. Reportedly remediated by Linux ...

CVE-2020-12657

CVE-2020-12657 affects the Linux kernel before 5.6.5 due to a use-after-free in bfq_idle_slice_timer_body within bfq-iosched.c. The connected advisories (Unity Linux UTSA-2026-00x, Red Hat RHSA/CESA entries, CentOS plugin references) confirm kernel versions impacted and reference the 5.6.5 patch/...

CVE-2021-20194

CVE-2021-20194 affects Linux kernels 5.2+ when compiled with CONFIG_BPF_SYSCALL=y, CONFIG_BPF=y, CONFIG_CGROUPS=y, CONFIG_CGROUP_BPF=y, and without hardened_usercopy; a BPF execution bug in __cgroup_bpf_run_filter_getsockopt() can cause a heap overflow. Local attackers can potentially cause DoS o...

CVE-2023-1382

The CVE-2023-1382 issue is a data race in the Linux kernel TIPC path where con is allocated before con->sock is set, causing a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c. This is a local vulnerability with MEDIUM severity (CVSS 4.7). The connected document...

CVE-2023-39189

CVE-2023-39189 is documented in connected sources as affecting the Linux kernel Netfilter component, specifically the nftables path nf_osf_match_one(), which can trigger an out-of-bounds read leading to a crash or information disclosure. The vulnerability is reported across multiple advisories (e...

CVE-2021-4149

CVE-2021-4149: Local privilege escalation via Linux kernel btrfs deadlock. Affects btrfs_alloc_tree_b in fs/btrfs/extent-tree.c where an improper lock operation can deadlock, enabling a local user to cause a denial-of-service. Debian LTS advisory DLA-3065-1 lists CVE-2021-4149 and notes the patch...

CVE-2022-3114

CVE-2022-3114 affects the Linux kernel up to 5.16-rc6. The issue is in imx_register_uart_clocks (drivers/clk/imx/clk.c): it does not check the return value of kcalloc(), which can lead to a null pointer dereference and a potential crash. This is a local issue with low to moderate complexity and a...

CVE-2018-10881

CVE-2018-10881 is an ext4-related Linux kernel vulnerability: out-of-bounds access in ext4_get_group_info when mounting/operating on a crafted ext4 image, leading to denial of service or system crash. Connected sources (e.g., USN-3752-2) confirm this CVE is among kernel/ext4 issues addressed; rem...

CVE-2023-52821

CVE-2023-52821 affects the Linux kernel’s DRM panel code. In versatile_panel_get_modes(), the return value of drm_mode_duplicate() can be NULL on failure and is not checked, causing a NULL pointer dereference. The fix adds a check to prevent NP dereference. The vulnerability is local and may cras...

CVE-2019-19530

CVE-2019-19530 affects the Linux kernel prior to 5.2.10, with a use-after-free in the USB CDC-ACM driver (drivers/usb/class/cdc-acm.c) triggered by a malicious USB device. The issue could lead to a denial of service through memory corruption if exploited locally via USB hardware interfaces; CVSS ...

CVE-2019-15211

CVE-2019-15211 : Linux kernel before 5.2.6 contains a use-after-free in drivers/media/v4l2-core/v4l2-dev.c triggered by a malicious USB device; the issue is tied to memory allocation in drivers/media/radio/radio-raremono.c. Evidence from multiple Nessus/SUSE/OpenOpen advisories confirms the descr...

CVE-2020-15437

CVE-2020-15437 affects the Linux kernel up to version 5.7.x, where a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() can be triggered by an uninitialized p->serial_in, enabling local denial of service. Affected component: kernel serial driver (8250) ...