15 matches found
CVE-2014-8133
CVE-2014-8133 affects the Linux kernel TLS implementation (arch/x86/kernel/tls.c) up to version 3.18.1. A local attacker can exploit a crafted application that uses set_thread_area and subsequently reads a 16‑bit value to bypass the espfix protection and, in turn, bypass ASLR. The description con...
CVE-2014-9419
CVE-2014-9419 affects the Linux kernel (arch/x86/kernel/process_64.c) up to version 3.18.1. The issue fails to ensure TLS descriptors are loaded before proceeding with other steps, enabling a local attacker to bypass ASLR by crafting an application that reads a TLS base address. Connected advisor...
CVE-2014-9683
CVE-2014-9683 describes an off-by-one error in the Linux kernel’s eCryptfs path: ecryptfs_decode_from_filename in fs/ecryptfs/crypto.c (pre-3.18.2). A crafted filename can cause a buffer overflow, leading to a denial of service and, potentially, local privilege escalation. The vulnerability is lo...
CVE-2014-9420
CVE-2014-9420 affects the Linux kernel iso9660 isofs rock.c: rock_continue does not bound the number of Rock Ridge continuation entries, allowing a local attacker crafting an ISO image to trigger an infinite loop and cause DoS (system hang/crash) on kernels up to 3.18.1. Public advisories from Ce...
CVE-2014-9731
The CVE-2014-9731 entry concerns the Linux kernel’s UDF filesystem (CONFIG_UDF_FS) for versions before 3.18.2. The vulnerability arises because the UDF symlink path length validation may not accommodate space for storing a symlink target’s name plus a trailing NUL, enabling a local attacker to ob...
CVE-2014-9728
CVE-2014-9728 concerns the Linux kernel UDF filesystem before 3.18.2, where missing validation of certain lengths in fs/udf/inode.c and fs/udf/symlink.c can enable a local attacker to trigger a denial of service via a crafted UDF image, potentially causing a buffer over-read and system crash. The...
CVE-2014-9729
CVE-2014-9729 affects the Linux kernel’s UDF filesystem implementation (fs/udf/inode.c: udf_read_inode). The issue is the function’s failure to ensure data-structure size consistency, enabling a local attacker to crash the system via a crafted UDF image. The vulnerability exists in kernel version...
CVE-2014-9730
CVE-2014-9730 affects the Linux kernel’s UDF support. The function udf_pc_to_char in fs/udf/symlink.c relies on unused component lengths, enabling a local attacker to trigger a denial of service (system crash) by mounting a crafted UDF image. The vulnerability is fixed in kernel 3.18.2 (see Chang...
CVE-2014-4322
CVE-2014-4322 affects the Linux kernel 3.x QSEECOM driver. The qseecom.c ioctl logic does not validate certain offset, length, and base values, enabling a crafted application to escalate privileges or trigger memory corruption. Affected component: drivers/misc/qseecom.c in the QSEECOM driver used...
CVE-2026-23001
CVE-2026-23001 – Linux kernel macvlan UAF fix Multiple connected advisories reference this CVE as a fix in the macvlan subsystem. The vulnerability is described as a use-after-free (UAF) in macvlan_forward_source(), with the fix adding RC (read-copy-update) protection on (struct macvlan_source_en...
CVE-2026-31516
The CVE-2026-31516 relates to the Linux kernel XFRM subsystem. A race occurs during net namespace teardown when a work item (policy_hthresh.work) queued by XFRM_MSG_NEWSPDINFO may run after the netns is freed, allowing xfrm_hash_rebuild() to dereference a freed struct net (potential use-after-fre...
CVE-2026-43281
CVE-2026-43281 affects the Linux kernel mailbox subsystem. The flaw is an out-of-bounds access in fw_mbox_index_xlate() that can occur when #mbox-cells is
CVE-2025-71093
Technical details for CVE-2025-71093 are not provided in the connected documents. The Initial Description mentions an OOB read in e1000_tbi_should_accept() and a fix. Monitor for updates.
CVE-2026-23439
The CVE-2026-23439 entry describes a Linux kernel issue in udp_tunnel where, if CONFIG_IPV6 is disabled, udp_sock_create6() can return success without creating a socket. This leads to a NULL pointer dereference when callers like fou_create() dereference the uninitialized socket pointer, causing a...
CVE-2026-53295
The CVE-2026-53295 entry covers a Linux kernel vulnerability in the mailbox subsystem: a missing sanity check for the mailbox channel array can lead to a dereference and an OOPS if no channel array is attached. The publicly provided connected sources confirm a patch/fix was applied in kernels and...