9 matches found
CVE-2025-37797
CVE-2025-37797 affects the Linux kernel HFSC qdisc. A Use-After-Free can occur in hfsc_change_class() when handling certain child qdiscs (e.g., netem, codel) due to a time-of-check/time-of-use race: hfsc_change_class() may add a class to vttree after qdisc_peek_len() potentially clears the queue....
CVE-2025-38103
CVE-2025-38103 relates to the Linux kernel HID path (usbhid). The issue, described in connected sources, is an out-of-bounds bug in usbhid_parse() that could arise from HID descriptor handling. The fix updates the HID descriptor struct to align with USB HID 1.11 (reflecting mandatory vs. optional...
CVE-2022-50077
The CVE-2022-50077 entry concerns the Linux kernel AppArmor path aa_pivotroot, where a reference-count bug leaks a previously incremented “target” when aa_replace_current_label() returns success. The fix is to decrement the refcount of target in that code path (build_pivotroot() increased it earl...
CVE-2026-46174
In CVE-2026-46174, the Linux kernel vulnerability affects x86/CPU/AMD Zen2 by allowing improper isolation of shared resources in the Zen2 op cache, potentially leading to instruction corruption. The issue has been resolved in the Linux kernel, with Debian and Root packaging advisories noting fixe...
CVE-2026-43077
CVE-2026-43077 concerns the Linux kernel crypto/algif_aead path. The vuln arises from a miscalculation of the minimum receive buffer size during decryption because the tag size was not considered in the size check. The fix adds the required extra length to account for the authentication tag, prev...
CVE-2025-71083
CVE-2025-71083 affects the Linux kernel’s graphics subsystem (drm/ttm). A evicted BOs object can exist not currently tied to a resource; when devcoredump attempts to read all BOs, the code may dereference a NULL pointer. The result is an ENODATA outcome instead of buffer contents. The CVE is addr...
CVE-2026-43078
The CVE-2026-43078 entry affects the Linux kernel crypto/af_alg component. A root-cause was an overflow in page reassignment within af_alg_pull_tsgl where the update to support page reallocation wasn’t fully reflected in the loop, allowing one extra page to be reassigned. The vulnerability is des...
CVE-2026-31628
CVE-2026-31628 concerns the Linux kernel on Zen1 CPUs, where the x86/CPU FPDSS issue could allow a local attacker to leak partial results from prior operations via the hardware divider. Patches fix the vulnerability by applying a kernel change (the “chicken bit”) to prevent leakage. Connected adv...
CVE-2026-52921
CVE-2026-52921 : In the Linux kernel, netfilter ipset hash:* range iteration could continue past the upper bound when iterating IPv4 ranges, due to a 32-bit iterator not stopping at the end. This allowed traversal state to move past the requested boundary and potentially affect retries. The issue...