3 matches found
CVE-2025-21792
CVE-2025-21792 affects the AX25 path in the Linux kernel. When binding an AX25 device to a socket, either via ax25_bind() or the SO_BINDTODEVICE option, the kernel may leak refcounts due to missing increments for the bound device’s refcount, leading to memory leaks in ax25_release(). The fixIncre...
CVE-2024-36009
CVE-2024-36009: Linux kernel ax25 netdev refcount issue in ax25_bind() caused by mismatch of dev_tracker ownership between ax25_dev and ax25_cb. The mitigation updates the ax25_dev->dev_tracker to the dev_tracker of ax25_cb to ensure proper lifecycle management during detach, preventing a refe...
CVE-2022-50163
CVE-2022-50163 concerns a Linux kernel fix for ax25: fix incorrect dev_tracker usage. The root cause was that an ax25_dev could be used by one or more ax25_cb structures, requiring separate dev_tracker per ax25_cb. The patch introduces per-structure tracking to prevent reference tracker mismanage...