4 matches found
CVE-2022-49872
The CVE-2022-49872 issue affects the Linux kernel’s net: gso path. A GRO packet can have its gso_size changed and the existing assumption that checking the first list_skb member is sufficient is violated when skbs on the frag_list have differing head_frag heads. This can trigger a BUG_ON in skb_s...
CVE-2023-52781
CVE-2023-52781 concerns the Linux kernel USB config BOS descriptor handling. In usb_get_bos_descriptor(), an iteration issue occurs when skipping USB_DT_DEVICE_CAPABILITY, causing the same descriptor to be read repeatedly. The fix introduces a goto to advance the pointer and bytes read so the fun...
CVE-2025-39961
Summary. CVE-2025-39961 covers a race in the AMD IOMMU pgtable path where unmap may read pgtable->[root/mode] without a lock while the driver increases address space. This can lead to reading a mismatched page-table level, causing iommu_unmap to fail and upper layers to log WARN_ON. The fix, i...
CVE-2022-50365
CVE-2022-50365 pertains to the Linux kernel's skb tail handling during pull operations. The issue can arise when a program uses helpers like BPF_FUNC_skb_pull_data to read content beyond the skb headlen if all fragments are linear, potentially triggering a kernel BUG in net/core/skbuff.c:4219. Th...