6 matches found
CVE-2022-4378
CVE-2022-4378 is a Linux kernel stack overflow flaw in the SYSCTL subsystem triggered by how a user changes certain kernel parameters, allowing a local user to crash the system or potentially escalate privileges. Public advisories (ALSA and CloudLinux entries) confirm the issue affects stack over...
CVE-2024-50280
CVE-2024-50280 : In the Linux kernel, the dm cache feature was fixed to avoid warning in flush_work() when cache creation fails due to destroying an uninitialized delayed_work waker. Root cause: cancel_delayed_work_sync() remained in the error path of cache_create(), risking a WARN_ON in certain ...
CVE-2023-52977
CVE-2023-52977 is a kernel vulnerability in the Linux kernel’s net/openvswitch path where a memory leak occurs in ovs_flow_cmd_new when key allocation fails. The issue is triggered during netlink/genl handling as shown in the provided trace, and the remediation described in the patch is to reorde...
CVE-2025-38226
CVE-2025-38226 targets the Linux kernel, specifically the media/v4l2-tpg path used by vivid. The issue is a KASAN-detected vmalloc-out-of-bounds access in tpg_fill_plane_pattern and tpg_fill_plane_buffer (v4l2-tpg-core.c:2608 and 2705), causing a write of size 1440 to a kernel address during vivi...
CVE-2023-52745
CVE-2023-52745 (LINUX KERNEL) describes a crash in legacy IPoIB caused by an erroneous queue count when creating child PKEY interfaces via netlink. The root cause is a commit that allows multiple TX/RX queues for child interfaces while some devices support only 1 TX and 1 RX queue, leading to a k...
CVE-2026-43232
Summary: CVE-2026-43232 is a Linux kernel vulnerability in the FarSync WAN driver (net: wan: farsync) that causes a use-after-free when detaching a FarSync T-series card. The issue arises from a race between tasklets/work queues and card removal: fst_card_info is freed in fst_remove_one() but fst...