8 matches found
CVE-2021-46940
CVE-2021-46940 is a Linux kernel vulnerability in the perf/turbostat timer path. The bug stems from index conversion in tools/power turbostat where idx_to_offset() returns a 32-bit int while MSR_PKG_ENERGY_STAT is a 32-bit unsigned value, causing negative interpretation and triggering a guard in ...
CVE-2021-46948
CVE-2021-46948 relates to the Linux kernel: the sfc: farch patch fixes TX queue lookup in TX event handling. The issue occurred because TXQ label was used as the basis for queue lookup, which could cause efx_channel_get_tx_queue() to return NULL and trigger panics. The vulnerability has been reso...
CVE-2021-46949
CVE-2021-46949 concerns the Linux kernel sfc (Solarflare) network driver path: farch TX queue lookup during TX flush done handling. The root cause is starting TXQ processing from a TXQ instance number (qid) rather than a TXQ type, which could cause efx_get_tx_queue() to return NULL and trigger pa...
CVE-2022-4378
CVE-2022-4378 is a Linux kernel stack overflow flaw in the SYSCTL subsystem triggered by how a user changes certain kernel parameters, allowing a local user to crash the system or potentially escalate privileges. Public advisories (ALSA and CloudLinux entries) confirm the issue affects stack over...
CVE-2023-0459
CVE-2023-0459: Linux kernel on 64-bit systems is affected by a local elevation of information disclosure due to Copy_from_user bypassing __uaccess_begin_nospec, bypassing access_ok and allowing a user to pass a kernel pointer to copy_from_user. Root cause is the __uaccess_begin_nospec handling. I...
CVE-2021-28038
CVE-2021-28038 is a Linux kernel issue (through 5.11.3 with Xen PV) where the netback driver mishandles grant mapping errors, leaving memory allocation/error conditions untreated. In a Xen PV setup, a misbehaving networking frontend driver can trigger a host OS denial of service (Dom0 crash) from...
CVE-2024-46725
CVE-2024-46725 refers to a Linux kernel vulnerability where the drm/amdgpu path could trigger an out-of-bounds write warning. The connected Astra Linux bulletin confirms the issue as a kernel-level flaw and notes the fix was to validate the ring type value to prevent the OOB write. The vulnerabil...
CVE-2021-47142
CVE-2021-47142 concerns the Linux kernel’s DRM/AMDGPU stack. The vulnerability stems from a use-after-free in the AMDGPU TTM memory backend when cleaning up objects, specifically due to not clearing ttm->sg (the sg table) which can lead to a general protection fault during teardown. The connec...