10 matches found
CVE-2024-27032
CVE-2024-27032 affects the Linux kernel f2fs subsystem. During recovery, if FAULT_BLOCK is enabled, f2fs_reserve_new_block() may return -ENOSPC, potentially causing a kernel panic. Additionally, with fault-injection rate 1 and only FAULT_BLOCK enabled, a deadloop in block reservation may occur. T...
CVE-2024-39503
CVE-2024-39503 : Linux kernel netfilter ipset race in the list:set type (namespace cleanup vs. gc) has a confirmed fix. The issue was a race that could cause use-after-free by GC data being accessed after the set is destroyed. The patch changes destruction order: when destroying all sets, first r...
CVE-2023-52607
CVE-2023-52607 is a Linux kernel vulnerability affecting the powerpc architecture, where a null-pointer dereference could occur in pgtable_cache_add due to a potentially NULL kasprintf() return when memory allocation fails. The issue arises because kasprintf() can return NULL and the code did not...
CVE-2025-23138
CVE-2025-23138: In the Linux kernel, watch_queue: fix pipe accounting mismatch. watch_queue_set_size() updated charged pipe buffers for user->pipe_bufs but did not update pipe->nr_accounted due to pipe_resize_ring() guard, risking underflow when a pipe is freed and causing failures in too_m...
CVE-2024-42102
CVE-2024-42102 concerns a Linux kernel vulnerability in the dirty throttling path used by the mm/wb subsystem. The issue centers on assuming that dirty limits in page units fit in 32 bits and a patch series titled “mm: Avoid possible overflows in dirty throttling” was applied. The entry notes tha...
CVE-2024-35826
CVE-2024-35826 — Linux kernel: fix page refcounts for unaligned buffers in __bio_release_pages(). This patch corrects the number of pages released for buffers that do not start at the beginning of a page, addressing a vulnerability in block I/O handling. Impact, as described in the FP: local acce...
CVE-2024-26792
CVE-2024-26792 : Linux kernel bug in btrfs snapshot creation can cause a double free of an anonymous device number. Root cause: during snapshot creation, anon_dev is allocated, later freed in nested calls, and if the transaction path fails, the same anon_dev may be freed again even if it has been...
CVE-2024-35813
CVE-2024-35813 affects the Linux kernel mmc/core component. Root cause: a negative index is used when accessing idatas[i-1] without ensuring i > 0, leading to an out-of-bounds access. The fixed commit adds a proper check to prevent the negative index. The vulnerability’s practical impact is de...
CVE-2026-23003
CVE-2026-23003 : In the Linux kernel’s IPv6 tunnel receive path (ip6_tunnel, __ip6_tnl_rcv), VLAN encapsulations were not handled correctly due to a failed VLAN-aware pull in the decapsulation path. The fix substitutes skb_vlan_inet_prepare() for pskb_inet_may_pull() to properly accommodate VLAN-...
CVE-2026-43024
CVE-2026-43024 affects Linux kernel nf_tables/netfilter: nf_queue. The issue is that immediate NF_QUEUE verdicts were emitted and could be misused; upstream patch rejects immediate NF_QUEUE verdicts to fix it. Downstream advisories indicate fixes implemented in kernel updates (e.g., upstream kern...