9 matches found
CVE-2024-26997
CVE-2024-26997 concerns the Linux kernel USB stack, specifically the dwc2 host controller. A dereference issue in the DDMA completion flow is fixed in the connected Astra Linux advisory, noting that a variable dereference was resolved in the DDMA completion flow. The advisory confirms the vulnera...
CVE-2024-35983
CVE-2024-35983 : The Vuln resides in the Linux kernel, caused by incorrect bits_per() rounding for power-of-two CONFIG_NR_CPUS, leading to crashes on certain machines/configs. Public advisories (Unity UTSA-2025-992928) confirm the vulnerability has been resolved in kernel updates. Affected compon...
CVE-2024-35962
CVE-2024-35962 (Linux kernel netfilter nf_tables) involves incomplete validation of user input in netfilter: complete validation of user input. Root cause: do_replace() handlers use copy_from_sockptr() followed by unsafe copy_from_sockptr_offset() without validating optlen early enough; the patch...
CVE-2024-50072
CVE-2024-50072 affects the Linux kernel on x86 where VERW is used. The issue can trigger a general protection fault (#GP) in 32-bit vm86 contexts when VERW mitigations (e.g., MDS/RFDS) are enabled and the code segment selector is not properly referenced. The root cause is using VERW with an arbit...
CVE-2024-41000
CVE-2024-41000 : Linux kernel: block/ioctl: prefer different overflow check. UBSAN signed-overflow triggered by overflow in signed arithmetic during ioctl handling; fixed by reworking the overflow check to avoid performing an actual overflow in the check itself. The issue is linked to reintroduci...
CVE-2024-38381
CVE-2024-38381 affects the Linux kernel vulnerability in the NFC NFC-NCI path. The issue is an uninitialized-value access in nci_rx_work, which parses a received packet from ndev->rx_q without validating header size, payload size, and total packet size before processing. An invalid packet coul...
CVE-2024-40916
The CVE-2024-40916 issue concerns the Linux kernel DRM/Exynos HDMI driver. When EDID reading fails and the driver reports no modes, the DRM core previously exposed a 1024x786 mode which some Exynos HDMI variants cannot drive. The fix changes this fallback to a safe 640x480 mode to avoid rendering...
CVE-2024-39493
The CVE CVE-2024-39493 concerns a Linux kernel crypto/qat issue (ADF_DEV_RESET_SYNC memory leak) resolved by changing the caller behavior to cancel_work_sync and then freeing the memory safely. This addresses a potential use-after-free scenario where the caller may not have waited for completion,...
CVE-2021-4440
CVE-2021-4440 (Linux kernel) fixed by commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream: in x86/xen, the paravirt USERGS_SYSRET64 path was dropped and the exit from user space now uses the iret exit from the start instead of sysret, avoiding stack-mangling prerequisites in Xen PV guests. T...