6 matches found
CVE-2024-36954
CVE-2024-36954 affects the Linux kernel and is resolved by a fix in the tipc subsystem. The vulnerability arises from a memory leak in tipc_buf_append when __skb_linearize() fails, because the skb is not freed on the error path. The documented patch moves the assignment *buf = NULL after the __sk...
CVE-2024-56648
Overview: CVE-2024-56648 is a Linux kernel vulnerability in the HSR net path that is resolved by extending bounds checking in fill_frame_info(). Affected component: Linux kernel, net/hsr/hsr_forward.c (function fill_frame_info). Root cause: fill_frame_info() depended on skb->mac_len without ha...
CVE-2021-47388
In the Linux kernel, CVE-2021-47388 affects mac80211 within CCMP/GCMP RX, where PN checking for fragmentation could use a stale hdr reference after a potential reallocation, leading to a use-after-free. The fix reloads the PN/hdr after the reallocating code path to ensure the PN is checked agains...
CVE-2024-35879
CVE-2024-35879 affects the Linux kernel’s dynamic handling of device trees: synchronization of of_changeset_destroy() with devlink removals in the OF stack. The issue arises during a two-step sequence (1) of_platform_depopulate() destroying devices and removing devlinks, then (2) of_overlay_remov...
CVE-2021-47239
CVE-2021-47239 : In Linux kernel net/usb, theSmsc75xx driver has a use-after-free in smsc75xx_bind caused by not cleaning up a scheduled work in smsc75xx_reset→smsc75xx_set_multicast. The patch 46a8b29c6306 adds cancel_work_sync and NULLs the dangling pointer (dev->data[0]) to prevent use-afte...
CVE-2025-39703
CVE-2025-39703 affects the Linux kernel net/hsr path. When an HSR frame arrives with insufficient space for the HSR tag, the skb cannot accommodate headers, leading to a panicked skb_push() in br_dev_queue_push_xmit() and a kernel crash. The issue stems from corrupted HSR frames being processed b...