11 matches found
CVE-2025-22113
CVE-2025-22113 — Linux kernel ext4 journal update race (mode C) Affects: Linux kernel with ext4 file system; involved components include ext4, JBD2 journaling, and the update path for superblock writes during shutdown/mount transitions. Summary: The issue arises when an error path can cause an in...
CVE-2023-52933
CVE-2023-52933 affects the Linux kernel Squashfs xattr_ids handling. Two overflow flaws were exposed by a corrupted filesystem: on 64‑bit systems, sign extension of xattr_ids when multiplied by sizeof(struct squashfs_xattr_id) can overflow and yield an incorrect len; on 32‑bit systems, the unsign...
CVE-2024-35791
CVE-2024-35791 affects the Linux kernel KVM: SVM subsystem. It describes a use-after-free in svm_register_enc_region() that is mitigated by flushing converted pages under the kvm lock before releasing the lock, preventing region/pages from being freed by another task. The fix is a patch to perfor...
CVE-2021-47452
CVE-2021-47452: In the Linux kernel, nf_tables netdev event handling during net namespace removal could lead to a redundant UNREGISTER notifier action because the base hook was removed too late. The issue is a sequence/order problem in the notifier vs .pre_exit hook, which could cause an attempt ...
CVE-2022-49558
CVE-2022-49558 affects the Linux kernel nf_tables/netfilter path. The issue is a double unregistration of hooks in netns path: __nft_release_hooks() unregisters hooks during pre_netns exit, and NETDEV_UNREGISTER triggers unregister again, leading to potential hook handling inconsistencies. The pr...
CVE-2026-23399
CVE-2026-23399 concerns the Linux kernel nf_tables code: when cloning the second stateful expression in a dynset element, the first expression could remain unfreed on error, causing a stateful memleak in error paths. The provided CVE description confirms a resolution in the kernel, with backtrace...
CVE-2025-39738
CVE-2025-39738 affects the Linux kernel (btrfs) and is triggered during relocation of partially dropped subvolumes. The root cause is a missing orphan item for a subvolume, causing a delayed-ref transaction abort when relocating, with an offender inside a dropped subvolume. Upstream fixes exist (...
CVE-2023-53562
CVE-2023-53562 affects the Linux kernel DRM MSM driver. The issue is a VRAM leak that occurs when a subcomponent fails to bind, and the fix releases the VRAM buffer on bind errors. The vulnerability is mitigated by applying the patch that adds VRAM release on error paths (patch reference: patchwo...
CVE-2026-23370
CVE-2026-23370 concerns a Linux kernel vulnerability in platform/x86: dell-wmi-sysman where set_new_password() hex dumps the buffer containing plaintext passwords (including current/new passwords). The issue could leak credentials locally and is mitigated by removing the hex dump; upstream kernel...
CVE-2026-23393
CVE-2026-23393 – Linux kernel (bridge/cfm) race fix : A race during peer MEP deletion could occur because br_cfm_frame_rx() could re-schedule ccm_rx_dwork while peer_mep is freed under RCU, risking use-after-free. The fix replaces cancel_delayed_work_sync() with disable_delayed_work_sync() in bot...
CVE-2026-23026
The CVE-2026-23026 entry concerns the Linux kernel DMA engine Qualcomm gpi driver. It fixes a memory leak in gpi_peripheral_config(): if krealloc() fails and returns NULL, the code directly assigns NULL to gchan->config, discarding the original memory. The patch uses a temporary variable to ho...