12 matches found
CVE-2024-27065
CVE-2024-27065 is a Linux kernel issue affecting nf_tables: the verifier could incorrectly compare internal table flags during updates. The public advisories in connected documents reference a fix that “restores skipping transaction if table update does not modify flags,” applied as part of kerne...
CVE-2024-35900
CVE-2024-35900 affects the Linux kernel nf_tables (netfilter). The issue arises when the dormant table flag is toggled; during commit, hooks are iterated across both existing and new chains, which can lead to an inconsistent state. This may trigger a warning when unregistering a chain that is alr...
CVE-2026-23401
CVE-2026-23401: In the Linux kernel KVM x86/mmu, a race allowed installing an MMIO SPTE without first zapping an existing shadow-present SPTE when guest memory writes occurred outside KVM’s scope. This could enable a guest‑memory–related fault to leave a shadow SPTE intact when an MMIO SPTE is in...
CVE-2024-35897
CVE-2024-35897 – Normalized details: In the Linux kernel, a nf_tables (netfilter) issue was resolved: when performing a table flag update with a pending basechain deletion, hook unregistration is deferred to the commit phase. This sequence can delete a basechain while its hook remains registered ...
CVE-2024-35879
CVE-2024-35879 affects the Linux kernel’s dynamic handling of device trees: synchronization of of_changeset_destroy() with devlink removals in the OF stack. The issue arises during a two-step sequence (1) of_platform_depopulate() destroying devices and removing devlinks, then (2) of_overlay_remov...
CVE-2026-46083
CVE-2026-46083 concerns the Linux kernel SPI subsystem. The description indicates a fix for resource leaks that occur when a device is being set up and spi_setup() fails during registration, requiring a call to controller cleanup() to avoid leaking resources allocated by setup(). OpenSUSE/SUSE ad...
CVE-2022-49997
CVE-2022-49997 concerns the Linux kernel component net/lantiq_xrx200. In memory-allocation failure scenarios, an invalid buffer address is stored; when the descriptor is used again, the system panics in build_skb() when accessing memory. The vulnerability is described as resolved in the provided ...
CVE-2025-39703
CVE-2025-39703 affects the Linux kernel net/hsr path. When an HSR frame arrives with insufficient space for the HSR tag, the skb cannot accommodate headers, leading to a panicked skb_push() in br_dev_queue_push_xmit() and a kernel crash. The issue stems from corrupted HSR frames being processed b...
CVE-2025-71095
CVE-2025-71095 concerns a crash in the Linux kernel’s net: stmmac path when using zero-copy XDP_TX. The root cause is that stmmac_xdp_xmit_back() always treated the xdp_buff as a page-pool memory type, regardless of whether the xdp_buff originated from a page pool or a zero-copy XSK pool, leading...
CVE-2025-71180
CVE-2025-71180 affects the Linux kernel’s interrupt handling: the IRQF_NO_THREAD flag should not be used with code that may take a spinlock, as warned by CONFIG_PROVE_RAW_LOCK_NESTING. The issue occurs when an IRQ handler may either use IRQF_NO_THREAD or acquire a spinlock_t, leading to a potenti...
CVE-2026-31549
CVE-2026-31549 relates to the Linux kernel cp2615 I2C driver. The vulnerability arises when the driver uses the USB device serial string as the i2c adapter name but does not ensure the string exists, potentially causing a NULL pointer dereference if a device lacks a serial number. Documented impa...
CVE-2026-23324
CVE-2026-23324 : In the Linux kernel, the issue affects the can: usb: etas_es58x driver where an urb anchored with the anchor pattern must be anchored before submitting it in the read bulk callback. If not anchored, the urb could be leaked when usb_kill_anchored_urbs() runs. The fixes apply to th...