9 matches found
CVE-2024-57906
In the Linux kernel, CVE-2024-57906 affects the iio: adc: ti-ads8688 path, where a local buffer used to push data to userspace from a triggered buffer was not initialized for inactive channels. The root cause is failing to zero-initialize the buffer, risking information leakage to userspace. The ...
CVE-2021-47454
CVE-2021-47454 describes a Linux kernel vulnerability affecting powerpc SMP idle handling. The issue arises with PREEMPT_COUNT=y: when a CPU is offlined and onlined, the idle task’s preempt count could be decremented in CPU offline, triggering a scheduling panic. The root cause is that powerpc ar...
CVE-2024-57910
CVE-2024-57910 : In the Linux kernel, the iio: light: vcnl4035 driver had an information leak in the triggered buffer. The local buffer used to push data to userspace contained an uninitialized element (a 16-bit value aligned to 8 bytes), leaving at least 4 bytes potentially exposed after a regma...
CVE-2025-21767
CVE-2025-21767 is a Linux kernel issue where clocksource_verify_choose_cpus() is invoked with preemption disabled, causing a call to get_random_u32() that can indirectly acquire sleeping locks in PREEMPT_RT contexts. The root cause is using get_random_u32() while preemption is off, leading to an ...
CVE-2024-42095
CVE-2024-42095 affects the Linux kernel component serial: 8250_omap, implementing Errata i2310. The issue allows an erroneous timeout that, if not cleared, can trigger a storm of interrupts per TI’s Errata i2310 (TI TI sprz536, page 23). Public records in connected sources consistently cite imple...
CVE-2021-47553
The CVE describes a Linux kernel issue (CVE-2021-47553) in the SCS and KASAN shadow stack handling for the idle task during CPU hotplug (bringup_cpu). When a CPU is offline and brought back online, stale KASAN shadow and stale shadow call stack (SCS) state could lead to bogus warnings or leak por...
CVE-2022-50158
CVE-2022-50158 relates to the Linux kernel vulnerability in mtd: partitions where of_get_child_by_name() returns a node pointer with an incremented refcount and is not put back, leading to a refcount leak. The issue is fixed by adding a missing of_node_put() when the pointer is no longer needed. ...
CVE-2022-48776
CVE-2022-48776 is a Linux kernel memory-leak fix in the MTD parsers for Qualcomm SMEM: the cleanup function did not free pparts, causing a leak. The vulnerability affects mtd/parsers/qcomsmempart.c (pparts) and is resolved by adding a missing free in the cleanup path. Affected context and patches...
CVE-2021-47312
The CVE-2021-47312 issue in Linux kernel nf_tables caused a NULL pointer dereference during error handling when flow is NULL (chain flags NFT_CHAIN_HW_OFFLOAD is false). The fix ensures nft_flow_rule_destroy is only called if flow is non-null, preventing the crash in the error path. Connected ven...