11 matches found
CVE-2024-26997
CVE-2024-26997 concerns the Linux kernel USB stack, specifically the dwc2 host controller. A dereference issue in the DDMA completion flow is fixed in the connected Astra Linux advisory, noting that a variable dereference was resolved in the DDMA completion flow. The advisory confirms the vulnera...
CVE-2024-50121
CVE-2024-50121 affects the Linux kernel component nfsd, specifically the race where nfsd_shrinker_work may be cancelled in nfs4_state_shutdown_net without waiting for the shrinker to exit. This can cause warnings and use-after-free scenarios when unhashing and destroying nfsd clients during net s...
CVE-2024-35983
CVE-2024-35983 : The Vuln resides in the Linux kernel, caused by incorrect bits_per() rounding for power-of-two CONFIG_NR_CPUS, leading to crashes on certain machines/configs. Public advisories (Unity UTSA-2025-992928) confirm the vulnerability has been resolved in kernel updates. Affected compon...
CVE-2024-35962
CVE-2024-35962 (Linux kernel netfilter nf_tables) involves incomplete validation of user input in netfilter: complete validation of user input. Root cause: do_replace() handlers use copy_from_sockptr() followed by unsafe copy_from_sockptr_offset() without validating optlen early enough; the patch...
CVE-2024-50072
CVE-2024-50072 affects the Linux kernel on x86 where VERW is used. The issue can trigger a general protection fault (#GP) in 32-bit vm86 contexts when VERW mitigations (e.g., MDS/RFDS) are enabled and the code segment selector is not properly referenced. The root cause is using VERW with an arbit...
CVE-2024-38381
CVE-2024-38381 affects the Linux kernel vulnerability in the NFC NFC-NCI path. The issue is an uninitialized-value access in nci_rx_work, which parses a received packet from ndev->rx_q without validating header size, payload size, and total packet size before processing. An invalid packet coul...
CVE-2024-40916
The CVE-2024-40916 issue concerns the Linux kernel DRM/Exynos HDMI driver. When EDID reading fails and the driver reports no modes, the DRM core previously exposed a 1024x786 mode which some Exynos HDMI variants cannot drive. The fix changes this fallback to a safe 640x480 mode to avoid rendering...
CVE-2025-21795
CVE-2025-21795: Linux kernel NFSD hang in nfsd4_shutdown_callback. When nfs4_client is in courtesy state, NFSD still sends the shutdown callback, causing cl_cb_inflight to remain non-zero and the operation to hang for about 15 minutes until the TCP layer reports the connection drop. The fix modif...
CVE-2024-39493
The CVE CVE-2024-39493 concerns a Linux kernel crypto/qat issue (ADF_DEV_RESET_SYNC memory leak) resolved by changing the caller behavior to cancel_work_sync and then freeing the memory safely. This addresses a potential use-after-free scenario where the caller may not have waited for completion,...
CVE-2026-43414
CVE-2026-43414 affects the Linux kernel SCSI driver qla2xxx (fcport handling). The issue is a double-free of a Fibre Channel port object in qla24xx_els_dcmd_iocb() via qla2x00_els_dcmd_sp_free() after kref_put(), leading to potential memory corruption and system instability or DoS as described by...
CVE-2026-22979
CVE-2026-22979 is a Linux kernel vulnerability affecting memory accounting for GRO-fragmented SKBs. The issue arose because skb_segment_list() continued to add each fragment’s truesize to delta_truesize while subtracting it from the parent SKB, even though fragments are no longer charged to the s...