8 matches found
CVE-2025-21694
CVE-2025-21694 : Linux kernel vulnerability in fs/proc/__read_vmcore (kdump path). Root cause: second loop in __read_vmcore could still hit softlockups; fix adds cond_resched() to yield in that loop. Impact: softlockups may interfere with RCU memory freeing and cause crashdump stalls in memory-co...
CVE-2024-49977
The CVE-2024-49977 entry concerns a Linux kernel vulnerability in the net: stmmac pathway where port_transmit_rate_kbps could be set to 0, passed to div_s64 when tc-cbs is disabled, causing a zero-division error. The connected Astra Linux and CIRCL sources reproduce the same description and fix d...
CVE-2024-50186
CVE-2024-50186 : Linux kernel vulnerability in net: explicitly clear the sk pointer when pf->create fails. Root cause: some pf->create implementations do not NULL the freed sk object in error paths, leaving a dangling pointer and enabling Use-After-Free. Fix: explicitly NULL the sk pointer ...
CVE-2025-21916
CVE-2025-21916 is part of Unity Linux/Fedora kernel advisories describing a fix for a flaw in USB ATM CXACRU endpoint checking. The root cause was insufficient verification of USB endpoint addresses in cxacru_bind(), leading to incorrect URB handling (e.g., bogus urb xfers). The mitigation is to ...
CVE-2024-42272
The connected IBM Security Bulletin confirms CVE-2024-42272 as a Linux kernel issue fixed in sched: act_ct. The root cause was the padding in zones_ht_key after a patch widened the rhashtable key from 2 to 16 bytes; rhashtable_lookup() could read uninitialized padding bytes. The fix ensures paddi...
CVE-2024-57841
CVE-2024-57841 concerns a Linux kernel memory leak in tcp_conn_request() where dst memory allocated in af_ops->route_req is not freed if inet_csk_reqsk_queue_hash_add() fails, as shown by the kmemleak stack. The vulnerability is in the path that leads to tcp_conn_request() and may leak memory ...
CVE-2024-42103
CVE-2024-42103 applies to the Linux kernel BTRFS subsystem. The issue arises in the reclaim path for block groups: during btrfs_reclaim_bgs_work, a block group removed from the reclaim list can be added in parallel to the unused list, which may then be moved to the reclaim list again and corrupt ...
CVE-2025-38154
CVE-2025-38154 affects the Linux kernel sockmap path (bpf/sockmap) where sk->sk_socket can be used after free due to a race with backlog/thread close paths. The description in the connected documents explains that sk_socket is not locked/referenced in the backlog, enabling a race with the rele...