5 matches found
CVE-2025-38656
CVE-2025-38656 affects the Linux kernel’s wifi iwlwifi path (iwl_op_mode_dvm_start). The vulnerability stems from preserving the error code when iwl_setup_deferred_work() fails; the code previously returned ERR_PTR(0) (NULL), which could cause a use-after-free involving debugfs. A patch has been ...
CVE-2025-40082
CVE-2025-40082 targets the Linux kernel’s hfsplus code and causes a slab-out-of-bounds read in hfsplus_uni2asc() when listing extended attributes. The issue arises because the expected unicode buffer structure size varies (hfsplus_attr_unistr vs hfsplus_unistr), so a previous fix was insufficient...
CVE-2026-45904
The CVE-2026-45904 issue affects the Linux kernel’s PowerPC EEH driver, where a restructuring workaround caused a recursive lock scenario around pci_lock_rescan_remove. The problem arose when EEH event handling briefly acquired the PCI bus lock while eeh_pe_bus_get() could also attempt the same l...
CVE-2026-46146
CVE-2026-46146 affects the Linux kernel's ALSA USB audio stack, specifically the convert_chmap_v3() routine. A loop uses cs_desc->wLength for increment but this value isn’t validated, allowing a potential endless loop with malformed descriptors. The issue is resolved by adding a proper size ch...
CVE-2026-45924
Summary: CVE-2026-45924 affects ksmbd in the Linux kernel. The vulnerability arises because ksmbd_vfs_kern_path_end_removing() is not called on certain error paths, leaving inode locks and references unbalanced after a prior ksmbd_vfs_kern_path_start_removing(). This can cause potential deadlocks...