11 matches found
CVE-2024-56651
CVE-2024-56651 affects the Linux kernel hi311x CAN driver (hi3110_can_ist). The issue is a potential use-after-free: error count data added to the CAN frame after netif_rx() could reference a skb that is freed or reused. Root cause: reporting of rxerr/txerr persisted during non-bus-off operation,...
CVE-2024-26695
CVE-2024-26695 affects the Linux kernel crypto: ccp and fixes a null pointer dereference in __sev_platform_shutdown_locked when the SEV platform device is shutdown with a null psp_master (e.g., DEBUG_TEST_DRIVER_REMOVE). The issue was observed via KASAN, showing a null-deref in __sev_platform_shu...
CVE-2024-35955
CVE-2024-35955 : Linux kernel vulnerability in kprobe registration that could cause a use-after-free if module unload changes MODULE_STATE from LIVE/GOING to UNFORMED between address checks. The fix switches to using only __module_text_address() and performs try_module_get(module) while MODULE_ST...
CVE-2023-52563
The CVE CVE-2023-52563 affects the Linux kernel's DRM Meson bridge code. It fixes a memory leak in the ->hpd_notify callback where the EDID returned by drm_bridge_get_edid() was not freed. The mitigation is a kernel patch that frees the EDID, addressing the leak exposed on affected Meson DRM p...
CVE-2022-49940
CVE-2022-49940 concerns the Linux kernel tty/n_gsm subsystem. The vulnerability arises when gsmld_receive_buf() may call gsm->receive() even if gsm->receive is not initialized, leading to a NULL pointer dereference. The fix adds a sanity check to avoid invoking gsm->receive() if the func...
CVE-2022-49973
The CVE-2022-49973 entry concerns a Linux kernel vulnerability in sk_msg_recvmsg triggered by an incorrect last scatter-gather (sg) check. The root cause is a change to the last sg validation (to sg_is_last()) in sk_msg_recvmsg(), but the end of the scatterlist was not marked in sockmap redirecti...
CVE-2023-52872
CVE-2023-52872 affects the Linux kernel in the tty/n_gsm subsystem. A race condition during status line changes on dead connections in gsm_cleanup_mux() could lead to a kernel panic after the cleanup sequence closes DLCIs, stops timers, and clears queues, while the outgoing data queue continues t...
CVE-2022-50045
CVE-2022-50045 is a Linux kernel issue affecting the powerpc/pci path. The vulnerability arose from a locking interaction in get_phb_number(), which could cause a DEBUG_ATOMIC_SLEEP warning when sleep-prone OF routines are called while a hose_spinlock is held. The resolution involves modifying ge...
CVE-2022-49970
CVE-2022-49970 concerns a Linux kernel vulnerability in the bpf/cgroup path, where an invalid opcode triggers a kernel BUG during purge_effective_progs when detaching BPF programs from nested cgroups. Reproduction steps described in multiple sources involve attaching prog2 to cg2, prog1 to cg1, w...
CVE-2022-50546
The CVE-2022-50546 issue affects the Linux kernel ext4 subsystem, specifically ext4_alloc_inode() and the __ext4_new_inode() path. Syzbot reported a KMSAN uninitialized value in ext4_evict_inode, caused by not initializing ei->i_flags during ext4_alloc_inode() when a new inode creation fails b...
CVE-2023-53603
CVE-2023-53603 affects the Linux kernel SCSI QLA2XXX path. The issue is a potential NULL pointer dereference where a fcport pointer may be dereferenced if sa_ctl is NULL and fcport is allocated after an exit path. The documented fix is to exit the routine when sa_ctl is NULL, preventing the NULL ...