17 matches found
CVE-2026-46331
CVE-2026-46331 affects the Linux kernel’s net/sched packet editing path, specifically the per-key handling in act_pedit where the writable Copy-on-Write (COW) region was calculated before the actual write offset was known. The runtime header offset from typed keys could leave portions of memory u...
CVE-2022-49688
The CVE-2022-49688 entry concerns the Linux kernel afs subsystem. A patch fix for afs_getattr prevents dereferencing vnode->volume when the dynamic root afs superblock has pseudo-inodes without a volume or server, which previously could trigger a NULL pointer dereference when stat’ing a direct...
CVE-2022-49666
CVE-2022-49666 concerns the Linux kernel, specifically the powerpc/memhotplug path. The issue arises from an add_pages override for PPC, where the kernel began validating addresses against high_memory after commit ffa0b64e3be5 (powerpc: Fix virt_addr_valid() for 64-bit). This leads to a BUG_ON in...
CVE-2024-40914
The CVE-2024-40914 entry concerns a Linux kernel memory management issue in mm/huge_memory. The root cause is that HWPoison could be set for huge_zero_folio without increasing the folio refcount, causing unpoison_memory() to decrement the folio’s refcount as if it were hwpoisoned, triggering VM_B...
CVE-2022-49804
CVE-2022-49804 refers to a Linux kernel issue affecting s390 where making current_stack_pointer a global register variable exposed a gcc bug. The vulnerability is tied to stack pointer handling and can lead to stack corruption on affected builds. Public description notes that to mitigate, the min...
CVE-2023-53036
CVE-2023-53036 relates to the Linux kernel's DRM/amdgpu stack. On GPUs with RAS enabled, there is a call trace warning and potential hang during device shutdown due to a vulnerability in the amdgpu_vram_mgr_fini path that can propagate through amdgpu_ttm_fini, amdgpu_bo_fini, and related release ...
CVE-2022-49624
Summary (CVE-2022-49624) The Linux kernel Atlantic/AQ NIC driver had a bug where aq_nic_deinit() could be invoked again during resume after suspend, causing a hang on resume from S3. The fix removes aq_nic_deinit() during resume so it is not called again. This vulnerability affects the Atlantic n...
CVE-2022-49665
CVE-2022-49665 affects the Linux kernel (platform/x86: thinkpad_acpi) and is caused by a memory leak in EFCH MMIO resource handling: release_resource() does not free the resource as release_mem_region() would, so the resource must be freed explicitly to avoid leaks. The issue is addressed by a ke...
CVE-2026-31488
The CVE-2026-31488 entry concerns a Linux kernel issue in the DRM/AMD display path where DSC (display stream compression) validation could drop the mode_changed flag for an unrelated mode change within the same KMS commit. This could cause new streams to be created for DSC-independent CRTCs, whil...
CVE-2026-31557
Summary of CVE-2026-31557 (Linux kernel) : The issue affects the NVMe over Fabrics target (nvmet/nvmet_rdma) where flushing an asynchronous-event work item on nvmet-wq can recurse the same worker, risking a deadlock and DoS. The root cause is a potential re-entrant lock when nvmet_ctrl_free() flu...
CVE-2026-43303
The CVE-2026-43303 issue affects the Linux kernel’s memory management in mm/page_alloc. Subsystems such as slub, shmem, and ttm expose page->private and fail to clear it before freeing pages. If freed pages are later allocated as high-order pages and split, tail pages may retain stale page->...
CVE-2026-23419
CVE-2026-23419 affects the Linux kernel’ s RDS implementation. The issue is a circular locking dependency in net/rds: a memory allocation performed inside the socket lock during the call to sk_net_refcnt_upgrade() creates a deadlock with fs_reclaim. The root cause is that sk_net_refcnt_upgrade() ...
CVE-2025-71121
CVE-2025-71121 relates to the Linux kernel’s parisc/ASP chip handling: attempting to reprogram CPU affinity on HP 730 hardware could crash with an HPMC because registers aren’t at the expected location. The fix avoids the crash by checking the sversion, and notes that reprogramming isn’t needed f...
CVE-2026-31446
CVE-2026-31446 is a Linux kernel/ext4 vulnerability describing a use-after-free in update_super_work during unmount races. The root cause: update_super_work calls ext4_notify_error_sysfs() -> sysfs_notify() after ext4_unregister_sysfs() frees the kobject, leading to a stale kernfs_node access....
CVE-2023-53511
The CVE-2023-53511 entry corresponds to a Linux kernel issue in the io_uring flow where fget() leaked when a filesystem (ocfs2) does not support nowait buffered reads. Root cause: during io_issue_sqe, the path io_assign_file → io_read → io_iter_do_read → ocfs2_file_read_iter can lead to a leak wh...
CVE-2026-23343
CVE-2026-23343 involves the Linux kernel XDP tailroom calculation. Docked fixes describe that many ethernet drivers expose rx queue frag size, while xdp_frags_increase_tail() expects a truesize, causing unsigned tailroom to drift toward UINT_MAX and potentially grow tail space, leading to memory ...
CVE-2026-53207
The CVE-2026-53207 issue affects the Linux kernel mm/memory-failure path, where concurrent MADV_HWPOISON calls on the same hugetlb page can deadlock the non-recursive hugetlb_lock. The root cause is a sequence where a GUP reference is dropped under the hugetlb_lock, allowing free_huge_folio to re...