6 matches found
CVE-2024-49855
CVE-2024-49855 affects the Linux kernel nbd subsystem, where a race between timeout handling and normal completion could lead to use-after-free. The issue arises when a timed-out request is requeued by nbd_requeue_cmd() and normal completion tries to finish it, risking use-after-free. The documen...
CVE-2022-50072
CVE-2022-50072 is a Linux kernel use-after-free vulnerability in NFSv4/pnfs related to open operations. The issue occurs when an open RPC call is cancelled: the kernel must not free the open slot or layoutget arguments still in use by the hung RPC. The entry states this was resolved by a fix in t...
CVE-2022-48647
CVE-2022-48647 is a Linux kernel issue in the sfc driver where legacy interrupt TX channel handling used a fixed tx_channel_offset of 1, which is incorrect when efx_sepparate_tx_channels is false. The queues reside in a single channel (index 0) with RX, so the offset should be 0; using 1 can caus...
CVE-2022-49919
CVE-2022-49919 : In the Linux kernel, the nf_tables flow rule object release path was fixed. The underlying issue was a use-after-free (UAF) triggered by races with the netlink notifier, observed when the flow rule object is accessed only from the control plane (no data packets traverse it). The ...
CVE-2023-53250
The CVE-2023-53250 entry concerns a null-pointer dereference in Linux kernel firmware handling (dmi-sysfs). The issue occurs in dmi_sysfs_register_handle during initialization, triggered by a kobject/dmi_sysfs lifecycle sequence where list_add_tail is followed by an error path, leading to an unin...
CVE-2023-53281
Technical details for CVE-2023-53281 (affected product, root cause, impact, or mitigation) are not provided in the connected documents. Monitor for updates from vendors or advisories.