17 matches found
CVE-2024-27410
CVE-2024-27410 (Linux kernel) relates to a race in wifi nl80211 where mesh ID changes during an iftype change could overwrite wdev data. The issue is resolved by disallowing mesh ID changes while changing the interface type (i.e., disallow iftype changes when mesh ID is being set). Astra Linux no...
CVE-2024-56663
CVE-2024-56663 describes a Linux kernel vulnerability in wifi nl80211 where NL80211_ATTR_MLO_LINK_ID could be misvalidated due to an off-by-one error in the attribute range. The issue manifests as a potential out-of-bounds access (demonstrated by a KASAN wild-memory-access bug in ieee80211_tx_con...
CVE-2024-56651
CVE-2024-56651 affects the Linux kernel hi311x CAN driver (hi3110_can_ist). The issue is a potential use-after-free: error count data added to the CAN frame after netif_rx() could reference a skb that is freed or reused. Root cause: reporting of rxerr/txerr persisted during non-bus-off operation,...
CVE-2024-26695
CVE-2024-26695 affects the Linux kernel crypto: ccp and fixes a null pointer dereference in __sev_platform_shutdown_locked when the SEV platform device is shutdown with a null psp_master (e.g., DEBUG_TEST_DRIVER_REMOVE). The issue was observed via KASAN, showing a null-deref in __sev_platform_shu...
CVE-2024-56683
Technical details for CVE-2024-56683 are not publicly available in the provided documents. No connected document confirms affected products, root cause, impact, or remediation. Monitor for updates from kernel/changelogs and trusted advisories.
CVE-2024-35955
CVE-2024-35955 : Linux kernel vulnerability in kprobe registration that could cause a use-after-free if module unload changes MODULE_STATE from LIVE/GOING to UNFORMED between address checks. The fix switches to using only __module_text_address() and performs try_module_get(module) while MODULE_ST...
CVE-2023-53113
The CVE-2023-53113 entry concerns the Linux kernel wifi NL80211 offchannel check. A NULL-pointer dereference could occur when a link was created by userspace in AP mode but not activated yet, resulting in a chandef that is invalid or has no channel. The vulnerability arises from dereferencing thi...
CVE-2024-26745
CVE-2024-26745 pertains to the Linux kernel on pSeries POWER systems where the IOMMU table is not initialized for kdump over SR-IOV, causing a NULL pointer dereference when the kdump kernel initializes IOMMU/TCEs for SR-IOV devices. The root cause is IOMMU table initialization logic that only con...
CVE-2022-49940
CVE-2022-49940 concerns the Linux kernel tty/n_gsm subsystem. The vulnerability arises when gsmld_receive_buf() may call gsm->receive() even if gsm->receive is not initialized, leading to a NULL pointer dereference. The fix adds a sanity check to avoid invoking gsm->receive() if the func...
CVE-2022-49973
The CVE-2022-49973 entry concerns a Linux kernel vulnerability in sk_msg_recvmsg triggered by an incorrect last scatter-gather (sg) check. The root cause is a change to the last sg validation (to sg_is_last()) in sk_msg_recvmsg(), but the end of the scatterlist was not marked in sockmap redirecti...
CVE-2025-38354
CVE-2025-38354 (Linux kernel, DRM/MSM GPU): A crash can occur when throttling GPU immediately during boot if the GPU is already hot, because of an early call to of_devfreq_cooling_register() that may access GMU registers before initialization. The root cause is that msm_devfreq_init may suspend d...
CVE-2023-52872
CVE-2023-52872 affects the Linux kernel in the tty/n_gsm subsystem. A race condition during status line changes on dead connections in gsm_cleanup_mux() could lead to a kernel panic after the cleanup sequence closes DLCIs, stops timers, and clears queues, while the outgoing data queue continues t...
CVE-2022-50045
CVE-2022-50045 is a Linux kernel issue affecting the powerpc/pci path. The vulnerability arose from a locking interaction in get_phb_number(), which could cause a DEBUG_ATOMIC_SLEEP warning when sleep-prone OF routines are called while a hose_spinlock is held. The resolution involves modifying ge...
CVE-2022-49970
CVE-2022-49970 concerns a Linux kernel vulnerability in the bpf/cgroup path, where an invalid opcode triggers a kernel BUG during purge_effective_progs when detaching BPF programs from nested cgroups. Reproduction steps described in multiple sources involve attaching prog2 to cg2, prog1 to cg1, w...
CVE-2023-53198
CVE-2023-53198 affects the Linux kernel raw socket handling (net/ipv4/raw.c). The vulnerability is a NULL dereference in raw_get_next(), triggered by races where a socket in one netns is freed while another thread iterates SOCK_RAW sockets. The root cause involves using RCU-based iteration with h...
CVE-2022-50546
The CVE-2022-50546 issue affects the Linux kernel ext4 subsystem, specifically ext4_alloc_inode() and the __ext4_new_inode() path. Syzbot reported a KMSAN uninitialized value in ext4_evict_inode, caused by not initializing ei->i_flags during ext4_alloc_inode() when a new inode creation fails b...
CVE-2023-53603
CVE-2023-53603 affects the Linux kernel SCSI QLA2XXX path. The issue is a potential NULL pointer dereference where a fcport pointer may be dereferenced if sa_ctl is NULL and fcport is allocated after an exit path. The documented fix is to exit the routine when sa_ctl is NULL, preventing the NULL ...