5 matches found
CVE-2025-21726
In CVE-2025-21726, the Linux kernel padata subsystem had a use-after-free (UAF) in the reorder_work path. The root cause was that the previous patch did not hold a reference to 'pd' long enough when queuing reorder_work. The fix is to take a reference to 'pd' before queuing reorder_work and to ke...
CVE-2023-52854
CVE-2023-52854 affects the Linux kernel's padata subsystem. In high-load arm64 scenarios, a race in refcount handling can cause a Use-After-Free when pd is freed during padata_serial_worker execution, leading to a potential crash or memory corruption. The documented root cause is improper refcoun...
CVE-2020-36791
The CVE-2020-36791 entry refers to a Linux kernel net_sched issue where cp->alloc_hash could be left at an incorrect size after a hash allocation, enabling a potential out-of-bounds access. The described root cause is that the hash calculation was moved before tcindex_alloc_perfect_hash() but ...
CVE-2022-48768
CVE-2022-48768 concerns a memory‑leak in the Linux kernel tracing/histogram path. The issue arises where kstrdup() allocates memory but kfree() is not called on an error path, leaving the memory allocated for data->params[i] (p) potentially unreleased. The described fix is to free the allocate...
CVE-2022-50553
CVE-2022-50553 : In the Linux kernel tracing hist code, an out-of-bounds write occurs in action_data.var_ref_idx when synthesizing events with many params (n_params up to SYNTH_FIELDS_MAX) and a smaller TRACING_MAP_VARS_MAX caused writes beyond the array. The issue is fixed by enlarging data->...