3 matches found
CVE-2023-28466
Summary: CVE-2023-28466 affects the Linux kernel up to 6.2.6, where do_tls_getsockopt in net/tls/tls_main.c can race due to a missing lock_sock, causing a use-after-free or NULL pointer dereference. The condition is a local, kernel‑level issue with potential crashes or memory corruption as descri...
CVE-2024-42287
The connected documents confirm CVE-2024-42287 affects the Linux kernel scsi/qla2xxx path. Root cause: completing a command early (outside a lock) during unload leads to a race and a crash (NULL pointer dereference) when NPIV/FW reset paths are involved. The mitigation in the provided text is to ...
CVE-2024-40963
CVE-2024-40963 (Linux kernel, MIPS BMIPS BCM6358) : Affects devices where BMIPS CBR address can be 0, triggering kernel panic when arch_sync_dma_for_cpu_all is called. The root cause described is BMIPS_GET_CBR() returning 0 instead of a valid address and a non-failing read of read_c0_brcm_cmt_loc...