9 matches found
CVE-2022-49378
CVE-2022-49378 concerns a Linux kernel driver issue in the sfc/efx10 path where TX queue initialization can fail when modparam efx_separate_tx_channels=1 causes some channels to have only RX or only TX queues. The root cause is an incorrect determination of whether a channel has TX queues, which ...
CVE-2025-37911
CVE-2025-37911 affects the bnxt_en driver in the Linux kernel. The issue is an out-of-bounds memcpy when retrieving a firmware coredump via ethtool -w, which can lead to memory corruption. The root cause is a mismatch between the DMA-length returned by the firmware and info->dest_buf size when...
CVE-2025-71120
CVE-2025-71120 (Linux kernel) involves SUNRPC: svcauth_gss handling of a zero-length gss_token, which can dereference NULL when copying. The vulnerability occurs because code unconditionally dereferenced in_token->pages[0] during the initial memcpy, even if the copy length is 0. The fix guards...
CVE-2025-38643
CVE-2025-38643 affects the Linux kernel wifi stack (cfg80211). The root cause is a missing lock in cfg80211_check_and_end_cac(), while callers of wdev_chandef() are expected to hold the wiphy mutex; however the worker cfg80211_propagate_cac_done_wk() does not acquire it. This can trigger a warnin...
CVE-2026-31660
The CVE-2026-31660 entry concerns the Linux kernel NFC pn533 driver. The root cause is that pn532_receive_buf() may hand a complete frame to pn533_recv_frame() before allocating a fresh receive buffer; if alloc_skb() fails, the callback returns 0 while bytes have already been consumed, leaving re...
CVE-2022-50259
CVE-2022-50259 : In the Linux kernel, a race in sock_map_free() can cause use-after-free because sock_map_free() calls release_sock(sk) without owning a socket reference. This vulnerability affects BPF sockmap handling and is illustrated by the kernel call chain leading to release_sock and sock_m...
CVE-2026-31555
CVE-2026-31555 relates to a Linux kernel futex race in futex_lock_pi() retry path where a stale pointer to an exiting task is not cleared on retry. The issue can lead to a WARN_ON_ONCE when an old exiting pointer is used after a failed retry, potentially contributing to a DoS via kernel instabili...
CVE-2026-31656
The CVE-2026-31656 issue affects the Linux kernel in the drm/i915/gt path, where a race between the heartbeat worker and intel_engine_park_heartbeat() can cause a refcount underflow and potential use-after-free of engine->heartbeat.systole. Root cause: a non-atomic read of the pointer followed...
CVE-2026-23408
The CVE-2026-23408 issue affects the Linux kernel AppArmor module. The root cause was a double free of ns_name in aa_replace_profiles(): ns_name could be NULLed after it had been transferred from ent->ns_name, but ent->ns_name was freed later, and then freed again when kfree(ns_name). The p...