5 matches found
CVE-2020-9383
CVE-2020-9383 affects the Linux kernel floppy driver (set_fdc in drivers/block/floppy.c) where the FDC index is not checked for errors before assignment, causing a wait_til_ready out-of-bounds read. Impact per the CVE description: local attacker could cause a denial of service or privilege escala...
CVE-2020-9391
CVE-2020-9391 affects the Linux kernel on AArch64 (versions 5.4 to 5.5.6). The top byte of the address passed to brk is ignored, potentially moving the program break downward instead of upward, which can cause heap corruption in glibc malloc. Public sources in the connected documents consistently...
CVE-2022-49748
CVE-2022-49748 relates to the Linux kernel: perf/x86/amd shift of a 32-bit int constant 1 is computed in 32‑bit arithmetic and then passed as a 64‑bit argument, which can overflow when i ≥ 32. The fix uses the BIT_ULL macro for the shift to avoid overflow. Several connected advisories (Astra Linu...
CVE-2022-50553
CVE-2022-50553 : In the Linux kernel tracing hist code, an out-of-bounds write occurs in action_data.var_ref_idx when synthesizing events with many params (n_params up to SYNTH_FIELDS_MAX) and a smaller TRACING_MAP_VARS_MAX caused writes beyond the array. The issue is fixed by enlarging data->...
CVE-2026-53314
CVE-2026-53314 concerns the Linux kernel, where the padata offline CPU callback was moved from the OFFLINE path into the ONLINE path to allow failure. SYZBOT reported a DEAD callback error for CPU1; this vulnerability relates to CPU hotplug teardown, and the commit 4ae12d8bd9a8 (Merge tag 'kbuild...