8 matches found
CVE-2024-57791
CVE-2024-57791 affects the Linux kernel net/smc component. The vulnerability arises when draining clc data: the length field in smc_clc_msg_hdr, sourced from the network, may be trusted and if it exceeds buflen in smc_clc_wait_msg, a deadloop can occur. The connected documents describe the patch ...
CVE-2021-47430
CVE-2021-47430 concerns a Linux kernel issue related to SMAP handling on x86. The vulnerability arises in x86/entry where the OS may warn when AC is active in user mode, even if SMAP is disabled or partially disabled, leading to a conditional warning that could fire on machines that support SMAP ...
CVE-2026-23245
CVE-2026-23245 (Linux kernel, net/sched) is resolved. The vulnerability allowed replacing a gate action’s parameters while the hrtimer callback or a dump path walked the schedule list. The fix converts gate parameter updates from plain pointers to an RCU-protected snapshot , swapping updates unde...
CVE-2023-53433
CVE-2023-53433 affects the Linux kernel’s VLAN handling. The issue arises from the change to add a new helper, vlan_get_protocol_and_depth(), to fix callers that relied on skb->head for MAC header data. Before the fix, code paths used pskb_may_pull() instead of skb_header_pointer() in __vlan_g...
CVE-2025-71102
CVE-2025-71102 affects the Linux kernel with a bug in shadow call stack handling: __scs_magic() received a struct task_struct* instead of the required void*. This caused scs_check_usage to scan an incorrect memory range when CONFIG_DEBUG_STACK_USAGE is enabled, potentially yielding inaccurate sha...
CVE-2026-31497
The CVE-2026-31497 entry concerns the Linux kernel Bluetooth USB (btusb) driver. The issue arises in btusb_work(), which maps the number of active SCO links to USB alternate settings using a three-entry table. It indexes alts[] with data->sco_num - 1 without constraining sco_num to the number ...
CVE-2026-31560
CVE-2026-31560 affects the Linux kernel spi-dw-dma path. When completing an SPI transaction, an error in handling a missing device message can lead to a system crash; the recommended fix is to obtain the device from the struct spi_controller* (dev from the controller). The vulnerability has been ...
CVE-2026-31441
CVE-2026-31441 affects the Linux kernel in the dmaengine: idxd component, where a memory leak occurs on workqueue reset. Root cause: idxd_wq_disable_cleanup() resets the wq type to NONE before resources are released. The upstream patch fixes the leak by ensuring resources are released before clea...