115 matches found
CVE-2024-35990
CVE-2024-35990 (Linux kernel) involves a locking fix for the xilinx_dpdma DMA channel to address not-held locks in chan->lock and chan->vchan.lock. The attached Astra Linux bulletin and initial entry describe a fix that prevents lockdep warnings by adding missing locks around xilinx_dpdma_c...
CVE-2022-48879
CVE-2022-48879 concerns a Linux kernel vulnerability within the EFI/Runtime Services path. The issue arises when runtime services are not supported or disabled, causing the runtime services workqueue to never be allocated, which could lead to a NULL pointer dereference if the code attempts to des...
CVE-2024-26727
CVE-2024-26727 (Linux kernel, btrfs subvolume creation) Concrete details are present in connected Astra/Linux advisory. The issue arises when creating a new subvolume under btrfs: after inserting the root item, a backref/read could access the subvolume before a preallocated anonymous device (anon...
CVE-2021-47136
CVE-2021-47136 (Linux kernel) arises from not zero‑initializing the TC_SKB_EXT skb extension on allocation, causing use of uninitialized memory when the extension gained new fields. The UBSAN log shows invalid loads in openvswitch flow key extraction paths (ovs_flow_key_extract.cold, ovs_vport_re...
CVE-2022-49966
The CVE-2022-49966 issue is in the Linux kernel DRM AMD PM subsystem, where the fini_microcode interface for the Sienna Cichlid platform was missing. The root cause is the missing ->fini_microcode hook, which could contribute to memory leaks. The vulnerability is described as locally exploitab...
CVE-2022-50212
CVE-2022-50212 affects the Linux kernel netfilter nf_tables subsystem. The vulnerability arises when looking up chains by ID without ensuring the chain belongs to the same table; a chain from another table can be linked in, and removing the source table can leave a rule connected to the wrong cha...
CVE-2022-49446
CVE-2022-49446 affects the Linux kernel’s NVDIMM path, describing deadlock risks in CXL/NVDIMM interactions. The advisory notes possible unsafe locking scenarios involving nd_region keys, nvdimm_bus->reconfig_mutex, system_transition_mutex, and cxl_root/acpi_scan_lock chains, triggered by hold...
CVE-2021-47647
CVE-2021-47647 relates to the Linux kernel on Qualcomm IPQ8074 PCIe clock driver. The root cause is a missing clock parent setup in pcie0_rchng_clk_src: there were two declared parents but only one was actually provided via parent_hws, and the fix introduces the use of clk_parent_data to supply t...
CVE-2021-47643
CVE-2021-47643 is a Linux kernel issue in the media/ ir_toy area; it fixes a leak in the error path by freeing a resource before exiting on error. Affected component is the kernel’s ir_toy driver code, where an error exit path could leak memory. The vulnerability is local in scope with a CVSS v3....
CVE-2022-49473
The CVE-2022-49473 entry concerns the Linux kernel ASoC: ti: j721e-evm area. The issue is described as a refcount leak in j721e_soc_probe_* where of_parse_phandle() returns a node pointer with an incremented refcount; the fix adds a missing of_node_put() to release it when no longer needed. Conne...
CVE-2022-48814
CVE-2022-48814 affects the Linux kernel DSA seville driver (VSC9959) where mdiobus was allocated/registered with devres. The root cause is a devres interaction causing mdiobus to be freed without prior unregistration, leading to mdiobus_free() panics when invoked from devm_mdiobus_free(). The pro...
CVE-2022-49591
CVE-2022-49591 relates to the Linux kernel, specifically the DSA Microchip ksz_common path. The root cause is a refcount leak in ksz_switch_register(): the reference returned by of_get_child_by_name() is not released. The fix is to call of_node_put() on that reference (which has increased the ref...
CVE-2025-38059
The CVE-2025-38059 entry documents a Linux kernel data integrity issue in btrfs: when using rescue=idatacsums, scrub can trigger a NULL pointer dereference due to not loading the csum tree. Concrete root cause: scrub path may call btrfs_search_slot() on a NULL pointer because the NO_DATA_CSUMS fl...
CVE-2021-47422
CVE-2021-47422 affects the Linux kernel’s drm/nouveau/kms/nv50- component. The issue is a memory leak where an op allocated by single_open() is not freed if single_release() is not called. The vulnerability is described as a local-privilege context with a potential availability impact, with CVSS ...
CVE-2022-48818
The CVE-2022-48818 entry refers to a Linux kernel issue in the MDIO/MV88E6xxx DSA path where devres usage around mdiobus led to a kernel OOPS during shutdown. The root cause is interaction between devm_mdiobus_free() and devres_release_all() if the MDIO bus is unregistered late due to a shutdown‑...
CVE-2021-47535
CVE-2021-47535 concerns the Linux kernel DRM MSM A6XX driver. The issue arises in a6xx_get_gmu_registers() where three sets of GMU registers are read but the allocation for the array wasn’t updated, triggering a KASAN slab-out-of-bounds write (Write of size 8) in _a6xx_get_gmu_registers. Public n...
CVE-2025-38399
CVE-2025-38399 affects the Linux kernel’s SCSI target subsystem, specifically the function core_scsi3_decode_spec_i_port() in target_core_mod. In the error path, it unconditionally calls core_scsi3_lunacl_undepend_item() with dest_se_deve, which may be NULL, risking a NULL pointer dereference and...
CVE-2022-49477
CVE-2022-49477 affects the Linux kernel’s ASoC Samsung code for aries_audio_probe. The vulnerability arises from a refcount leak: of_parse_phandle() returns a node pointer with an incremented refcount, and of_node_put() must be called on it when done. If extcon_find_edev_by_node() fails, of_node_...
CVE-2022-49509
CVE-2022-49509 : In the Linux kernel, the vulnerability arises when removing the max9286 I2C driver, causing a kernel oops due to the I2C client data potentially pointing to a freed v4l2_subdev instead of max9286_priv. The fix updates max9286_remove/max9286_probe/max9286_init so that the driver n...
CVE-2022-48660
CVE-2022-48660 is a Linux kernel vulnerability affecting gpiolib: cdev on certain platforms (ex: nxp-ls1028). The issue occurred when the IRQ for lineevent_state was set before the IRQ was successfully registered, leading to a warning trace from free_irq() during gpio tests and a resource release...
CVE-2022-49050
CVE-2022-49050 maps to a Linux kernel issue in memory: renesas-rpc-if where a flash platform-device leak could occur in the error path if registration fails during probe. The fixed code ensures the flash platform device is freed on probe error. The vulnerability is local in scope with a medium ba...
CVE-2025-38160
CVE-2025-38160 affects the Linux kernel due to a NULL pointer dereference in the Raspberry Pi clock registration path. Specifically, raspberrypi_clk_register() does not handle a NULL return from devm_kasprintf(), which can occur if memory allocation fails. A fix has added a NULL check after devm_...
CVE-2022-49278
CVE-2022-49278: Linux kernel remoteproc vulnerability in rproc_coredump_write() where a count underflow was possible. The fix adds a count check for zero, mirroring the validation in rproc_recovery_write(), to prevent underflow. This is resolved in the kernel codebase; patch references are in the...
CVE-2025-38148
CVE-2025-38148 affects the Linux kernel network driver path: net: phy: mscc. The issue is a memory leak when using one-step timestamping, where frames (skb) were not freed because the hardware may not generate an interrupt to signal timestamping. The described fix frees the frame in the one-step ...
CVE-2021-47093
CVE-2021-47093: SUSE advisories SIG- Linux kernel (SUSE SLES/openSUSE) notes a memleak in intel_pmc_core during module init when platform device registration fails. The fix frees the platform device with platform_device_put() to release resources (e.g., device name). Connected documents confirm t...
CVE-2022-48812
CVE-2022-48812 concerns the Linux kernel: the net: dsa: lantiq_gswip code should not use devres for mdiobus allocation/registration. The root cause is that mdiobus_free() can panic when invoked via devm_mdiobus_free() because devres_release_all() may free a bus that is still registered, especiall...
CVE-2022-49946
CVE-2022-49946 affects the Linux kernel component handling Raspberry Pi clocks (clk: bcm: rpi). The vulnerability arises in raspberrypi_discover_clocks() where the loop relies on the last clock element’s id being zero, a property not guaranteed by Videocore firmware, which could lead to an out-of...
CVE-2022-48770
CVE-2022-48770 affects the Linux kernel vulnerability in the BPF stack trace code: bpf_get_task_stack() could dereference NULL pt_regs because task_pt_regs() may return NULL for kernel threads on powerpc. The patch adds a NULL check on the return value of task_pt_regs() before inspecting the call...
CVE-2022-48813
CVE-2022-48813 concerns the Linux kernel’s DSA Felix support. The advisory notes that using devres for the MDIO bus caused mdiobus_free() to panic when freed via devm_mdiobus_free(), unless the bus was unregistered first. For the Felix VSC9959 switch (PCI device), the recommended remediation is t...
CVE-2022-48797
CVE-2022-48797: Linux kernel vulnerability where NUMA balancing could affect COW page writability. Root cause: change_pte_range() tests page_mapcount(page) to enable NUMA faults, which is nonsensical; patch fixes to use page_count(). Oded Gabbay’s report linked a Gaudi accelerator workload; apply...
CVE-2022-49210
The CVE-2022-49210 issue is a Linux-kernel memory-leak in the MIPS pgalloc path. The generic pgd_free() freed only one pgd page, but on 64‑bit systems with PAGE_SIZE_4KB and without MIPS_VA_BITS_48 the PGD_TABLE spans two pages; this mismatch leaks memory. MemFree behavior can reveal the leak. Ro...
CVE-2022-48815
CVE-2022-48815 affects the Linux kernel bcm_sf2 DSA/MDIO path. The root cause is unsafe interaction between devres-managed mdiobus allocation/registration and manual mdiobus unregistering, where mdiobus_free() may panic if devm_mdiobus_free() triggers devres_release_all() before the bus is unregi...
CVE-2022-49211
CVE-2022-49211 concerns a Linux kernel issue in the MIPS CDMM code path where of_find_compatible_node() returns a node pointer with an incremented refcount and the code omits of_node_put() to release it. The fixed description states: add the missing of_node_put() to release the refcount. Affected...
CVE-2021-47299
CVE-2021-47299 affects the Linux kernel XDP/BPF path: use-after-free in bpf_xdp_link_release between dev_get_by_index() and dev_xdp_attach_link(). Affected in-kernel code; patches are referenced (ca9ba1de8f09976b45ccc8e655c51c6201992139, a7537dc73e69ad9c0b67ad24ad3ebee954ed0af6, 5acc7d3e8d3428584...
CVE-2022-49654
CVE-2022-49654 pertains to the Linux kernel, specifically the net: dsa: qca8k component. The issue occurs when MAX_FRAME_SIZE (MTU) is changed while the CPU port is enabled, causing the switch to panic and stop sending packets, which can render the device unreachable; a switch reset may be requir...
CVE-2022-48922
CVE-2022-48922 (Linux kernel, riscv) : Root cause is a NULL pointer dereference when irqsoff latency tracer is enabled because trace_hardirqs_on/off rely on the frame pointer (CALLER_ADDR1). If the frame pointer is repurposed, memory access faults can occur during boot. The issue was mitigated by...
CVE-2020-36790
The CVE-2020-36790 entry refers to a Linux kernel issue where a memory leak in nvmet was fixed: specifically, the code failed to free the new_model_number. The connected documents consistently identify this as a resolved kernel vulnerability (nvmet: fix a memory leak) with no additional exploit d...
CVE-2022-50266
The CVE-2022-50266 issue is in the Linux kernel kprobes path: kill_kprobe() incorrectly disarms a probe because KPROBE_FLAG_GONE is set before checking the probe’s enabled state, causing !kprobe_disabled(p) to evaluate to false and bypass necessary disarm handling. The fix adds the enabled-check ...
CVE-2025-38502
Technical details beyond the initial description are not provided in the connected documents; no explicit product/version, impact specifics, or remediation are present here. Monitor for updates.
CVE-2025-38590
CVE-2025-38590 is a Linux kernel vulnerability in the Mellanox mlx5e path. The issue occurs when a hardware decrypted packet’s xfrm state is not found in an xarray, leaving the skb secpath (sp) extension intact. Downstream code may dereference an invalid secpath, causing a crash in __xfrm_policy_...
CVE-2025-38548
CVE-2025-38548 affects the Linux kernel hwmon driver for Corsair Corsair-CPro. The root cause is improper validation of the input buffer size received by the USB command path, allowing potential mismatches between the reported and actual buffer lengths. The fix, as documented in the connected Ast...
CVE-2026-46274
CVE-2026-46274 (Linux kernel, io_wq) has concrete details: a bug in io_wq_remove_pending() allowed a non-hashed predecessor to be treated as hashed, causing a stale pointer in wq->hash_tail[] to persist and be dereferenced by future hashed bucket-0 enqueues. The root cause is that io_get_work_...
CVE-2025-39835
In CVE-2025-39835, the Linux kernel XFS xattr code could leak ENODATA (ENOATTR) disk errors as a misleading “attribute not found,” potentially leading to an oops in xfs_attr_leaf_get() when a disk error returns ENODATA/ENOATTR with bp being NULL. The fix modifies lower IO error handling so disk e...
CVE-2025-38732
CVE-2025-38732 refers to a Linux kernel vulnerability in netfilter nf_reject where loopback packets could cause a dst refcount leak. The issue arises from a patch that added a WARN during skb dst entry replacement but forgot that loopback packets already have a dst_entry attached (even at PRE_ROU...
CVE-2026-23213
CVE-2026-23213 affects the Linux kernel’s DRM/AMD/PM path. During an SMU Mode 1 reset, the ASIC goes through a reset cycle and becomes temporarily inaccessible via PCIe, risking uncompleted PCIe transactions that can trigger NMI panics or system hangs. The fix disables MMIO access during the offl...
CVE-2025-39788
CVE-2025-39788 affects the Linux kernel SCSI/ufs Exynos driver (gs101). The issue is in the USB/UFS host path where the left shift to set UTRL_NEXUS_TYPE is performed on an int, causing an out-of-bounds shift and writing an incorrect value (0xffffffff on gs101). The fix switches to the BIT() macr...
CVE-2023-53401
CVE-2023-53401 pertains to the Linux kernel memory.c mm subsystem. KCSAN detected a data race in obj_stock_flush_required() where stock->cached_objcg could be reset between a check and a dereference, potentially causing a NULL pointer dereference. The associated fix implemented in the kernel i...
CVE-2026-46032
Summary: CVE-2026-46032 relates to Linux kernel KVM nSVM, where a failed restore of L1 host CR3 during a nested VMEXIT could leave L1 with corrupted state and trigger a triple fault instead of a clean recovery. The fix removes the nested_svm_vmexit return value and ensures proper cleanup, resulti...
CVE-2025-39967
CVE-2025-39967 affects the Linux kernel, specifically a vulnerability in fbcon_do_set_font where integer overflow in font size calculations could occur when processing user-controlled parameters. The issue stems from unsafe size calculations in CALC_FONTSZ(h, pitch, charcount) and related allocat...
CVE-2022-50260
CVE-2022-50260 concerns the Linux kernel DRM MSM driver where .remove and .shutdown callbacks run via different code paths, creating a risk of calling drm_atomic_helper_shutdown() on an uninitialized DRM device. The initial description explains this mismatch can trigger kernel panics, especially ...