4 matches found
CVE-2022-4378
CVE-2022-4378 is a Linux kernel stack overflow flaw in the SYSCTL subsystem triggered by how a user changes certain kernel parameters, allowing a local user to crash the system or potentially escalate privileges. Public advisories (ALSA and CloudLinux entries) confirm the issue affects stack over...
CVE-2025-37957
CVE-2025-37957 describes a Linux kernel KVM/VMX issue where, if a VM enters SMM via KVM_SMI and then encounters invalid instructions leading to exceptions, forcing a vCPU reset during SHUTDOWN interception can trigger a WARN in kvm_vcpu_reset due to the vCPU being in SMM. The root cause is omissi...
CVE-2026-52933
CVE-2026-52933 affects the Linux kernel’s io_uring/poll component. The root cause is a signed comparison in io_poll_get_ownership() where atomic_read(&req->poll_refs) is compared to IO_POLL_REF_BIAS; when IO_POLL_CANCEL_FLAG (BIT(31)) is set, the value becomes negative, causing the slowpath to...
CVE-2022-50305
CVE-2022-50305 is a Linux kernel ASoC issue: sof_es8336_remove() could cause use-after-free because cancel_delayed_work() may not wait for the work function to finish. The fix uses cancel_delayed_work_sync() to ensure the work is cancelled, not running, and cannot be re-scheduled. Affected compon...