8 matches found
CVE-2022-3344
CVE-2022-3344 is a vulnerability in the Linux kernel related to KVM AMD nested virtualization (SVM). The issue allows a malicious L1 guest to fail to intercept the shutdown of a cooperative nested L2 guest, which can cause a page fault and kernel panic on the host. Public sources in Connected doc...
CVE-2024-53096
CVE-2024-53096: Linux kernel patch resolves faulty mmap_region() error path. Key changes move core logic into __mmap_region(), perform upfront validations, and unwind writable/ seal checks earlier. Effects include preallocating iterator state before file-backed hooks, early handling of mapping_ma...
CVE-2023-26605
CVE-2023-26605 affects Linux kernel 6.0.8: a use-after-free in inode_cgwb_move_to_attached (fs/fs-writeback.c) related to __list_del_entry_valid. Documentation indicates CVSS v3.1 base score 7.8 ( HIGH ) with local attack vector, low complexity, and no user interaction. The vulnerability is a loc...
CVE-2023-52654
CVE-2023-52654 affects the Linux kernel io_uring implementation in the af_unix path. The issue stems from potential cycles when sending io_uring file objects over sockets via SCM_RIGHT, which could interact with unix_stream_read_generic() and file reference cycles. The mitigation described is to ...
CVE-2022-49889
In CVE-2022-49889, the Linux kernel ring-buffer wake path could dereference a NULL or invalid buffer when waking waiters during ring-buffer shutdown on systems where listed CPUs > online CPUs. The fix adds a NULL check for the buffer and validates the allocation against online CPUs; it also no...
CVE-2023-52911
CVE-2023-52911 is a Linux kernel issue in the DRM/MSM driver related to a NULL pointer dereference when the Adreno GPU runs in headless mode (e.g., on i.MX platforms). The crash occurs during reboot in the msm_atomic_commit_tail path, with an oops/NULL dereference involving slab kmalloc and relat...
CVE-2022-50332
CVE-2022-50332 concerns a Linux kernel issue in video/aperture where sysfb_disable() must be called from aperture_remove_conflicting_pci_devices() before removing PCI devices to prevent simpledrm from binding to simple-framebuffer devices after the driver takes over. The vulnerability is describe...
CVE-2023-53464
CVE-2023-53464 affects the Linux kernel: the iscsi_tcp path in SCSI may assign values to tcp_sw_conn->sendpage and conn->datadgst_en before validating sock, risking inconsistency due to a null/invalid sock. The fix relocates the assignment so the sock is validated prior to use, as described...