11 matches found
CVE-2023-52565
CVE-2023-52565 is a Linux kernel vulnerability affecting the media: uvcvideo subsystem. The issue is an out-of-bounds read in uvc_query_v4l2_menu() when the user-provided index exceeds the mask size, potentially allowing reading memory outside the intended bounds. The connected MiracleLinux advis...
CVE-2024-42302
CVE-2024-42302 : The Linux kernel fixed a use-after-free in PCI/DPC when a DPC event occurs concurrently with hot-removal on the same PCIe hierarchy. The underlying issue was that pci_bridge_wait_for_secondary_bus() did not hold a reference to the child pci_dev during a DPC event, allowing concur...
CVE-2025-21991
The CVE-2025-21991 issue affects the Linux kernel’s AMD microcode loader for x86. It could trigger an out-of-bounds access when iterating NUMA nodes with empty or CPU-less nodes, potentially accessing cpu_data beyond its bounds during a microcode update. The root cause is that load_microcode_amd(...
CVE-2024-26766
CVE-2024-26766 affects the Linux kernel’s IB/hfi1 path. The root cause is an off-by-one error in the sdma.h tx descriptor handling that, when a send consists of six descriptors and requires a seventh-dword padding, prevents proper expansion of the sdma_txreq descriptor array. This overflow can co...
CVE-2023-53056
CVE-2023-53056 affects the Linux kernel and concerns the SCSI qla2xxx driver where IOCB counts were out of order. This could block commands, leading to a system hang with a NULL pointer dereference trace. The issue is resolved by synchronizing the IOCB count to the correct order. The provided sou...
CVE-2024-46686
CVE-2024-46686 (Linux kernel) : The vulnerability lies in the SMBv2 read path where smb2_new_read_req() can dereference rdata=NULL when SMB2_read() is used with RDMA and the rdma_readwrite_threshold is reached. This affects the Linux kernel smb client code and is triggered from the SMB2_read() fl...
CVE-2025-21907
CVE-2025-21907 documents a Linux kernel memory-management issue: during folio migration, unmap_poisoned_folio() must set TTU_HWPOISON for anon folio (and align policy with hwpoison_user_mappings for pagecache). The patch series mm: memory_failure: unmap poisoned folio during migrate properly fixe...
CVE-2025-39849
CVE-2025-39849 refers to a Linux kernel vulnerability in the wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() path. The issue allows memory corruption if ssid->datalen exceeds IEEE80211_MAX_SSID_LEN (32) due to missing bounds checks. The connected documents confirm this CVE ...
CVE-2025-38676
CVE-2025-38676 affects the Linux kernel (iommu/amd) and fixes a stack buffer overflow when processing kernel cmdline acpiid length. The issue is local and can be triggered by crafted kernel command-line input; base score 7.8 (HIGH) with LOCAL/LOW complexity, no user interaction. The CVE is addres...
CVE-2026-45961
CVE-2026-45961 in the Linux kernel’s GFS2 filesystem is fixed: memory leaks occur on gfs2_fill_super() error paths when transitioning to read-write mode. Two leaks are addressed: (1) kernel thread objects (logd, quotad) not destroyed after init_threads() if failure occurs; (2) a quota bitmap buff...
CVE-2026-45862
The CVE-2026-45862 issue concerns the Linux kernel’s IOMMU VT-d PASID handling. A flaw in the cache flush order when writing a freshly allocated zero-initialized PASID table to a PASID directory entry creates a time window during which non-coherent IOMMU hardware could access RAM contents that ar...