5 matches found
CVE-2024-38598
CVE-2024-38598 — Linux kernel (md/raid10) softlockup during resync Technical details from the provided documents indicate that the issue arises in the md bitmap synchronization path for raid10 during lvextend/lvchange --syncaction, leading to a soft lockup (CPU 3) due to a logic error in md_bitma...
CVE-2025-21887
In CVE-2025-21887, the Linux kernel overlayfs (ovl) had a use-after-free in ovl_dentry_remote/ovl_dentry_update_reval caused by calling dput(upper) before upper is no longer safe to use; the fix moves dput(upper) to after its final use in ovl_link_up, preventing the UAF. The issue is addressed in...
CVE-2023-52524
CVE-2023-52524 (Linux kernel) affects the net:nfc:llcp subsystem. The issue arises from modifying the device list without holding the required lock, which could allow list corruption as observed by syzbot. The vulnerability is local and requires privileges, with a high impact on confidentiality, ...
CVE-2024-48881
CVE-2024-48881 concerns the Linux kernel’s bcache implementation. The issue was a NULL pointer dereference risk in cache_set_flush() caused by a changed check: the code could access c->root when previous registration failed before c->root was allocated. The patch reverts the IS_ERR check to...
CVE-2024-58093
CVE-2024-58093 affects the Linux kernel’s PCI/ASPM link state handling. The issue arises when removing functions on a bus with a PCIe switch/MFD: freeing the ASPM link state either too late (function 0 removed last) or too early (before all subordinate links are gone), leading to use-after-free o...