6 matches found
CVE-2023-52434
CVE-2023-52434 affects Linux kernel SMB/CIFS: the vulnerability is in smb2_parse_contexts() used by SMB2_open (mount.cifs path). Root cause: insufficient validation of offsets/lengths before dereferencing create contexts, enabling an out-of-bounds access that could trigger a kernel oops when serv...
CVE-2024-39503
CVE-2024-39503 : Linux kernel netfilter ipset race in the list:set type (namespace cleanup vs. gc) has a confirmed fix. The issue was a race that could cause use-after-free by GC data being accessed after the set is destroyed. The patch changes destruction order: when destroying all sets, first r...
CVE-2024-42102
CVE-2024-42102 concerns a Linux kernel vulnerability in the dirty throttling path used by the mm/wb subsystem. The issue centers on assuming that dirty limits in page units fit in 32 bits and a patch series titled “mm: Avoid possible overflows in dirty throttling” was applied. The entry notes tha...
CVE-2024-26722
Technical details about CVE-2024-26722 (affected products, exact root cause, versions, impact, remediation) are not provided in the connected documents. Monitor for updated advisories for explicit fixes and affected platforms.
CVE-2024-26792
CVE-2024-26792 : Linux kernel bug in btrfs snapshot creation can cause a double free of an anonymous device number. Root cause: during snapshot creation, anon_dev is allocated, later freed in nested calls, and if the transaction path fails, the same anon_dev may be freed again even if it has been...
CVE-2024-36890
CVE-2024-36890 : In the Linux kernel, the slab allocator was fixed so that __free(kfree) now detects error pointers; previously, freeing an error pointer could crash the kernel (e.g., wm831x_gpio_dbg_show). The issue stems from not checking error pointers in the automatic cleanup path. The descri...