4 matches found
CVE-2024-49982
CVE-2024-49982 concerns the AoE (ATA over Ethernet) driver in the Linux kernel. The vulnerability stems from improper refcount handling of the net_device during packet transmission, leading to potential use-after-free scenarios. The fix, described in the cited CVE notes, consolidates a safer patt...
CVE-2024-47712
CVE-2024-47712: In the Linux kernel, a RCU usage issue in wifi/wilc1000 was fixed. In wilc_parse_join_bss_param, the code accessed the ies TSF field after the RCU read-side section, which is illegal. The TSF value is now stored in a local variable (ies_tsf) before releasing the RCU lock, and para...
CVE-2024-44941
CVE-2024-44941 relates to the Linux kernel's f2fs file system. The issue arises when the extent cache lock is not held during access to the largest extent entry, allowing a race that could lead to a use-after-free condition in sanity_check_extent_cache() during inode read paths. The documented ch...
CVE-2026-43130
The CVE-2026-43130 issue affects the Linux kernel iommu/vt-d path, where flushing the dev-IOTLB can occur during resource release in scalable PCIe mode. The root cause is a path that attempted ATS invalidation without adequately verifying whether the PCIe device is still accessible after a link-d...