24 matches found
CVE-2025-38350
CVE-2025-38350 affects the Linux kernel net/sched HFSC and other classful qdiscs. The issue arises when a child qdisc becomes empty during enqueue/dequeue interactions, potentially leading to a use-after-free on stale class pointers after backlog/backlog accounting. The known fix changes the back...
CVE-2025-38151
Technical details about CVE-2025-38151 are not publicly provided in the supplied documents; no explicit information on affected kernel versions, root cause, impact, or patch is included. Monitor for updates.
CVE-2025-38451
CVE-2025-38451 affects the Linux kernel’s md/md-bitmap code. The issue caused a GPF in bitmap_get_stats() when handling external or internal bitmaps due to missing super-block validation. The fix adds a super-block existence check for both internal and external cases, preventing the non-canonical...
CVE-2025-38273
CVE-2025-38273 corresponds to a Linux kernel fix for a refcount warning in net/tipc: tipc_aead_encrypt, reported when get_net() could be called on a destroying network namespace. The patch replaces get_net() with maybe_get_net(), which checks the refcount and returns -ENODEV if the namespace is b...
CVE-2026-46124
CVE-2026-46124 affects the Linux kernel isofs filesystem. The vulnerability arises because isofs_fh_to_dentry/isofs_fh_to_parent pass an attacker-controlled block number from an NFS file handle to isofs_export_iget(), which only rejects block == 0 before calling isofs_iget and sb_bread. A crafted...
CVE-2025-38195
CVE-2025-38195 concerns the Linux kernel LoongArch code, where a NULL-PMD handling path in huge_pte_offset() could trigger a kernel-panic when processing huge pages, as shown by the error trace and mitigation notes. The issue affects the kernel’s page fault / madvise pathways, with a local attack...
CVE-2025-38325
The CVE-2025-38325 entry covers a Linux kernel issue in the ksmbd subsystem. The vulnerability arises because the free_transport function for a TCP connection could be invoked via the smbdirect path, potentially triggering a kernel oops. The published patch adds free_transport ops to the ksmbd co...
CVE-2025-38308
CVE-2025-38308 affects the Linux kernel ASoC Intel AVS path during hardware initialization. The root cause is a potential null pointer dereference in avs_dai_find_path_template(); the fix drops the search since the template is already known when avs_hw_constraints_init() fires. Affected/impacted:...
CVE-2025-39871
CVE-2025-39871 relates to the Linux kernel dmaengine idxd driver. The fix removes an improper idxd_free() call that could trigger a duplicate put_device() leading to refcount underflow and a use-after-free during module unload. The issue arises in idxd_remove() and during module exit when CONFIG_...
CVE-2025-38224
CVE-2025-38224 concerns the Linux kernel’s can: kvaser_pciefd driver where echo_skb_max was defined as 17 (KVASER_PCIEFD_CAN_TX_MAX_COUNT) but later rounded to the next power of two (32). This caused potential slab-out-of-bounds in kvaser_pciefd_handle_ack_packet() when computing tx/rx indices, l...
CVE-2026-43376
CVE-2026-43376 affects ksmbd in the Linux kernel. The vulnerability arises from freeing oplock_info with kfree() while it can still be accessed under RCU read-side critical sections (e.g., opinfo_get), allowing a use-after-free. The fixes across connected reports switch to deferred freeing via ca...
CVE-2025-38522
CVE-2025-38522 fixes a Linux kernel issue in sched/ext where update_locked_rq() could be called with a NULL runqueue (rq). The patch ensures update_locked_rq() is invoked only when rq is non-NULL, preventing unsafe __this_cpu_write() usage in preemptible contexts. The vulnerability description no...
CVE-2026-23192
Summary (CVE-2026-23192) : This is a use-after-free in the Linux kernel’s linkwatch subsystem. When a network device is deleted while linkwatch events are pending, the device reference may be freed prematurely (in linkwatch_do_dev), allowing __linkwatch_run_queue to access a freed device. The fix...
CVE-2025-39870
Mode C: The CVE-2025-39870 is a Linux kernel vulnerability in dmaengine: idxd, where a double free could occur in idxd_setup_wqs() due to error handling paths (conf_dev uninitialized when max_wqs
CVE-2025-39733
CVE-2025-39733 affects the Linux kernel where the issue centers on protecting the team network device. The root cause is ordering issues with lower instance locks and the team lock; the fix switches to using the rtnl lock (as done for bonding) to guard the team device, based on a patch by Tetsuo ...
CVE-2026-46061
Summary: CVE-2026-46061 is a Linux kernel issue in jbd2/journal handling that can cause an ABBA deadlock when filesystem blocksize is smaller than pagesize. The root cause is a lock-order conflict introduced by switching to __find_get_block_nonatomic() which can hold folio and buffer locks in the...
CVE-2026-31475
In CVE-2026-31475, the Linux kernel ASoC sma1307 component had a double-free issue: mode_set entries allocated with devm_kzalloc() were (incorrectly) freed with kfree() in an error path. The remedy documented across multiple sources is to drop the manual kfree() loop and rely on device resource m...
CVE-2026-43102
CVE-2026-43102 affects the Linux kernel net/airoha driver: a memory leak in the airoha_qdma_rx_process() when processing subsequent buffers in the non-linear skb portion. If an error occurs, the page_pool fragment may fail to be linked back to the skb, preventing it from being returned to the poo...
CVE-2026-43286
The CVE-2026-43286 entry is resolved in the Linux kernel’s hugetlb subsystem (mm/hugetlb). A fix for an underflow in hstate->resv_huge_pages was introduced by commit a833a693a490 to correct fallback behavior for subpools, but it created a new issue where the subpool’s used_hpages could remain ...
CVE-2026-23362
CVE-2026-23362 affects the Linux kernel component can/bcm locking during bcm_op runtime updates (bcm_tx_setup/bcm_rx_setup). Connected OSV records show Root (rootio-linux) has patched this CVE in Root:Debian:11/12/13 with multiple fixed versions across Debian/Ubuntu and Mageia advisories, indicat...
CVE-2025-71128
CVE-2025-71128 is a Linux kernel vulnerability affecting GRE ERSPAN processing. The issue stems from the ip_tunnel_info structure’s flexible array member options, protected by a count options_len, where the counter must be initialized before first referencing options. The GRE ERSPAN code performe...
CVE-2025-71142
CVE-2025-71142 : In the Linux kernel, a warning is triggered when disabling a remote cpuset partition under certain CPU-hotplug scenarios, due to an incorrect relationship between effective_xcpus and subpartitions_cpus. The fix per the advisory and related documents changes the warning logic to o...
CVE-2026-31571
The CVE-2026-31571 entry concerns the Linux kernel DRM/I915: unlink_nv12_plane() could clobber plane state after plane_atomic_check() when a Y-plane is repurposed as a normal plane. The fix is to unlink the NV12 planes before computing the new plane state, preventing the race condition that could...
CVE-2026-31501
The CVE-2026-31501 issue affects the Linux kernel net: ti: icssg-prueth driver and is a use-after-free in the RX path. cpp i5_hdesc_get_psdata() returns a pointer into the CPPI descriptor, and the descriptor is freed via k3_cppi_desc_pool_free() before psdata[0]/psdata[1] are used by emac_rx_time...