6 matches found
CVE-2025-21887
In CVE-2025-21887, the Linux kernel overlayfs (ovl) had a use-after-free in ovl_dentry_remote/ovl_dentry_update_reval caused by calling dput(upper) before upper is no longer safe to use; the fix moves dput(upper) to after its final use in ovl_link_up, preventing the UAF. The issue is addressed in...
CVE-2024-47689
CVE-2024-47689 affects the Linux kernel (F2FS). The vulnerability stems from f2fs_handle_critical_error() setting SB_RDONLY instead of using the filesystem’s unmount/remount protection, causing a race with freeze/thaw. Root cause: f2fs sets SB_RDONLY in an internal path; remediation proposed/impl...
CVE-2024-48881
CVE-2024-48881 concerns the Linux kernel’s bcache implementation. The issue was a NULL pointer dereference risk in cache_set_flush() caused by a changed check: the code could access c->root when previous registration failed before c->root was allocated. The patch reverts the IS_ERR check to...
CVE-2024-58093
CVE-2024-58093 affects the Linux kernel’s PCI/ASPM link state handling. The issue arises when removing functions on a bus with a PCIe switch/MFD: freeing the ASPM link state either too late (function 0 removed last) or too early (before all subordinate links are gone), leading to use-after-free o...
CVE-2024-56744
Technical details for CVE-2024-56744 are not publicly provided in the supplied documents; no affected products or fixes are confirmed here. Monitor for updates from kernel advisories or vendor bulletins.
CVE-2025-38279
CVE-2025-38279: Linux kernel bpf verifier backtracking bug in __mark_chain_precision (verifier) when handling precise registers; a test demonstrating a r10-related path and a patch that stops including stack ptr in precision backtracking was provided. Affected component: Linux kernel BPF verifier...