14 matches found
CVE-2024-26925
CVE-2024-26925 affects the Linux kernel nf_tables component. The issue arises when the commit mutex is released during the abort path between nft_gc_seq_begin() and nft_gc_seq_end(), allowing an asynchronous GC worker to collect expired objects and obtain the released commit lock within the same ...
CVE-2024-36028
CVE-2024-36028: Linux kernel mm/hugetlb vulnerability fixed. The issue caused DEBUG_LOCKS_WARN_ON(1) during dissolve_free_hugetlb_folio(), leading to a kernel warning and panic. Connected sources attribute the root cause to a field packing problem where folio.deferred is unioned with folio._huget...
CVE-2024-27414
CVE-2024-27414 affects the Linux kernel. The issue was in rtnetlink: the error handling logic when writing back IFLA_BRIDGE_FLAGS could use a broken pointer due to the loop modification that checked IFLA_BRIDGE_MODE length and removed a break. This caused the code path to select the last NLA, pot...
CVE-2024-35911
CVE-2024-35911 (Linux kernel, ice driver) : Addresses a memory-corruption panic in the ice NIC driver during suspend/rebuild. The issue occurred because, after reset, code referenced num_q_vectors before it was safely reinitialized by ice_vsi_cfg_def(), which could lead to a zero-length buffer al...
CVE-2025-22115
CVE-2025-22115 : In the Linux kernel’s Btrfs subsystem, a race in block group refcount during two‑phase block group creation could lead to a broken refcount state and use‑after‑free conditions during transaction cleanup. The issue arises when a block group is added to space_info and later still i...
CVE-2024-58077
CVE-2024-58077 affects the Linux kernel ASoC: soc-pcm path. The root cause is invoking soc_pcm_ret() on the .prepare callback, which previously ignored -EINVAL to avoid user-space DoS via logs. The fix changes behavior to stop using soc_pcm_ret() in the .prepare callback, addressing the invalid-p...
CVE-2026-23334
The CVE-2026-23334 issue affects the Linux kernel in the can: usb: f81604 path, where interrupt URBs of incorrect length could be misinterpreted as valid data. The vulnerability is addressed by upstream kernel fixes, and Mageia advisories reference kernel version 6.6.130 as the fixing baseline, w...
CVE-2025-38311
CVE-2025-38311 affects the Linux kernel iavf driver. Root cause: removal of the crit_lock to avoid error-prone try_locks, replacing it with netdev_lock in most cases. This change aims to fix deadlock scenarios observed during VF removal by canceling work without netdev_lock and by expanding the p...
CVE-2026-23244
CVE-2026-23244 affects the Linux kernel and stems from nvme_pr_read_keys() allocating memory based on a user-supplied num_keys value. The code uses num_keys to determine the rse allocation size up to an upper limit PR_KEYS_MAX (64K). A malicious or buggy userspace input can cause a kzalloc-based ...
CVE-2025-71107
CVE-2025-71107: In Linux kernel F2FS, a race allows f2fs_put_super() to run before all node-page reads complete, causing an apparent filesystem reference-count leak during unmount (kernel.c fs/f2fs/super.c:1939). Mitigation: upstream patch adds f2fs_wait_on_all_pages() for F2FS_RD_NODE to ensure ...
CVE-2026-45954
CVE-2026-45954 concerns the Linux kernel fbdev driver (au1200fb). The issue arises when au1200fb_drv_probe fails at platform_get_irq: it returns an error without freeing allocated memory, causing a memory leak. A patch adds proper cleanup via a goto label to release resources. Red Hat notes the f...
CVE-2023-53526
CVE-2023-53526 (Linux kernel) fixes a jbd2 checkpoint removal race in ext4 by adding a check for jh->b_transaction before removing a journal handle from the checkpoint list. The issue could cause corruption of an ext4 image during power loss if trans2 commits before trans1; in particular, __jb...
CVE-2026-23347
CVE-2026-23347 : Linux kernel vulnerability where the read bulk callback in the USB can driver (f81604) failed to anchor the urb before submitting in the anchor pattern. This could lead to urb leakage if usb_kill_anchored_urbs() is invoked. The issue is addressed by anchoring the urb in the read ...
CVE-2026-23246
CVE-2026-23246 affects the Linux kernel wifi mac80211 bounds-check in the ML Reconfiguration path. The issue arises from linking link_id (0-15) to the link_removal_timeout array (size 15), allowing an out-of-bounds write when link_id equals 15. The advisories state to skip subelements with link_i...