8 matches found
CVE-2024-41055
CVE-2024-41055 : Linux kernel vulnerability in the mm subsystem where a NULL pointer dereference could occur in pfn_section_valid() due to a race with section_deactivate() and an insufficient READ_ONCE() around ms->usage. The fix adds a value check on ms->usage before dereferencing and reli...
CVE-2025-23138
CVE-2025-23138: In the Linux kernel, watch_queue: fix pipe accounting mismatch. watch_queue_set_size() updated charged pipe buffers for user->pipe_bufs but did not update pipe->nr_accounted due to pipe_resize_ring() guard, risking underflow when a pipe is freed and causing failures in too_m...
CVE-2025-23151
CVE-2025-23151 concerns a race in the Linux kernel’s bus: mhi: host path. A client driver quiesces via mhi_unprepare_from_transfer() while data may still be processed, potentially causing a call to mhi_queue_buf() that triggers mhi_gen_tre(). If mhi_gen_tre() runs after the channel teardown, an i...
CVE-2024-45020
Linux kernel CVE-2024-45020 fix: a kernel verifier crash in BPF stacksafe() caused by invalid memory access when evaluating stack slots during sched-ext, mitigated by adding an i >= cur->allocated_stack guard. The issue occurs when cur->allocated_stack > old->allocated_stack, riski...
CVE-2024-35813
CVE-2024-35813 affects the Linux kernel mmc/core component. Root cause: a negative index is used when accessing idatas[i-1] without ensuring i > 0, leading to an out-of-bounds access. The fixed commit adds a proper check to prevent the negative index. The vulnerability’s practical impact is de...
CVE-2025-38060
CVE-2025-38060 – Linux kernel (BPF verifier): The issue arises because copy_verifier_state() does not copy the .loop_entry field, allowing env->cur_state and env->stack to become inconsistent and potentially poison states. The fix requires copying loop_entry in copy_verifier_state() and ens...
CVE-2024-44951
Idea: CVE-2024-44951 affects the Linux kernel’s serial driver for sc16is7xx (TX/RX channel handling).What’s affected: The regression caused by commit 4409df5866b7 that changed EFR locking to operate per channel introduced TX buffer data corruption where data from channel A could be written into c...
CVE-2026-43024
CVE-2026-43024 affects Linux kernel nf_tables/netfilter: nf_queue. The issue is that immediate NF_QUEUE verdicts were emitted and could be misused; upstream patch rejects immediate NF_QUEUE verdicts to fix it. Downstream advisories indicate fixes implemented in kernel updates (e.g., upstream kern...