7 matches found
CVE-2024-49982
CVE-2024-49982 concerns the AoE (ATA over Ethernet) driver in the Linux kernel. The vulnerability stems from improper refcount handling of the net_device during packet transmission, leading to potential use-after-free scenarios. The fix, described in the cited CVE notes, consolidates a safer patt...
CVE-2025-37799
CVE-2025-37799 : Linux kernel vmxnet3 driver XDP handling is fixed for malformed packet sizing in vmxnet3_process_xdp. The issue caused MTU-related connectivity problems when using XDP load balancing with IPIP encapsulation, where some packets (e.g., HTTP GET) could be oversized and, in rare case...
CVE-2024-47712
CVE-2024-47712: In the Linux kernel, a RCU usage issue in wifi/wilc1000 was fixed. In wilc_parse_join_bss_param, the code accessed the ies TSF field after the RCU read-side section, which is illegal. The TSF value is now stored in a local variable (ies_tsf) before releasing the RCU lock, and para...
CVE-2024-44941
CVE-2024-44941 relates to the Linux kernel's f2fs file system. The issue arises when the extent cache lock is not held during access to the largest extent entry, allowing a race that could lead to a use-after-free condition in sanity_check_extent_cache() during inode read paths. The documented ch...
CVE-2025-37863
CVE-2025-37863 affects the Linux kernel overlayfs (ovl). The issue arises when a data-only layer is pointed to by an upper layer, something not currently used but previously allowed only via the datadir+ feature, which could trigger an Oops. The documented fix disables datadir without a lowerdir,...
CVE-2026-31714
The CVE-2026-31714 issue affects the Linux kernel F2FS component, where a memory leak occurs in f2fs_rename() due to an unpaired call to f2fs_free_filename() after f2fs_setup_filename() was added in commit 40b2d55e0452. Exploitation details are local (AV:L/AC:L) with a high availability impact (A...
CVE-2026-43130
The CVE-2026-43130 issue affects the Linux kernel iommu/vt-d path, where flushing the dev-IOTLB can occur during resource release in scalable PCIe mode. The root cause is a path that attempted ATS invalidation without adequately verifying whether the PCIe device is still accessible after a link-d...