9 matches found
CVE-2024-40903
The CVE-2024-40903 issue affects the Linux kernel in the USB Type-C Power Delivery path. Specifically, a use-after-free could occur in tcpm_register_source_caps when new (potentially invalid) source capabilities are advertised, existing source caps are unregistered, and an error occurs in usb_pow...
CVE-2024-56694
CVE-2024-56694 is a Linux kernel vulnerability where a recursive lock in the stream_verdict/VERDICT path can deadlock when a verdict returns SK_PASS, placing the skb back on its own receive queue and triggering a deadlock in the sk_callback_lock path. The root cause is in the bpf: fix recursive l...
CVE-2025-21642
CVE-2025-21642 affects the Linux kernel’s MPTCP subsystem. The issue arises from using current->nsproxy/netns when accessing per-netns data via sysctl entries (net/mptcp/ctrl.c), which can diverge from the netns the table is associated with. The described consequence is a general protection fa...
CVE-2024-36484
CVE-2024-36484 is a Linux kernel vulnerability where the socket acceptance check was relaxed at accept time (net/ipv4/af_inet.c). The issue can arise when a process shuts down a listener before it enters accept, causing the child to reach accept() in FIN_WAIT1 status after the commit “tcp: defer ...
CVE-2024-44959
The CVE-2024-44959 entry concerns the Linux kernel tracefs component. It describes a root cause in the in-kernel memory reclaim path where structure layout randomization of struct inode can cause overlapping or misused RCU fields during freeing, potentially triggering list corruption (list_del) a...
CVE-2025-38400
No additional technical details about CVE-2025-38400 are provided in the connected documents beyond the initial description. Monitor for updates.
CVE-2024-42100
Technical details for CVE-2024-42100 are not provided in the connected documents. The materials reference the CVE but do not specify affected products, versions, root cause, impact, or fixes beyond the initial description; monitor for updates.
CVE-2026-46031
The CVE-2026-46031 entry describes a Linux kernel issue in the ks8851 network driver where a race/deadlock can occur between TX softirq handling and RX processing when BHs are enabled around IRQ handling. The root cause is a potential deadlock: ks8851_irq() holds a spinlock while ks8851_start_xmi...
CVE-2026-23254
CVE-2026-23254 (Linux kernel): The issue affects UDP GRO in the net/ gro path, where the complete stage incorrectly uses the inner network offset when the encapsulation flag is not reliably zeroed by hardware offloads. The root cause is an assumption that all RX-inserted packets have encapsulatio...