9 matches found
CVE-2025-21662
CVE-2025-21662: In the Linux kernel, net/mlx5: Fix variable not being completed when function returns. The issue could cause a hang of the issuing task if cmd_alloc_index() fails and cmd_work_handler() does not complete ent->slotted before returning. Affected component is mlx5_core/mlx5e, with...
CVE-2024-42278
CVE-2024-42278: In the Linux kernel ASoC TAS2781 driver, tasdev_load_calibrated_data() had a reversed if condition that could be a no-op or cause a NULL dereference. MiracleLinux AXSA advisory confirms the vulnerability was resolved in the kernel, but the provided materials do not specify a patch...
CVE-2024-38556
CVE-2024-38556 affects the Linux kernel net/mlx5 code. The vulnerability arises from how the command queue semaphore timeout handling can allow an entry to be processed before an index is allocated, risking an out-of-bounds access at idx = -22 if the completion path proceeds without proper synchr...
CVE-2024-47688
CVE-2024-47688 (Linux kernel) involves a potential null-pointer dereference in driver core during module_add_driver() probing for of-fpga-region. If kasprintf() fails, the exit path’s second sysfs_remove_link() could dereference a NULL driver_name because kernfs_name_hash() calls strlen() on NULL...
CVE-2024-40920
CVE-2024-40920 affects the Linux kernel net: bridge: mst component. Root cause: br_mst_set_state was converted to RCU to avoid a VLAN use-after-free, but the vlan group dereference helper was not updated, triggering suspicious RCU usage. The fix switches to the vlan group RCU deref helper to addr...
CVE-2024-40921
CVE-2024-40921 impacts the Linux kernel’s networking stack, specifically the bridge/mst path: the change fixes passing a vlan group pointer to br_mst_vlan_set_state by using the already obtained group rather than dereferencing it again. Root cause is a non-functional dereference path related to a...
CVE-2024-43891
CVE-2024-43891 affects the Linux kernel tracing subsystem. The issue arises in eventfs dynamic event handling where the format file’s i_private pointed directly to the call entry, bypassing the file meta data, allowing a race with EVENT_FILE_FL_FREED. As a result, after the file is freed, reads/o...
CVE-2025-38164
CVE-2025-38164 concerns the Linux kernel F2FS file system. A patch fixes an inconsistency between SIT and SSA during garbage collection by skipping block migration for opened sections in f2fs_gc_range(), preventing a potential crash (Observed as in test scenarios where a filesystem stopped with ‘...
CVE-2026-23233
CVE-2026-23233 covers a Linux kernel f2fs bug where swapfile mapping can go wrong when the first extent is unaligned and the swapfile is small (