7 matches found
CVE-2025-21694
CVE-2025-21694 : Linux kernel vulnerability in fs/proc/__read_vmcore (kdump path). Root cause: second loop in __read_vmcore could still hit softlockups; fix adds cond_resched() to yield in that loop. Impact: softlockups may interfere with RCU memory freeing and cause crashdump stalls in memory-co...
CVE-2024-57949
Summary: CVE-2024-57949 affects the Linux kernel’s irqchip/gic-v3-its path. The vulnerability arises when its_irq_set_vcpu_affinity() is called inside a nested interrupt-disabled region; the prior sequence used raw_spin_lock_irqsave() to disable interrupts, then left a guard that could re-enable ...
CVE-2024-50176
CVE-2024-50176 is tied to the Linux kernel remoteproc k3-r5, where an error path during power-up could violate initialization rules and cause a core mismatch (first core usable, second not), leading to crashes on shutdown. The connected Nessus entry indicates this vulnerable state has not been pa...
CVE-2024-41051
CVE-2024-41051 affects the Linux kernel cachefiles subsystem. When queuing ondemand_object_worker() to reopen an object, cachefiles_object may be freed if the related erofs is unmounted, causing a use-after-free if ondemand_object_worker() runs after object free. The fix requires canceling or wai...
CVE-2024-40993
The CVE-2024-40993 vulnerability affects the Linux kernel, specifically netfilter/ipset. A fix was added to ip_set_dereference() to perform an rcu_dereference_protected() check when destroying all sets, accounting for pernet exit phase (in addition to the userspace destroy path). The issue arose ...
CVE-2025-38154
CVE-2025-38154 affects the Linux kernel sockmap path (bpf/sockmap) where sk->sk_socket can be used after free due to a race with backlog/thread close paths. The description in the connected documents explains that sk_socket is not locked/referenced in the backlog, enabling a race with the rele...
CVE-2026-46106
CVE-2026-46106 concerns the Linux kernel eventfs remount race. The root cause is a race where eventfs_inodes are traversed while remounts are performed, due to mixing rcu_read_lock usage with SRCU and not holding eventfs_mutex during the critical walk. The fix (commit 340f0c7067a9) updates the ev...