6 matches found
CVE-2024-49977
The CVE-2024-49977 entry concerns a Linux kernel vulnerability in the net: stmmac pathway where port_transmit_rate_kbps could be set to 0, passed to div_s64 when tc-cbs is disabled, causing a zero-division error. The connected Astra Linux and CIRCL sources reproduce the same description and fix d...
CVE-2024-50186
CVE-2024-50186 : Linux kernel vulnerability in net: explicitly clear the sk pointer when pf->create fails. Root cause: some pf->create implementations do not NULL the freed sk object in error paths, leaving a dangling pointer and enabling Use-After-Free. Fix: explicitly NULL the sk pointer ...
CVE-2024-42272
The connected IBM Security Bulletin confirms CVE-2024-42272 as a Linux kernel issue fixed in sched: act_ct. The root cause was the padding in zones_ht_key after a patch widened the rhashtable key from 2 to 16 bytes; rhashtable_lookup() could read uninitialized padding bytes. The fix ensures paddi...
CVE-2025-23160
CVE-2025-23160 affects the Linux kernel on Mediatek platforms with a system companion processor (SCP). The issue is a resource leak in the Media subsystem (vcodec) during firmware initialization when the mtk_scp structure is not properly freed, leading to a leak if firmware initialization allocat...
CVE-2024-42103
CVE-2024-42103 applies to the Linux kernel BTRFS subsystem. The issue arises in the reclaim path for block groups: during btrfs_reclaim_bgs_work, a block group removed from the reclaim list can be added in parallel to the unused list, which may then be moved to the reclaim list again and corrupt ...
CVE-2024-41052
CVE-2024-41052 : In the Linux kernel, the VFIO PCI subsystem misused an uninitialized local variable named count during collection of hot-reset devices, causing device-counting mistakes and possible userspace crashes when invoking the hot‑reset info path. The issue has been resolved by initializi...