5 matches found
CVE-2025-21844
CVE-2025-21844 affects the Linux kernel SMB client path. The vulnerability could allow a NULL pointer dereference in the receive_encrypted_standard() path due to missing checks, which could crash the kernel. The fix adds checks for the next_buffer in receive_encrypted_standard() and validates the...
CVE-2024-45019
CVE-2024-45019 affects the Linux kernel component net/mlx5e. The issue involves the required use of the state lock during the tx timeout reporter; a prior change removed the lock to fix another issue, which could risk deadlocks. The patch restores the lock at a later point when calling mlx5e_safe...
CVE-2024-26916
In the Linux kernel, CVE-2024-26916 is tied to the drm/amd gfxoff handling during suspend. Reverting earlier gfxoff flush logic allowed GFXOFF control to be exercised again on suspend, which can trigger SDMA traffic and lead to system deadlocks when suspending from GNOME. The fix is the revert of...
CVE-2024-21803
CVE-2024-21803 is a Use-After-Free vulnerability in the Linux kernel’s Bluetooth code path (af_bluetooth.c) that allows Local code execution . The issue affects kernels from 2.6.12-rc2 up to but not including 6.8-rc1, with the vulnerable component being the Bluetooth modules in the kernel. The ro...
CVE-2024-36281
CVE-2024-36281 affects the Linux kernel net/mlx5/IPsec rules. The vulnerability arises from rx_create and improper mlx5_modify_header_dealloc usage, which could lead to a NULL pointer dereference and an earlier rule-leak when two status rules are populated. The fix switches to mlx5_ipsec_rx_statu...