18 matches found
CVE-2024-26626
CVE-2024-26626 affects the Linux kernel and concerns a multicast route handling bug in ip_mr_forward that could cause a kernel panic via a NULL pointer dereference when forwarding multicast packets. The provided stacktrace and code reference ipmr.c:1985 document the root cause in ip_mr_forward, w...
CVE-2023-52471
CVE-2023-52471 affects the Linux kernel component ice, involving NULL pointer dereferences in ice_ptp.c and a NULL pointer return risk in devm_kasprintf(). The issue is addressed by a kernel fix (see stable kernel references); exploitation details are not provided in the documents. Remediation is...
CVE-2026-22998
CVE-2026-22998 affects the Linux kernel’s NVMe over Fabrics NVMe-TCP path. The issue is a NULL pointer dereference in nvmet_tcp_build_pdu_iovec triggered by H2C_DATA PDUs when command data structures are uninitialized or partially initialized. Specifically, nvmet_tcp_handle_h2c_data_pdu() could p...
CVE-2024-35905
CVE-2024-35905 is a Linux kernel issue where a patch re-introduced protection against negative stack-access sizes in BPF code. The fix guards against out-of-bounds accesses in check_stack_range_initialized() when an access size can overflow its signed int representation. The vulnerability was mit...
CVE-2024-27023
In CVE-2024-27023, the Linux kernel md subsystem (md) had a flaw where active_io was not released when flush_pending fell to zero, causing mddev_suspend() to wait forever. The fix releases active_io in submit_flushes() as soon as flush_pending transitions to zero, preventing the hang. The descrip...
CVE-2024-24859
CVE-2024-24859: A race condition in Linux kernel Bluetooth code (net/bluetooth sniff_min_interval_set and sniff_max_interval_set) can trigger a bluetooth sniffing exception and potential DoS. The connected Nessus/Azure Unity Unity Linux entries confirm this CVE across multiple distributions, but ...
CVE-2024-41000
CVE-2024-41000 : Linux kernel: block/ioctl: prefer different overflow check. UBSAN signed-overflow triggered by overflow in signed arithmetic during ioctl handling; fixed by reworking the overflow check to avoid performing an actual overflow in the check itself. The issue is linked to reintroduci...
CVE-2024-24861
CVE-2024-24861 affects the Linux kernel xc4000 media driver (xc4000_get_frequency) with a race condition that can cause a return-value overflow, potentially leading to malfunction or denial of service. Data from multiple sources confirms the issue originates in the xc4000 driver and is tied to Li...
CVE-2026-23270
CVE-2026-23270 pertains to the Linux kernel net/sched subsystem. The fix restricts the use of TC action act_ct to only bind to clsact/ingress qdiscs and shared blocks, preventing its use on the egress path. The change addresses a scenario where classify could return TC_ACT_CONSUMED while the skb ...
CVE-2025-21826
CVE-2025-21826 affects the Linux kernel nf_tables: a mismatch between field_len-derived key field lengths and the total set key length can be rejected, allowing mismatched values to slip through due to register-based arithmetic. The issue has been resolved in the Linux kernel; the provided source...
CVE-2024-26710
CVE-2024-26710 affects the Linux kernel on PowerPC with KASAN. The issue was that KASAN’s thread stack size increase was doubled, which could push a 32KB stack to 64KB and trigger build errors (arch/powerpc/kernel/switch.S). The resolved approach limits the stack size increase to cases where the ...
CVE-2024-24860
CVE-2024-24860 : A race condition in the Linux kernel Bluetooth device driver, in the functions {min,max}_key_size_set(), can cause a NULL pointer dereference and potentially kernel panic or denial of service. Affected component: Linux kernel Bluetooth subsystem. Exploitation status and remediati...
CVE-2024-35826
CVE-2024-35826 — Linux kernel: fix page refcounts for unaligned buffers in __bio_release_pages(). This patch corrects the number of pages released for buffers that do not start at the beginning of a page, addressing a vulnerability in block I/O handling. Impact, as described in the FP: local acce...
CVE-2024-24864
Technical details about CVE-2024-24864 are not provided in the supplied connected documents. Monitor for updates and forthcoming disclosures.
CVE-2025-38098
CVE-2025-38098 affects the Linux kernel’s DRM/AMD display path. The vulnerability stems from improper handling of a wb (writeback) connector and an amdgpu_dmConnector, where dereferencing aconnector->base could lead to unintended behavior. The issue is localized (requires local access) and the...
CVE-2026-23229
CVE-2026-23229 is a Linux kernel vulnerability in virtio-crypto where missing spinlock protection around virtqueue done notifications can cause hangs (e.g., openssl speed benchmark with multi-process workloads). Root cause: data virtqueue handling without spinlock protection in virtcrypto_done_ta...
CVE-2026-46136
CVE-2026-46136 affects the Linux kernel wifi driver mt7921 (mt76) where a buf_len underflow in the country power setting retrieval can occur after changes to the CLC power table. This underflow may cause an almost infinite loop or an invalid power setting, leading to driver initialization failure...
CVE-2026-43332
In the Linux kernel thermal subsystem, CVE-2026-43332 affects the thermal_zone_device_register_with_trips() error path. The root cause is a missing wait_for_completion() after registering a thermal zone device, which can allow the thermal zone object to be freed prematurely if user space holds a ...