12 matches found
CVE-2024-27032
CVE-2024-27032 affects the Linux kernel f2fs subsystem. During recovery, if FAULT_BLOCK is enabled, f2fs_reserve_new_block() may return -ENOSPC, potentially causing a kernel panic. Additionally, with fault-injection rate 1 and only FAULT_BLOCK enabled, a deadloop in block reservation may occur. T...
CVE-2024-25739
CVE-2024-25739 affects Linux kernel up to 6.7.4, where create_empty_lvol in drivers/mtd/ubi/vtbl.c may allocate zero bytes due to a missing check for ubi->leb_size, causing a crash (local, to crash an attacker-controlled workload). The issue is mapped to the ubi/VTBL path in the kernel; a fix ...
CVE-2024-35824
No public technical details are provided in the connected documents for CVE-2024-35824; monitor for updates.
CVE-2024-25741
The CVE-2024-25741 issue affects the Linux kernel component printer_write in drivers/usb/gadget/function/f_printer.c (up to kernel 6.7.4). It states that usb_ep_queue is not called properly, which may allow a local attacker to cause a denial of service or other unspecified impact. The connected O...
CVE-2024-25740
CVE-2024-25740 describes a memory leak in the Linux kernel UBI driver (drivers/mtd/ubi/attach.c) up to version 6.7.4 for UBI_IOCATT, where kobj->name is not released. The issue affects the kernel code path used to attach UBI devices and is documented with an impact of high on availability. Con...
CVE-2024-27400
CVE-2024-27400 affects the Linux kernel: drm/amdgpu, specifically amdgpu_ttm_move(). The issue is with move/ notification ordering—notifications must be sent before the actual move so DMA-buf and VM move notifications have the correct order; after a move, the old location becomes unavailable. The...
CVE-2024-42273
CVE-2024-42273 is a Linux kernel vulnerability affecting f2fs where CURSEG_ALL_DATA_ATGC is incorrectly assigned to COMPR_ADDR when the page is GC’d with gcing flag, causing a kernel BUG at fs/f2fs/segment.c:3589 during writeback. The scenario involves creating a small file on a compressed f2fs f...
CVE-2024-43851
CVE-2024-43851 summary (Linux kernel) The issue affects Linux kernel code for the Xilinx SoC path (soc: xilinx). The root cause is the per-CPU variable cpu_number1 being passed to xlnx_event_handler as the argument dev_id, but not used by that function; a patch renames cpu_number1 to dummy_cpu_nu...
CVE-2024-36963
CVE-2024-36963 affects the Linux kernel tracefs feature. The issue arises from how permissions are generated for tracefs files: they default to the root inode’s permissions unless the user changes them, and a remount with permissions should update all files, but currently leaves unchanged files t...
CVE-2024-35968
CVE-2024-35968 concerns the Linux kernel driver path in the pds_core module. The issue arises when fw_status == 0xff and the driver attempts a PCI reset via pci_reset_function() from the health thread, which can deadlock because pdsc_stop_health_thread() tries to stop/flush that thread. The publi...
CVE-2026-23003
CVE-2026-23003 : In the Linux kernel’s IPv6 tunnel receive path (ip6_tunnel, __ip6_tnl_rcv), VLAN encapsulations were not handled correctly due to a failed VLAN-aware pull in the decapsulation path. The fix substitutes skb_vlan_inet_prepare() for pskb_inet_may_pull() to properly accommodate VLAN-...
CVE-2026-53291
CVE-2026-53291 affects the Linux kernel ALSA hda/conexant driver. The root cause is the ignored return value from snd_hda_jack_detect_enable_callback() in cx_probe(); if the call fails, an error pointer is returned and not checked, potentially leading to a crash when jack events are handled. The ...