6 matches found
CVE-2024-26864
In CVE-2024-26864, the Linux kernel TCP path is affected by incorrect refcnt handling in __inet_hash_connect, tied to an issue reported by syzbot in sk_nulls_del_node_init_rcu. The referenced commit content explains that a prior fix intended to unhash sockets from ehash after tb2 allocation failu...
CVE-2024-35815
CVE-2024-35815: In the Linux kernel, a vulnerability in fs/aio arose because the first kiocb_set_cancel_fn() argument could point to a struct kiocb not embedded in struct aio_kiocb, causing req->ki_ctx to be read around the IOCB_AIO_RW test depending on compiler behavior. The fix guarantees th...
CVE-2025-21986
CVE-2025-21986 affects the Linux kernel net: switchdev notification path. The root cause is a blocking notification chain that uses a read-write semaphore to protect the chain, which allows recursive notifications to cause the semaphore to be acquired twice for reading. In certain bridge/offload ...
CVE-2024-26860
CVE-2024-26860: In the Linux kernel, the dm‑integrity path leaked memory for the checksums pointer if the data was rechecked after a checksum failure (due to the goto skip_io path). The fix frees the checksums memory before rechecking and uses the checksum_onstack buffer for storing the checksum ...
CVE-2024-26781
CVE-2024-26781: In the Linux kernel, a deadlock could occur in Multipath TCP (mptcp) subflow diagnostic code due to a circular locking dependency reported by Syzbot/Eric. The issue involves tcp_diag and related subflow diagnostic paths (tcp_diag_put_ulp, tcp_diag_get_aux, inet_diag_dump_icsk) and...
CVE-2024-41018
The CVE-2024-41018 detail is supported by the connected Tencent/TSSA advisory: it concerns the Linux kernel NTFS3 driver (fs/ntfs3) and a bounds check regression. The fix adds an attr_names/oatbl validation and out-of-bounds protection for ATTR_NAME_ENTRY to prevent invalid memory access. In prac...