13 matches found
CVE-2024-27437
CVE-2024-27437 — Linux kernel (vfio/pci) intrinsic IRQ handling: The issue arises from auto-enabling of exclusive INTx IRQs during masking/unmasking, creating a window where an interrupt could fire and double-increment the disable depth. The fix in the sources inlines the kernel logic to never au...
CVE-2024-26814
CVE-2024-26814 affects the Linux kernel vfio-fsl-mc driver. The eventfd_ctx trigger pointer for vfio_fsl_mc_irq can be NULL and may become NULL if the trigger is set to -1. The interrupt handler itself is guaranteed to have a valid trigger between request_irq() and free_irq(), but loopback tests ...
CVE-2024-26816
CVE-2024-26816 affects the Linux kernel on x86 where, when CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section. Relocations in .notes were previously possible and could leak the KASLR base via /sys/kernel/notes. The fixes instruct the kernel to skip performing relocations in the .n...
CVE-2025-21662
CVE-2025-21662: In the Linux kernel, net/mlx5: Fix variable not being completed when function returns. The issue could cause a hang of the issuing task if cmd_alloc_index() fails and cmd_work_handler() does not complete ent->slotted before returning. Affected component is mlx5_core/mlx5e, with...
CVE-2024-26815
The CVE-2024-26815 entry concerns the Linux kernel taprio qdisc: taprio_parse_tc_entry() fails to validate TCA_TAPRIO_TC_ENTRY_INDEX, allowing negative values to be fed and triggering a UBSAN shift-out-of-bounds in net/sched/sch_taprio.c. The patch fixes the check by ensuring the index is within ...
CVE-2024-57879
CVE-2024-57879 affects the Linux kernel Bluetooth stack (ISO) where the hdev device reference may not be released at the end of iso_listen_bis due to hci_get_route returning while still holding the device. The root cause is not releasing hdev with hci_dev_put on all code paths, including error ex...
CVE-2024-54460
Technical details for CVE-2024-54460 are not present in the provided documents. No affected products, versions, or remediation are disclosed here. Monitor vendor advisories for updates.
CVE-2024-38556
CVE-2024-38556 affects the Linux kernel net/mlx5 code. The vulnerability arises from how the command queue semaphore timeout handling can allow an entry to be processed before an index is allocated, risking an out-of-bounds access at idx = -22 if the completion path proceeds without proper synchr...
CVE-2024-40920
CVE-2024-40920 affects the Linux kernel net: bridge: mst component. Root cause: br_mst_set_state was converted to RCU to avoid a VLAN use-after-free, but the vlan group dereference helper was not updated, triggering suspicious RCU usage. The fix switches to the vlan group RCU deref helper to addr...
CVE-2024-40921
CVE-2024-40921 impacts the Linux kernel’s networking stack, specifically the bridge/mst path: the change fixes passing a vlan group pointer to br_mst_vlan_set_state by using the already obtained group rather than dereferencing it again. Root cause is a non-functional dereference path related to a...
CVE-2024-42150
CVE-2024-42150 concerns the Linux kernel networking driver for Intel Rhine (txgbe). The issue arises when using MSI or INTx interrupts: request_irq() for pdev->irq can conflict with request_threaded_irq() for txgbe->misc.irq, potentially causing a system crash. The fix removes the separate ...
CVE-2024-42112
Summary (CVE-2024-42112): In the Linux kernel, the txgbe driver mishandled isb resource freeing when using MSI/INTx interrupts, risking reads from freed memory. The fix moves wx_free_isb_resources() from txgbe_close() to txgbe_remove() and corrects the isb free action in the txgbe_open() error pa...
CVE-2025-38169
In the Linux kernel (CVE-2025-38169) on arm64 with SME, a thread context switch could clobber the kernel FPSIMD state when restoring a previous kernel FPSIMD state while the CPU is in streaming SVE mode. The bug occurs if fpsimd_thread_switch() calls fpsimd_load_kernel_state() while streaming SVE...