Lucene search
K
LinuxLinux Kernel6.8.12

13 matches found

CVE
CVE
added 2024/04/05 8:24 a.m.7748 views

CVE-2024-27437

CVE-2024-27437 — Linux kernel (vfio/pci) intrinsic IRQ handling: The issue arises from auto-enabling of exclusive INTx IRQs during masking/unmasking, creating a window where an interrupt could fire and double-increment the disable depth. The fix in the sources inlines the kernel logic to never au...

5.5CVSS6.4AI score0.0024EPSS
CVE
CVE
added 2024/04/05 8:24 a.m.7380 views

CVE-2024-26814

CVE-2024-26814 affects the Linux kernel vfio-fsl-mc driver. The eventfd_ctx trigger pointer for vfio_fsl_mc_irq can be NULL and may become NULL if the trigger is set to -1. The interrupt handler itself is guaranteed to have a valid trigger between request_irq() and free_irq(), but loopback tests ...

5.5CVSS6.3AI score0.00223EPSS
CVE
CVE
added 2024/04/10 1:53 p.m.6283 views

CVE-2024-26816

CVE-2024-26816 affects the Linux kernel on x86 where, when CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section. Relocations in .notes were previously possible and could leak the KASLR base via /sys/kernel/notes. The fixes instruct the kernel to skip performing relocations in the .n...

5.5CVSS5.8AI score0.00307EPSS
CVE
CVE
added 2025/01/21 12:18 p.m.2416 views

CVE-2025-21662

CVE-2025-21662: In the Linux kernel, net/mlx5: Fix variable not being completed when function returns. The issue could cause a hang of the issuing task if cmd_alloc_index() fails and cmd_work_handler() does not complete ent->slotted before returning. Affected component is mlx5_core/mlx5e, with...

5.5CVSS6.8AI score0.00199EPSS
CVE
CVE
added 2024/04/10 11:7 a.m.175 views

CVE-2024-26815

The CVE-2024-26815 entry concerns the Linux kernel taprio qdisc: taprio_parse_tc_entry() fails to validate TCA_TAPRIO_TC_ENTRY_INDEX, allowing negative values to be fed and triggering a UBSAN shift-out-of-bounds in net/sched/sch_taprio.c. The patch fixes the check by ensuring the index is within ...

5.5CVSS6.4AI score0.00272EPSS
CVE
CVE
added 2025/01/11 3:5 p.m.170 views

CVE-2024-57879

CVE-2024-57879 affects the Linux kernel Bluetooth stack (ISO) where the hdev device reference may not be released at the end of iso_listen_bis due to hci_get_route returning while still holding the device. The root cause is not releasing hdev with hci_dev_put on all code paths, including error ex...

5.5CVSS6.6AI score0.00175EPSS
CVE
CVE
added 2025/01/11 12:29 p.m.158 views

CVE-2024-54460

Technical details for CVE-2024-54460 are not present in the provided documents. No affected products, versions, or remediation are disclosed here. Monitor vendor advisories for updates.

5.5CVSS6.5AI score0.00133EPSS
CVE
CVE
added 2024/06/19 1:35 p.m.127 views

CVE-2024-38556

CVE-2024-38556 affects the Linux kernel net/mlx5 code. The vulnerability arises from how the command queue semaphore timeout handling can allow an entry to be processed before an index is allocated, risking an out-of-bounds access at idx = -22 if the completion path proceeds without proper synchr...

7.8CVSS6.7AI score0.00259EPSS
CVE
CVE
added 2024/07/12 12:25 p.m.107 views

CVE-2024-40920

CVE-2024-40920 affects the Linux kernel net: bridge: mst component. Root cause: br_mst_set_state was converted to RCU to avoid a VLAN use-after-free, but the vlan group dereference helper was not updated, triggering suspicious RCU usage. The fix switches to the vlan group RCU deref helper to addr...

7.8CVSS6.5AI score0.00291EPSS
CVE
CVE
added 2024/07/12 12:25 p.m.105 views

CVE-2024-40921

CVE-2024-40921 impacts the Linux kernel’s networking stack, specifically the bridge/mst path: the change fixes passing a vlan group pointer to br_mst_vlan_set_state by using the already obtained group rather than dereferencing it again. Root cause is a non-functional dereference path related to a...

5.5CVSS6.5AI score0.00288EPSS
CVE
CVE
added 2024/07/30 7:46 a.m.74 views

CVE-2024-42150

CVE-2024-42150 concerns the Linux kernel networking driver for Intel Rhine (txgbe). The issue arises when using MSI or INTx interrupts: request_irq() for pdev->irq can conflict with request_threaded_irq() for txgbe->misc.irq, potentially causing a system crash. The fix removes the separate ...

5.5CVSS6.6AI score0.00183EPSS
CVE
CVE
added 2024/07/30 7:46 a.m.65 views

CVE-2024-42112

Summary (CVE-2024-42112): In the Linux kernel, the txgbe driver mishandled isb resource freeing when using MSI/INTx interrupts, risking reads from freed memory. The fix moves wx_free_isb_resources() from txgbe_close() to txgbe_remove() and corrects the isb free action in the txgbe_open() error pa...

7.8CVSS6.5AI score0.00233EPSS
CVE
CVE
added 2025/07/03 8:36 a.m.50 views

CVE-2025-38169

In the Linux kernel (CVE-2025-38169) on arm64 with SME, a thread context switch could clobber the kernel FPSIMD state when restoring a previous kernel FPSIMD state while the CPU is in streaming SVE mode. The bug occurs if fpsimd_thread_switch() calls fpsimd_load_kernel_state() while streaming SVE...

5.5CVSS7.1AI score0.00136EPSS