6 matches found
CVE-2025-21662
CVE-2025-21662: In the Linux kernel, net/mlx5: Fix variable not being completed when function returns. The issue could cause a hang of the issuing task if cmd_alloc_index() fails and cmd_work_handler() does not complete ent->slotted before returning. Affected component is mlx5_core/mlx5e, with...
CVE-2024-39472
CVE-2024-39472 affects the Linux kernel XFS log recovery path. The issue arises from incorrect h_size handling for the legacy h_size fixup during the initial umount record, where earlier changes to LR header block calculation allowed an out-of-bounds access when h_size didn’t originate from the o...
CVE-2024-38556
CVE-2024-38556 affects the Linux kernel net/mlx5 code. The vulnerability arises from how the command queue semaphore timeout handling can allow an entry to be processed before an index is allocated, risking an out-of-bounds access at idx = -22 if the completion path proceeds without proper synchr...
CVE-2024-40920
CVE-2024-40920 affects the Linux kernel net: bridge: mst component. Root cause: br_mst_set_state was converted to RCU to avoid a VLAN use-after-free, but the vlan group dereference helper was not updated, triggering suspicious RCU usage. The fix switches to the vlan group RCU deref helper to addr...
CVE-2024-40921
CVE-2024-40921 impacts the Linux kernel’s networking stack, specifically the bridge/mst path: the change fixes passing a vlan group pointer to br_mst_vlan_set_state by using the already obtained group rather than dereferencing it again. Root cause is a non-functional dereference path related to a...
CVE-2025-38169
In the Linux kernel (CVE-2025-38169) on arm64 with SME, a thread context switch could clobber the kernel FPSIMD state when restoring a previous kernel FPSIMD state while the CPU is in streaming SVE mode. The bug occurs if fpsimd_thread_switch() calls fpsimd_load_kernel_state() while streaming SVE...