4333 matches found
CVE-2023-52923
CVE-2023-52923 — Linux kernel netfilter nf_tables GC transaction API fix . The issue concerns the nf_tables set backend in the Linux kernel, where the GC transaction API replaces the old GC and busy-mark approach. The patch changes: sets the _DEAD bit to hide removed elements instead of removing ...
CVE-2025-21659
CVE-2025-21659 relates to the Linux kernel where the netdev subsystem previously allowed NAPI instances to be accessed across different network namespaces. The underlying issue was that NAPI IDs were not fully namespace-aware before the netlink API, allowing potential cross-namespace exposure of ...
CVE-2025-21664
CVE-2025-21664 affects the Linux kernel’s device-mapper thin provisioning path (dm-thin). The issue arises from get_first_thin using a sequence of RCU-safe list operations (list_empty_rcu() followed by list_first()) that perform separate READ_ONCE()s of the list head, which can yield inconsistent...
CVE-2025-21678
CVE-2025-21678 affects the Linux kernel gtp driver. The root cause was in gtp_newlink(), which linked a created UDP tunnel device to the wrong netns (dev_net instead of src_net). This caused the gtp device to remain in the wrong namespace even after the source namespace was deleted, leading to a ...
CVE-2025-21653
CVE-2025-21653 affects the Linux kernel net_sched flow classifier (net/sched/cls_flow.c). The vulnerability was due to missing validation of TCA_FLOW_RSHIFT, which could trigger undefined behavior (UB) and a shift-out-of-bounds on large 32-bit shifts, as shown by UBSAN. Connected advisories (Astr...
CVE-2025-21668
CVE-2025-21668 (Linux kernel) : A missing loop break in the imx8mp_blk_ctrl_remove path (imx8mp_blk_ctrl) allows the for loop to run out of bounds, potentially affecting system shutdown/reboot flows. The vulnerability is tied to the imx8mp domain handling in dev_pm_domain_detach during platform s...
CVE-2025-21655
CVE-2025-21655 affects the Linux kernel io_uring/eventfd path. The root cause is that io_eventfd_do_signal() frees an io_ev_fd immediately when the refcount drops to zero, instead of deferring to a subsequent RCU grace period. The fix defers freeing by calling io_eventfd_put() (replacing the inli...
CVE-2025-21702
The CVE CVE-2025-21702 concerns a bug in Linux kernel pfifo_tail_enqueue where, when sch->limit == 0, a path can cause qlen to be increased to one even if a preceding drop would have kept it at zero. This leads to a mismatch where a parent qlen no longer equals the sum of its children’s qlen, ...
CVE-2025-21660
Technical details for CVE-2025-21660 are not provided in the supplied documents. No affected products, root cause, or remediation are disclosed here; monitor for updates from official advisories.
CVE-2025-21648
CVE-2025-21648 affects the Linux kernel netfilter conntrack code. The vulnerability arises from the hashtable resize path where the maximum size could exceed practical limits, risking a WARN_ON_ONCE in __kvmalloc_node_noprof() when __GFP_NOWARN is unset. The fix clamps the conntrack hashtable siz...
CVE-2024-57800
CVE-2024-57800 affects the Linux kernel in ALSA memalloc handling. When DMA API debugging is enabled, it may warn about a device driver failing to check a DMA address map, e.g. device address 0x00000000ffff0000, due to explicit address checks instead of using dma_mapping_error(). The documented f...
CVE-2024-57888
Technical details for CVE-2024-57888 are not publicly available in the provided documents. Monitor vendor advisories and kernel commit references for remediation context and updates.
CVE-2025-21647
The CVE-2025-21647 vulnerability affects the Linux kernel’s sched: sch_cake path, where an underflow in per-host bulk flow counters could cause out-of-bounds memory access. A fix adds bounds-checking around all accesses to per-host bulk flow counters via helper functions, moving flow mode checks ...
CVE-2025-21704
CVE-2025-21704 affects the Linux kernel USB CDC-ACM (cdc_acm) path. The root cause is improper handling of fragmented control transfers: if the first fragment is smaller than struct usb_cdc_notification, computing expected_size can underflow as fragments arrive, leading to memory corruption when ...
CVE-2024-56788
CVE-2024-56788 concerns the Linux kernel’s net: ethernet oa_tc6 implementation. The vulnerability is a race between two skb pointers used for TX: ongoing_tx_skb (being processed) and waiting_tx_skb (queued). The SPI thread moves data from ongoing_tx_skb to the next TX, then may assign NULL to ong...
CVE-2024-57893
CVE-2024-57893 : Linux kernel ALSA: seq: oss — race in SysEx message processing can cause out-of-bounds access. Connected docs confirm the issue and state a mutex-based serialization fix was introduced to protect SysEx packets in the OSS sequencer, effectively addressing the race between 6-byte S...
CVE-2025-21662
CVE-2025-21662: In the Linux kernel, net/mlx5: Fix variable not being completed when function returns. The issue could cause a hang of the issuing task if cmd_alloc_index() fails and cmd_work_handler() does not complete ent->slotted before returning. Affected component is mlx5_core/mlx5e, with...
CVE-2025-21701
CVE-2025-21701 : In the Linux kernel, a race existed between device unregistration and ethnl operations (ethnl_set_channels, ethtool checks) that could occur when a network device is being unregistered while its channels are modified. The issue arose because unregister_netdevice_many_notify could...
CVE-2024-53690
CVE-2024-53690 (Linux kernel) describes a nilfs2 inode handling flaw where a deleted inode could be mis-reused, leading to inode duplication and i_nlink underflow during rmdir. The fix involves guarding against deleted inodes by verifying i_nlink in nilfs_iget() and reclaiming the inode when its ...
CVE-2024-53685
CVE-2024-53685 concerns the Linux kernel Ceph path construction: when the full path built by ceph_mdsc_build_path() exceeds PATH_MAX, the function enters an endless retry loop, effectively DoS-ing the system. The description notes the fix is to remove the retry and fail with ENAMETOOLONG instead,...
CVE-2025-21646
Technical details about CVE-2025-21646 are not provided in the supplied documents. Monitor vendor advisories for affected products, impact, and fixes.
CVE-2024-57948
Summary (CVE-2024-57948) : In the Linux kernel, the mac802154 subsystem had a vulnerability where, during removal of an IEEE 802.15.4 network interface, a list-del operation could run on a stale sdata entry if local interfaces had not been validated first. This could allow a corrupted list path t...
CVE-2024-55881
CVE-2024-55881 : In the Linux kernel, KVM for x86 had a fix to correctly detect 64‑bit hypercalls during complete_hypercall_exit() for guests with protected state (e.g., SEV-ES/SEV-SNP). The change replaces is_64_bit_mode() with is_64_bit_hypercall() to determine 64‑bit mode when the vCPU state n...
CVE-2024-41935
CVE-2024-41935 (Linux kernel, f2fs) : The issue concerns the f2fs extent tree shrink operation. The patch changes the shrink process to operate on read extent nodes in batches, reducing the time a core rwlock is held and preventing potential kernel hangs when the extent tree contains a large numb...
CVE-2024-57931
CVE-2024-57931 is a Linux kernel issue in the SELinux subsystem: when evaluating extended permissions, the patch changes behavior to ignore unknown permissions instead of triggering a BUG(), allowing future permissions to be added without breaking older kernels. The unit described in connected da...
CVE-2025-21679
CVE-2025-21679—Linux kernel (btrfs): The issue arises in get_canonical_dev_path() where d_path()’s possible error is not handled, causing an invalid memory access on the subsequent strscpy() call. The patch reintroduces proper error handling for d_path() to prevent the memory access, addressing t...
CVE-2023-52924
CVE-2023-52924 describes a Linux kernel vulnerability in nf_tables/netfilter where expired elements were wrongly skipped during a set walk, causing use-count inconsistencies and potential WARNs during chain removal. The issue arises in asymmetry between preparation/commit phases when a set elemen...
CVE-2024-57904
CVE-2024-57904 affects the Linux kernel’s IIO subsystem for at91: the at91_ts_register path frees the wrong object during error handling. The code currently calls input_free_device() on st->ts_input, but the err path can run before iio_dev is assigned to st->ts_input. The fix is to call inp...
CVE-2024-57929
CVE-2024-57929 : In the Linux kernel, the vulnerability stems from dm-array: when dm_bm_read_lock() fails, a faulty dm_block pointer can be left behind, leading to a double release in dm_array_cursor_end() and a subsequent BUG_on in dm-bufio. The fix (as described in the CVE text) sets the cached...
CVE-2025-21632
CVE-2025-21632: In the Linux kernel, a patch fixes shadow stack handling for x86 XSAVE state accessed via ptrace. Previously, regset get/set paths could be invoked with shadow stacks disabled (ARCH_SHSTK_SHSTK==0), causing get_xsave_addr() to return NULL and trigger a WARN_ON in ssp_get. The fix ...
CVE-2024-57849
The CVE-2024-57849 issue is in the Linux kernel s390 CPUMF sampling path. When a CPU is hotplugged out while a performance event is still active on that CPU, the hotplug/removal sequence can cause SDBs (sampling data buffers) to be freed while still in use, creating a potential use-after-free con...
CVE-2024-57838
CVE-2024-57838 affects the Linux kernel on s390 where stack-depot filtering cannot de-duplicate stacks because the .irqentry.text section is empty. The root cause is that IO/EXT interrupt handlers were not correctly placed into the .irqentry.text region on s390, hindering stack trace filtering fo...
CVE-2024-57876
CVE-2024-57876 affects the Linux kernel DRM/DP MST code. The vulnerability arises when the MST topology is removed during reception of a Down/Up Sideband message, where drm_dp_mst_topology_mgr::up_req_recv and down_rep_recv states can be reset out of order by another thread via drm_dp_mst_topolog...
CVE-2025-21691
The CVE-2025-21691 entry concerns the Linux kernel cachestat syscall. The issue arose because the cachestat() addition did not include the writability/ownership permission check that mincore() had, allowing potential misuse when reading page cache stats. The connected advisories confirm a code-le...
CVE-2025-21651
Technical details about CVE-2025-21651 are not present in the provided connected documents; the materials only reference the Linux kernel hns3 issue and a fix. Monitor for updates from official sources.
CVE-2025-21663
CVE-2025-21663 : In the Linux kernel, the net: stmmac: dwmac-tegra driver incorrectly reads the IOMMU Stream ID (SID) from a hard-coded MGBE0 SID for all Tegra MGBEs. This prevents proper SID handling for non-MGBE0 controllers, leading to issues such as transmit timeouts and potential kernel pani...
CVE-2024-57883
Technical details about CVE-2024-57883 are not provided in the supplied documents. Monitor official kernel advisories and vendor security notices for affected products, scope, and fixes.
CVE-2024-57897
CVE-2024-57897 affects the Linux kernel’s DRM/AMDGPU/KFD path. The migration DMA map direction for the SVM DMA device map is set to BIDIRECTIONAL to match the DMA unmap setting, addressing a warning from the DMA core. The Tencent/Tenable entry includes a kernel log snippet showing a WARNING in ke...
CVE-2025-21645
CVE-2025-21645 affects the Linux kernel in platform/x86/amd/pmc where IRQ1 wakeup is disabled independent of whether i8042 enabled it. The underlying issue caused by dev_pm_ops mismatches between amd_pmc_suspend_handler() and i8042_pm_suspend() could lead to unbalanced IRQ wake disable and WARNs ...
CVE-2025-21629
CVE-2025-21629: Linux kernel vulnerability where NETIF_F_IPV6_CSUM offload for BIG TCP/IPv6 packets with extension headers was disabled by a commit; this caused skb_warn_bad_offload to fire for large TCP packets. The issue is resolved by reverting the change and re-enabling IPv6 CSUM offload for ...
CVE-2024-57898
Technical details for CVE-2024-57898 are not provided in the supplied documents. Public information about affected products, impact, or fixes is unavailable here; monitor vendor advisories for updates.
CVE-2024-57804
CVE-2024-57804 concerns the Linux kernel’s scsi mpi3mr driver, where rapid disable/enable cycles of PHYs via the SAS sysfs interface could corrupt the persistent and current SAS IO unit/Expander config pages. The root cause is PHY state/page data confusion during successive config requests, leadi...
CVE-2024-49571
CVE-2024-49571 affects the Linux kernel’s net/smc path. The vulnerability arises when the server processes an incoming proposal message: the fields iparea_offset and ipv6_prefixes_cnt in the proposal are supplied by the remote client and cannot be fully trusted. If iparea_offset exceeds the maxim...
CVE-2024-57917
CVE-2024-57917 : In the Linux kernel, the cpumask may be modified during printing of cpumap, causing mismatched lengths in kvasprintf-based formatting. The fix caches the cpumask to a temporary variable before cpumap_print_{list, cpumask}_to_buf() to keep it unchanged during printing. Impact is p...
CVE-2025-21656
CVE-2025-21656 is a Linux kernel issue in topology printing (cpumap) where the vsnprintf-based formatting could mutate the cpumask during output, leading to inconsistent core visibility in the printed cpumap. The fix keeps the cpumask unchanged by caching it to a temporary variable before printin...
CVE-2024-57889
CVE-2024-57889 is resolved in the Linux kernel via a patch to the pinctrl-mcp23s08 driver. The issue occurred when using MCP23xxx IO expanders to receive IRQs, where regmap locking (mutex) around regmap_update_bits_base was invoked from a context that held a spinlock in __setup_irq(), leading to ...
CVE-2024-57791
CVE-2024-57791 affects the Linux kernel net/smc component. The vulnerability arises when draining clc data: the length field in smc_clc_msg_hdr, sourced from the network, may be trusted and if it exceeds buflen in smc_clc_wait_msg, a deadloop can occur. The connected documents describe the patch ...
CVE-2024-52332
CVE-2024-52332: Linux kernel igb driver fix for potential invalid memory access during module init. When pci_register_driver() can fail, the dca_notifier must be unregistered; otherwise, if igb fails to install, dca_notifier may be invoked and access memory that is no longer valid. The connected ...
CVE-2024-57899
CVE-2024-57899 affects the Linux kernel’s wifi/mac80211 code. On 32‑bit systems, the code uses or_each_set_bit(bit, &bits, sizeof(changed) * BITS_PER_BYTE) where an 8‑byte u64 is accessed as a 4‑byte unsigned long, causing incorrect bit searches and potential flag corruption in MBSS changes. The ...
CVE-2024-56372
CVE-2024-56372 affects the Linux kernel net/tun path. The vulnerability stems from tun_napi_alloc_frags() where code paths reuse the first iov component, producing a malformed skb and causing a kernel crash (OOPS) as shown by a syzbot trace in kernel/skbuff.c. The CVSS vector from NVD: Local acce...