Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0977
Vulnerability from certfr_avis - Published: 2025-11-07 - Updated: 2025-11-07
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 25.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-40114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40114"
},
{
"name": "CVE-2025-38339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38339"
},
{
"name": "CVE-2025-22083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22083"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-38201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38201"
},
{
"name": "CVE-2025-22033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22033"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-38228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38228"
},
{
"name": "CVE-2025-38230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38230"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2025-38356",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38356"
},
{
"name": "CVE-2025-38329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38329"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22036"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-22040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22040"
},
{
"name": "CVE-2025-38340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38340"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-38388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38388"
},
{
"name": "CVE-2025-38370",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38370"
},
{
"name": "CVE-2025-22019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22019"
},
{
"name": "CVE-2025-38417",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38417"
},
{
"name": "CVE-2025-38323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38323"
},
{
"name": "CVE-2025-38208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38208"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-38087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38087"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-38523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38523"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2025-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38408"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2024-36357",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36357"
},
{
"name": "CVE-2025-22095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22095"
},
{
"name": "CVE-2025-38238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38238"
},
{
"name": "CVE-2025-38215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38215"
},
{
"name": "CVE-2025-38372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38372"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2024-58092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58092"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2025-38353",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38353"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2024-53150",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53150"
},
{
"name": "CVE-2025-22039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22039"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2021-47330",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47330"
},
{
"name": "CVE-2025-38254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38254"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-38426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38426"
},
{
"name": "CVE-2025-38436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38436"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-38253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38253"
},
{
"name": "CVE-2025-38338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38338"
},
{
"name": "CVE-2025-38239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38239"
},
{
"name": "CVE-2025-38223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38223"
},
{
"name": "CVE-2025-38411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38411"
},
{
"name": "CVE-2025-38261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38261"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-38431",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38431"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2025-38234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38234"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2023-52650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52650"
},
{
"name": "CVE-2025-22080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22080"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-38250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38250"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2025-38368",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38368"
},
{
"name": "CVE-2025-38331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38331"
},
{
"name": "CVE-2025-38354",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38354"
},
{
"name": "CVE-2025-38434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38434"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-38330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38330"
},
{
"name": "CVE-2024-50006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50006"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-38258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38258"
},
{
"name": "CVE-2025-22028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22028"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2025-38188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38188"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2025-38396",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38396"
},
{
"name": "CVE-2025-38224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38224"
},
{
"name": "CVE-2025-38407",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38407"
},
{
"name": "CVE-2025-38118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38118"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-38240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38240"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2025-38355",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38355"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-38422",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38422"
},
{
"name": "CVE-2025-38402",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38402"
},
{
"name": "CVE-2025-38421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38421"
},
{
"name": "CVE-2025-38232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38232"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2025-22057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22057"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-38425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38425"
},
{
"name": "CVE-2025-38210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38210"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2025-38322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38322"
},
{
"name": "CVE-2025-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38541"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2025-38385",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38385"
},
{
"name": "CVE-2025-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22068"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38409",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38409"
},
{
"name": "CVE-2025-38242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38242"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2025-38359",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38359"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2023-52574",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52574"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-38334",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38334"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-38089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38089"
},
{
"name": "CVE-2025-22072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22072"
},
{
"name": "CVE-2025-38382",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38382"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2025-38183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38183"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2025-38333",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38333"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-38390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38390"
},
{
"name": "CVE-2025-38196",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38196"
},
{
"name": "CVE-2025-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22047"
},
{
"name": "CVE-2025-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22070"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-38373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38373"
},
{
"name": "CVE-2025-38369",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38369"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22065"
},
{
"name": "CVE-2025-38392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38392"
},
{
"name": "CVE-2025-38259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38259"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2025-38192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38192"
},
{
"name": "CVE-2025-38343",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38343"
},
{
"name": "CVE-2025-38202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38202"
},
{
"name": "CVE-2025-38423",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38423"
},
{
"name": "CVE-2025-38374",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38374"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2025-38413",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38413"
},
{
"name": "CVE-2025-38435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38435"
},
{
"name": "CVE-2025-38383",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38383"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2021-47294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47294"
},
{
"name": "CVE-2025-38246",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38246"
},
{
"name": "CVE-2025-38220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38220"
},
{
"name": "CVE-2025-38405",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38405"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2025-38429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38429"
},
{
"name": "CVE-2025-38225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38225"
},
{
"name": "CVE-2025-38365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38365"
},
{
"name": "CVE-2025-38260",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38260"
},
{
"name": "CVE-2025-38244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38244"
},
{
"name": "CVE-2025-38364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38364"
},
{
"name": "CVE-2025-38193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38193"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2025-38236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38236"
},
{
"name": "CVE-2025-38347",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38347"
},
{
"name": "CVE-2025-38198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38198"
},
{
"name": "CVE-2025-38376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38376"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2025-38233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38233"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2024-56767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56767"
},
{
"name": "CVE-2024-36350",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36350"
},
{
"name": "CVE-2025-38185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38185"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2025-38199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38199"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-38214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38214"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2025-38381",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38381"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38325"
},
{
"name": "CVE-2025-22042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22042"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-38186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38186"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-22038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22038"
},
{
"name": "CVE-2025-38190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38190"
},
{
"name": "CVE-2025-38180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38180"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-38205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38205"
},
{
"name": "CVE-2025-38321",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38321"
},
{
"name": "CVE-2025-38241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38241"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-38191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38191"
},
{
"name": "CVE-2024-50299",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50299"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38264"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-39682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39682"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-38427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38427"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2025-38217",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38217"
},
{
"name": "CVE-2025-38360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38360"
},
{
"name": "CVE-2025-38255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38255"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2025-22064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22064"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22053"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-38256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38256"
},
{
"name": "CVE-2025-22041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22041"
},
{
"name": "CVE-2025-38182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38182"
},
{
"name": "CVE-2025-38341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38341"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2025-38189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38189"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-38361",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38361"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-38248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38248"
},
{
"name": "CVE-2025-38179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38179"
}
],
"initial_release_date": "2025-11-07T00:00:00",
"last_revision_date": "2025-11-07T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0977",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-07T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7856-1",
"url": "https://ubuntu.com/security/notices/USN-7856-1"
},
{
"published_at": "2025-11-07",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7860-3",
"url": "https://ubuntu.com/security/notices/USN-7860-3"
},
{
"published_at": "2025-11-07",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7795-5",
"url": "https://ubuntu.com/security/notices/USN-7795-5"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7863-1",
"url": "https://ubuntu.com/security/notices/USN-7863-1"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7835-5",
"url": "https://ubuntu.com/security/notices/USN-7835-5"
},
{
"published_at": "2025-10-31",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7833-4",
"url": "https://ubuntu.com/security/notices/USN-7833-4"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7829-6",
"url": "https://ubuntu.com/security/notices/USN-7829-6"
},
{
"published_at": "2025-11-07",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7860-4",
"url": "https://ubuntu.com/security/notices/USN-7860-4"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7860-2",
"url": "https://ubuntu.com/security/notices/USN-7860-2"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7861-1",
"url": "https://ubuntu.com/security/notices/USN-7861-1"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7860-1",
"url": "https://ubuntu.com/security/notices/USN-7860-1"
},
{
"published_at": "2025-11-07",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7861-2",
"url": "https://ubuntu.com/security/notices/USN-7861-2"
},
{
"published_at": "2025-10-31",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7835-4",
"url": "https://ubuntu.com/security/notices/USN-7835-4"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7862-1",
"url": "https://ubuntu.com/security/notices/USN-7862-1"
},
{
"published_at": "2025-11-07",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7864-1",
"url": "https://ubuntu.com/security/notices/USN-7864-1"
}
]
}
CVE-2021-47294 (GCVE-0-2021-47294)
Vulnerability from cvelistv5 – Published: 2024-05-21 14:35 – Updated: 2026-05-23 15:19
VLAI
EPSS
Title
netrom: Decrease sock refcount when sock timers expire
Summary
In the Linux kernel, the following vulnerability has been resolved:
netrom: Decrease sock refcount when sock timers expire
Commit 63346650c1a9 ("netrom: switch to sock timer API") switched to use
sock timer API. It replaces mod_timer() by sk_reset_timer(), and
del_timer() by sk_stop_timer().
Function sk_reset_timer() will increase the refcount of sock if it is
called on an inactive timer, hence, in case the timer expires, we need to
decrease the refcount ourselves in the handler, otherwise, the sock
refcount will be unbalanced and the sock will never be freed.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://git.kernel.org/stable/c/853262355518cd124… | |
| https://git.kernel.org/stable/c/a01634bf91f2b6c42… | |
| https://git.kernel.org/stable/c/48866fd5c361ea417… | |
| https://git.kernel.org/stable/c/9619cc7d97c3aa8ed… | |
| https://git.kernel.org/stable/c/25df44e90ff5959b5… | |
| https://git.kernel.org/stable/c/6811744bd0efb9e47… | |
| https://git.kernel.org/stable/c/bc1660206c3723c37… | |
| https://git.kernel.org/stable/c/517a16b1a88bdb6b5… |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
ce29e8a259de767f7210d346ad2b031cb8ab2732 , < 853262355518cd1247515b74e83fabf038aa6c29
(git)
Affected: baa9e32336bf6d0d74a7c3486d2a27feaf57cd5f , < a01634bf91f2b6c42583770eb6815fb6d1e251cf (git) Affected: 0adf571fa34b27bd0b97b408cc0f0dc54b72f0eb , < 48866fd5c361ea417ed24b43fc2a7dc2f5b060ef (git) Affected: 2c6b572458a9127e8070df13fa7f115c29ab1d92 , < 9619cc7d97c3aa8ed3cfd2b8678b74fb6d6c7950 (git) Affected: 63346650c1a94a92be61a57416ac88c0a47c4327 , < 25df44e90ff5959b5c24ad361b648504a7e39ef3 (git) Affected: 63346650c1a94a92be61a57416ac88c0a47c4327 , < 6811744bd0efb9e472cb15d066cdb460beb8cb8a (git) Affected: 63346650c1a94a92be61a57416ac88c0a47c4327 , < bc1660206c3723c37ed4d622ad81781f1e987250 (git) Affected: 63346650c1a94a92be61a57416ac88c0a47c4327 , < 517a16b1a88bdb6b530f48d5d153478b2552d9a8 (git) Affected: f1d9a1f2ef6ff17293d21d5e6b80e04bea0cf508 (git) Affected: 519e8a22a454b1f1baa3a151b184fe51bc18e178 (git) Affected: 4.4.173 , < 4.4.277 (semver) Affected: 4.9.155 , < 4.9.277 (semver) Affected: 4.14.98 , < 4.14.241 (semver) Affected: 4.19.20 , < 4.19.199 (semver) Affected: 3.18.134 , < 3.19 (semver) Affected: 4.20.7 , < 4.21 (semver) |
|
| Linux | Linux |
Affected:
5.0
Unaffected: 0 , < 5.0 (semver) Unaffected: 4.4.277 , ≤ 4.4.* (semver) Unaffected: 4.9.277 , ≤ 4.9.* (semver) Unaffected: 4.14.241 , ≤ 4.14.* (semver) Unaffected: 4.19.199 , ≤ 4.19.* (semver) Unaffected: 5.4.136 , ≤ 5.4.* (semver) Unaffected: 5.10.54 , ≤ 5.10.* (semver) Unaffected: 5.13.6 , ≤ 5.13.* (semver) Unaffected: 5.14 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47294",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T19:24:54.424642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:14:49.177Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:32:08.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/853262355518cd1247515b74e83fabf038aa6c29"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a01634bf91f2b6c42583770eb6815fb6d1e251cf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/48866fd5c361ea417ed24b43fc2a7dc2f5b060ef"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9619cc7d97c3aa8ed3cfd2b8678b74fb6d6c7950"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/25df44e90ff5959b5c24ad361b648504a7e39ef3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6811744bd0efb9e472cb15d066cdb460beb8cb8a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bc1660206c3723c37ed4d622ad81781f1e987250"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/517a16b1a88bdb6b530f48d5d153478b2552d9a8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netrom/nr_timer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "853262355518cd1247515b74e83fabf038aa6c29",
"status": "affected",
"version": "ce29e8a259de767f7210d346ad2b031cb8ab2732",
"versionType": "git"
},
{
"lessThan": "a01634bf91f2b6c42583770eb6815fb6d1e251cf",
"status": "affected",
"version": "baa9e32336bf6d0d74a7c3486d2a27feaf57cd5f",
"versionType": "git"
},
{
"lessThan": "48866fd5c361ea417ed24b43fc2a7dc2f5b060ef",
"status": "affected",
"version": "0adf571fa34b27bd0b97b408cc0f0dc54b72f0eb",
"versionType": "git"
},
{
"lessThan": "9619cc7d97c3aa8ed3cfd2b8678b74fb6d6c7950",
"status": "affected",
"version": "2c6b572458a9127e8070df13fa7f115c29ab1d92",
"versionType": "git"
},
{
"lessThan": "25df44e90ff5959b5c24ad361b648504a7e39ef3",
"status": "affected",
"version": "63346650c1a94a92be61a57416ac88c0a47c4327",
"versionType": "git"
},
{
"lessThan": "6811744bd0efb9e472cb15d066cdb460beb8cb8a",
"status": "affected",
"version": "63346650c1a94a92be61a57416ac88c0a47c4327",
"versionType": "git"
},
{
"lessThan": "bc1660206c3723c37ed4d622ad81781f1e987250",
"status": "affected",
"version": "63346650c1a94a92be61a57416ac88c0a47c4327",
"versionType": "git"
},
{
"lessThan": "517a16b1a88bdb6b530f48d5d153478b2552d9a8",
"status": "affected",
"version": "63346650c1a94a92be61a57416ac88c0a47c4327",
"versionType": "git"
},
{
"status": "affected",
"version": "f1d9a1f2ef6ff17293d21d5e6b80e04bea0cf508",
"versionType": "git"
},
{
"status": "affected",
"version": "519e8a22a454b1f1baa3a151b184fe51bc18e178",
"versionType": "git"
},
{
"lessThan": "4.4.277",
"status": "affected",
"version": "4.4.173",
"versionType": "semver"
},
{
"lessThan": "4.9.277",
"status": "affected",
"version": "4.9.155",
"versionType": "semver"
},
{
"lessThan": "4.14.241",
"status": "affected",
"version": "4.14.98",
"versionType": "semver"
},
{
"lessThan": "4.19.199",
"status": "affected",
"version": "4.19.20",
"versionType": "semver"
},
{
"lessThan": "3.19",
"status": "affected",
"version": "3.18.134",
"versionType": "semver"
},
{
"lessThan": "4.21",
"status": "affected",
"version": "4.20.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netrom/nr_timer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"lessThan": "5.0",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.277",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.277",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.241",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.199",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.136",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.54",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.13.*",
"status": "unaffected",
"version": "5.13.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.14",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.277",
"versionStartIncluding": "4.4.173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.277",
"versionStartIncluding": "4.9.155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.241",
"versionStartIncluding": "4.14.98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.199",
"versionStartIncluding": "4.19.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.136",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.54",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.13.6",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.14",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.18.134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: Decrease sock refcount when sock timers expire\n\nCommit 63346650c1a9 (\"netrom: switch to sock timer API\") switched to use\nsock timer API. It replaces mod_timer() by sk_reset_timer(), and\ndel_timer() by sk_stop_timer().\n\nFunction sk_reset_timer() will increase the refcount of sock if it is\ncalled on an inactive timer, hence, in case the timer expires, we need to\ndecrease the refcount ourselves in the handler, otherwise, the sock\nrefcount will be unbalanced and the sock will never be freed."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:19:39.451Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/853262355518cd1247515b74e83fabf038aa6c29"
},
{
"url": "https://git.kernel.org/stable/c/a01634bf91f2b6c42583770eb6815fb6d1e251cf"
},
{
"url": "https://git.kernel.org/stable/c/48866fd5c361ea417ed24b43fc2a7dc2f5b060ef"
},
{
"url": "https://git.kernel.org/stable/c/9619cc7d97c3aa8ed3cfd2b8678b74fb6d6c7950"
},
{
"url": "https://git.kernel.org/stable/c/25df44e90ff5959b5c24ad361b648504a7e39ef3"
},
{
"url": "https://git.kernel.org/stable/c/6811744bd0efb9e472cb15d066cdb460beb8cb8a"
},
{
"url": "https://git.kernel.org/stable/c/bc1660206c3723c37ed4d622ad81781f1e987250"
},
{
"url": "https://git.kernel.org/stable/c/517a16b1a88bdb6b530f48d5d153478b2552d9a8"
}
],
"title": "netrom: Decrease sock refcount when sock timers expire",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47294",
"datePublished": "2024-05-21T14:35:18.034Z",
"dateReserved": "2024-05-21T13:27:52.130Z",
"dateUpdated": "2026-05-23T15:19:39.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-47330 (GCVE-0-2021-47330)
Vulnerability from cvelistv5 – Published: 2024-05-21 14:35 – Updated: 2026-05-11 13:52
VLAI
EPSS
Title
tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
Summary
In the Linux kernel, the following vulnerability has been resolved:
tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
In the probe function, if the final 'serial_config()' fails, 'info' is
leaking.
Add a resource handling path to free this memory.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://git.kernel.org/stable/c/b5a2799cd62ed30c8… | |
| https://git.kernel.org/stable/c/331f5923fce4f45b8… | |
| https://git.kernel.org/stable/c/34f4590f5ec9859ea… | |
| https://git.kernel.org/stable/c/cddee5c287e26f6b2… | |
| https://git.kernel.org/stable/c/ee16bed959862a6de… | |
| https://git.kernel.org/stable/c/7a80f71601af01585… | |
| https://git.kernel.org/stable/c/c39cf4df19acf0133… | |
| https://git.kernel.org/stable/c/b2ef1f5de40342de4… | |
| https://git.kernel.org/stable/c/fad92b11047a748c9… |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
15b99ac1729503db9e6dc642a50b9b6cb3bf51f9 , < b5a2799cd62ed30c81b22c23028d9ee374e2138c
(git)
Affected: 15b99ac1729503db9e6dc642a50b9b6cb3bf51f9 , < 331f5923fce4f45b8170ccf06c529e8eb28f37bc (git) Affected: 15b99ac1729503db9e6dc642a50b9b6cb3bf51f9 , < 34f4590f5ec9859ea9136249f528173d150bd584 (git) Affected: 15b99ac1729503db9e6dc642a50b9b6cb3bf51f9 , < cddee5c287e26f6b2ba5c0ffdfc3a846f2f10461 (git) Affected: 15b99ac1729503db9e6dc642a50b9b6cb3bf51f9 , < ee16bed959862a6de2913f71a04cb563d7237b67 (git) Affected: 15b99ac1729503db9e6dc642a50b9b6cb3bf51f9 , < 7a80f71601af015856a0aeb1e3c294037ac3dd32 (git) Affected: 15b99ac1729503db9e6dc642a50b9b6cb3bf51f9 , < c39cf4df19acf0133fa284a8cd83fad42cd13cc2 (git) Affected: 15b99ac1729503db9e6dc642a50b9b6cb3bf51f9 , < b2ef1f5de40342de44fc5355321595f91774dab5 (git) Affected: 15b99ac1729503db9e6dc642a50b9b6cb3bf51f9 , < fad92b11047a748c996ebd6cfb164a63814eeb2e (git) |
|
| Linux | Linux |
Affected:
2.6.17
Unaffected: 0 , < 2.6.17 (semver) Unaffected: 4.4.276 , ≤ 4.4.* (semver) Unaffected: 4.9.276 , ≤ 4.9.* (semver) Unaffected: 4.14.240 , ≤ 4.14.* (semver) Unaffected: 4.19.198 , ≤ 4.19.* (semver) Unaffected: 5.4.134 , ≤ 5.4.* (semver) Unaffected: 5.10.52 , ≤ 5.10.* (semver) Unaffected: 5.12.19 , ≤ 5.12.* (semver) Unaffected: 5.13.4 , ≤ 5.13.* (semver) Unaffected: 5.14 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:32:08.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b5a2799cd62ed30c81b22c23028d9ee374e2138c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/331f5923fce4f45b8170ccf06c529e8eb28f37bc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/34f4590f5ec9859ea9136249f528173d150bd584"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cddee5c287e26f6b2ba5c0ffdfc3a846f2f10461"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ee16bed959862a6de2913f71a04cb563d7237b67"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7a80f71601af015856a0aeb1e3c294037ac3dd32"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c39cf4df19acf0133fa284a8cd83fad42cd13cc2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b2ef1f5de40342de44fc5355321595f91774dab5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fad92b11047a748c996ebd6cfb164a63814eeb2e"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:39:02.923985Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:33:52.086Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/8250/serial_cs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b5a2799cd62ed30c81b22c23028d9ee374e2138c",
"status": "affected",
"version": "15b99ac1729503db9e6dc642a50b9b6cb3bf51f9",
"versionType": "git"
},
{
"lessThan": "331f5923fce4f45b8170ccf06c529e8eb28f37bc",
"status": "affected",
"version": "15b99ac1729503db9e6dc642a50b9b6cb3bf51f9",
"versionType": "git"
},
{
"lessThan": "34f4590f5ec9859ea9136249f528173d150bd584",
"status": "affected",
"version": "15b99ac1729503db9e6dc642a50b9b6cb3bf51f9",
"versionType": "git"
},
{
"lessThan": "cddee5c287e26f6b2ba5c0ffdfc3a846f2f10461",
"status": "affected",
"version": "15b99ac1729503db9e6dc642a50b9b6cb3bf51f9",
"versionType": "git"
},
{
"lessThan": "ee16bed959862a6de2913f71a04cb563d7237b67",
"status": "affected",
"version": "15b99ac1729503db9e6dc642a50b9b6cb3bf51f9",
"versionType": "git"
},
{
"lessThan": "7a80f71601af015856a0aeb1e3c294037ac3dd32",
"status": "affected",
"version": "15b99ac1729503db9e6dc642a50b9b6cb3bf51f9",
"versionType": "git"
},
{
"lessThan": "c39cf4df19acf0133fa284a8cd83fad42cd13cc2",
"status": "affected",
"version": "15b99ac1729503db9e6dc642a50b9b6cb3bf51f9",
"versionType": "git"
},
{
"lessThan": "b2ef1f5de40342de44fc5355321595f91774dab5",
"status": "affected",
"version": "15b99ac1729503db9e6dc642a50b9b6cb3bf51f9",
"versionType": "git"
},
{
"lessThan": "fad92b11047a748c996ebd6cfb164a63814eeb2e",
"status": "affected",
"version": "15b99ac1729503db9e6dc642a50b9b6cb3bf51f9",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/8250/serial_cs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.17"
},
{
"lessThan": "2.6.17",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.276",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.276",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.240",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.198",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.134",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.52",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"version": "5.12.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.13.*",
"status": "unaffected",
"version": "5.13.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.14",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.276",
"versionStartIncluding": "2.6.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.276",
"versionStartIncluding": "2.6.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.240",
"versionStartIncluding": "2.6.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.198",
"versionStartIncluding": "2.6.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.134",
"versionStartIncluding": "2.6.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.52",
"versionStartIncluding": "2.6.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.12.19",
"versionStartIncluding": "2.6.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.13.4",
"versionStartIncluding": "2.6.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.14",
"versionStartIncluding": "2.6.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: 8250: serial_cs: Fix a memory leak in error handling path\n\nIn the probe function, if the final \u0027serial_config()\u0027 fails, \u0027info\u0027 is\nleaking.\n\nAdd a resource handling path to free this memory."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T13:52:23.717Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b5a2799cd62ed30c81b22c23028d9ee374e2138c"
},
{
"url": "https://git.kernel.org/stable/c/331f5923fce4f45b8170ccf06c529e8eb28f37bc"
},
{
"url": "https://git.kernel.org/stable/c/34f4590f5ec9859ea9136249f528173d150bd584"
},
{
"url": "https://git.kernel.org/stable/c/cddee5c287e26f6b2ba5c0ffdfc3a846f2f10461"
},
{
"url": "https://git.kernel.org/stable/c/ee16bed959862a6de2913f71a04cb563d7237b67"
},
{
"url": "https://git.kernel.org/stable/c/7a80f71601af015856a0aeb1e3c294037ac3dd32"
},
{
"url": "https://git.kernel.org/stable/c/c39cf4df19acf0133fa284a8cd83fad42cd13cc2"
},
{
"url": "https://git.kernel.org/stable/c/b2ef1f5de40342de44fc5355321595f91774dab5"
},
{
"url": "https://git.kernel.org/stable/c/fad92b11047a748c996ebd6cfb164a63814eeb2e"
}
],
"title": "tty: serial: 8250: serial_cs: Fix a memory leak in error handling path",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47330",
"datePublished": "2024-05-21T14:35:41.789Z",
"dateReserved": "2024-05-21T14:28:16.975Z",
"dateUpdated": "2026-05-11T13:52:23.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-52574 (GCVE-0-2023-52574)
Vulnerability from cvelistv5 – Published: 2024-03-02 21:59 – Updated: 2026-05-11 19:29
VLAI
EPSS
Title
team: fix null-ptr-deref when team device type is changed
Summary
In the Linux kernel, the following vulnerability has been resolved:
team: fix null-ptr-deref when team device type is changed
Get a null-ptr-deref bug as follows with reproducer [1].
BUG: kernel NULL pointer dereference, address: 0000000000000228
...
RIP: 0010:vlan_dev_hard_header+0x35/0x140 [8021q]
...
Call Trace:
<TASK>
? __die+0x24/0x70
? page_fault_oops+0x82/0x150
? exc_page_fault+0x69/0x150
? asm_exc_page_fault+0x26/0x30
? vlan_dev_hard_header+0x35/0x140 [8021q]
? vlan_dev_hard_header+0x8e/0x140 [8021q]
neigh_connected_output+0xb2/0x100
ip6_finish_output2+0x1cb/0x520
? nf_hook_slow+0x43/0xc0
? ip6_mtu+0x46/0x80
ip6_finish_output+0x2a/0xb0
mld_sendpack+0x18f/0x250
mld_ifc_work+0x39/0x160
process_one_work+0x1e6/0x3f0
worker_thread+0x4d/0x2f0
? __pfx_worker_thread+0x10/0x10
kthread+0xe5/0x120
? __pfx_kthread+0x10/0x10
ret_from_fork+0x34/0x50
? __pfx_kthread+0x10/0x10
ret_from_fork_asm+0x1b/0x30
[1]
$ teamd -t team0 -d -c '{"runner": {"name": "loadbalance"}}'
$ ip link add name t-dummy type dummy
$ ip link add link t-dummy name t-dummy.100 type vlan id 100
$ ip link add name t-nlmon type nlmon
$ ip link set t-nlmon master team0
$ ip link set t-nlmon nomaster
$ ip link set t-dummy up
$ ip link set team0 up
$ ip link set t-dummy.100 down
$ ip link set t-dummy.100 master team0
When enslave a vlan device to team device and team device type is changed
from non-ether to ether, header_ops of team device is changed to
vlan_header_ops. That is incorrect and will trigger null-ptr-deref
for vlan->real_dev in vlan_dev_hard_header() because team device is not
a vlan device.
Cache eth_header_ops in team_setup(), then assign cached header_ops to
header_ops of team net device when its type is changed from non-ether
to ether to fix the bug.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://git.kernel.org/stable/c/1779eb51b9cc628ce… | |
| https://git.kernel.org/stable/c/a7fb47b9711101d24… | |
| https://git.kernel.org/stable/c/c5f6478686bb45f45… | |
| https://git.kernel.org/stable/c/b44dd92e2afd89eb6… | |
| https://git.kernel.org/stable/c/cd05eec2ee0cc3968… | |
| https://git.kernel.org/stable/c/2f0acb0736ecc3eb8… | |
| https://git.kernel.org/stable/c/cac50d9f5d876be32… | |
| https://git.kernel.org/stable/c/492032760127251e5… |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
1d76efe1577b4323609b1bcbfafa8b731eda071a , < 1779eb51b9cc628cee551f252701a85a2a50a457
(git)
Affected: 1d76efe1577b4323609b1bcbfafa8b731eda071a , < a7fb47b9711101d2405b0eb1276fb1f9b9b270c7 (git) Affected: 1d76efe1577b4323609b1bcbfafa8b731eda071a , < c5f6478686bb45f453031594ae19b6c9723a780d (git) Affected: 1d76efe1577b4323609b1bcbfafa8b731eda071a , < b44dd92e2afd89eb6e9d27616858e72a67bdc1a7 (git) Affected: 1d76efe1577b4323609b1bcbfafa8b731eda071a , < cd05eec2ee0cc396813a32ef675634e403748255 (git) Affected: 1d76efe1577b4323609b1bcbfafa8b731eda071a , < 2f0acb0736ecc3eb85dc80ad2790d634dcb10b58 (git) Affected: 1d76efe1577b4323609b1bcbfafa8b731eda071a , < cac50d9f5d876be32cb9aa21c74018468900284d (git) Affected: 1d76efe1577b4323609b1bcbfafa8b731eda071a , < 492032760127251e5540a5716a70996bacf2a3fd (git) |
|
| Linux | Linux |
Affected:
3.7
Unaffected: 0 , < 3.7 (semver) Unaffected: 4.14.327 , ≤ 4.14.* (semver) Unaffected: 4.19.296 , ≤ 4.19.* (semver) Unaffected: 5.4.258 , ≤ 5.4.* (semver) Unaffected: 5.10.198 , ≤ 5.10.* (semver) Unaffected: 5.15.134 , ≤ 5.15.* (semver) Unaffected: 6.1.56 , ≤ 6.1.* (semver) Unaffected: 6.5.6 , ≤ 6.5.* (semver) Unaffected: 6.6 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52574",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-06T20:45:03.463636Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:22:44.896Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:20.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1779eb51b9cc628cee551f252701a85a2a50a457"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a7fb47b9711101d2405b0eb1276fb1f9b9b270c7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c5f6478686bb45f453031594ae19b6c9723a780d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b44dd92e2afd89eb6e9d27616858e72a67bdc1a7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cd05eec2ee0cc396813a32ef675634e403748255"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2f0acb0736ecc3eb85dc80ad2790d634dcb10b58"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cac50d9f5d876be32cb9aa21c74018468900284d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/492032760127251e5540a5716a70996bacf2a3fd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/team/team.c",
"include/linux/if_team.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1779eb51b9cc628cee551f252701a85a2a50a457",
"status": "affected",
"version": "1d76efe1577b4323609b1bcbfafa8b731eda071a",
"versionType": "git"
},
{
"lessThan": "a7fb47b9711101d2405b0eb1276fb1f9b9b270c7",
"status": "affected",
"version": "1d76efe1577b4323609b1bcbfafa8b731eda071a",
"versionType": "git"
},
{
"lessThan": "c5f6478686bb45f453031594ae19b6c9723a780d",
"status": "affected",
"version": "1d76efe1577b4323609b1bcbfafa8b731eda071a",
"versionType": "git"
},
{
"lessThan": "b44dd92e2afd89eb6e9d27616858e72a67bdc1a7",
"status": "affected",
"version": "1d76efe1577b4323609b1bcbfafa8b731eda071a",
"versionType": "git"
},
{
"lessThan": "cd05eec2ee0cc396813a32ef675634e403748255",
"status": "affected",
"version": "1d76efe1577b4323609b1bcbfafa8b731eda071a",
"versionType": "git"
},
{
"lessThan": "2f0acb0736ecc3eb85dc80ad2790d634dcb10b58",
"status": "affected",
"version": "1d76efe1577b4323609b1bcbfafa8b731eda071a",
"versionType": "git"
},
{
"lessThan": "cac50d9f5d876be32cb9aa21c74018468900284d",
"status": "affected",
"version": "1d76efe1577b4323609b1bcbfafa8b731eda071a",
"versionType": "git"
},
{
"lessThan": "492032760127251e5540a5716a70996bacf2a3fd",
"status": "affected",
"version": "1d76efe1577b4323609b1bcbfafa8b731eda071a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/team/team.c",
"include/linux/if_team.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.7"
},
{
"lessThan": "3.7",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.327",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.296",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.258",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.198",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.134",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.56",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.5.*",
"status": "unaffected",
"version": "6.5.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.6",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.327",
"versionStartIncluding": "3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.296",
"versionStartIncluding": "3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.258",
"versionStartIncluding": "3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.198",
"versionStartIncluding": "3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.134",
"versionStartIncluding": "3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.56",
"versionStartIncluding": "3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5.6",
"versionStartIncluding": "3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6",
"versionStartIncluding": "3.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: fix null-ptr-deref when team device type is changed\n\nGet a null-ptr-deref bug as follows with reproducer [1].\n\nBUG: kernel NULL pointer dereference, address: 0000000000000228\n...\nRIP: 0010:vlan_dev_hard_header+0x35/0x140 [8021q]\n...\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x24/0x70\n ? page_fault_oops+0x82/0x150\n ? exc_page_fault+0x69/0x150\n ? asm_exc_page_fault+0x26/0x30\n ? vlan_dev_hard_header+0x35/0x140 [8021q]\n ? vlan_dev_hard_header+0x8e/0x140 [8021q]\n neigh_connected_output+0xb2/0x100\n ip6_finish_output2+0x1cb/0x520\n ? nf_hook_slow+0x43/0xc0\n ? ip6_mtu+0x46/0x80\n ip6_finish_output+0x2a/0xb0\n mld_sendpack+0x18f/0x250\n mld_ifc_work+0x39/0x160\n process_one_work+0x1e6/0x3f0\n worker_thread+0x4d/0x2f0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe5/0x120\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n\n[1]\n$ teamd -t team0 -d -c \u0027{\"runner\": {\"name\": \"loadbalance\"}}\u0027\n$ ip link add name t-dummy type dummy\n$ ip link add link t-dummy name t-dummy.100 type vlan id 100\n$ ip link add name t-nlmon type nlmon\n$ ip link set t-nlmon master team0\n$ ip link set t-nlmon nomaster\n$ ip link set t-dummy up\n$ ip link set team0 up\n$ ip link set t-dummy.100 down\n$ ip link set t-dummy.100 master team0\n\nWhen enslave a vlan device to team device and team device type is changed\nfrom non-ether to ether, header_ops of team device is changed to\nvlan_header_ops. That is incorrect and will trigger null-ptr-deref\nfor vlan-\u003ereal_dev in vlan_dev_hard_header() because team device is not\na vlan device.\n\nCache eth_header_ops in team_setup(), then assign cached header_ops to\nheader_ops of team net device when its type is changed from non-ether\nto ether to fix the bug."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T19:29:34.359Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1779eb51b9cc628cee551f252701a85a2a50a457"
},
{
"url": "https://git.kernel.org/stable/c/a7fb47b9711101d2405b0eb1276fb1f9b9b270c7"
},
{
"url": "https://git.kernel.org/stable/c/c5f6478686bb45f453031594ae19b6c9723a780d"
},
{
"url": "https://git.kernel.org/stable/c/b44dd92e2afd89eb6e9d27616858e72a67bdc1a7"
},
{
"url": "https://git.kernel.org/stable/c/cd05eec2ee0cc396813a32ef675634e403748255"
},
{
"url": "https://git.kernel.org/stable/c/2f0acb0736ecc3eb85dc80ad2790d634dcb10b58"
},
{
"url": "https://git.kernel.org/stable/c/cac50d9f5d876be32cb9aa21c74018468900284d"
},
{
"url": "https://git.kernel.org/stable/c/492032760127251e5540a5716a70996bacf2a3fd"
}
],
"title": "team: fix null-ptr-deref when team device type is changed",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52574",
"datePublished": "2024-03-02T21:59:43.271Z",
"dateReserved": "2024-03-02T21:55:42.568Z",
"dateUpdated": "2026-05-11T19:29:34.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-52593 (GCVE-0-2023-52593)
Vulnerability from cvelistv5 – Published: 2024-03-06 06:45 – Updated: 2026-05-11 19:29
VLAI
EPSS
Title
wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()
Since 'ieee80211_beacon_get()' can return NULL, 'wfx_set_mfp_ap()'
should check the return value before examining skb data. So convert
the latter to return an appropriate error code and propagate it to
return from 'wfx_start_ap()' as well. Compile tested only.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
268bceec1684932e194ae87877dcc73f534d921c , < 574dcd3126aa2eed75437137843f254b1190dd03
(git)
Affected: 268bceec1684932e194ae87877dcc73f534d921c , < 9ab224744a47363f74ea29c6894c405e3bcf5132 (git) Affected: 268bceec1684932e194ae87877dcc73f534d921c , < 3739121443f5114c6bcf6d841a5124deb006b878 (git) Affected: 268bceec1684932e194ae87877dcc73f534d921c , < fe0a7776d4d19e613bb8dd80fe2d78ae49e8b49d (git) |
|
| Linux | Linux |
Affected:
5.10
Unaffected: 0 , < 5.10 (semver) Unaffected: 6.1.77 , ≤ 6.1.* (semver) Unaffected: 6.6.16 , ≤ 6.6.* (semver) Unaffected: 6.7.4 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:21.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/574dcd3126aa2eed75437137843f254b1190dd03"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9ab224744a47363f74ea29c6894c405e3bcf5132"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3739121443f5114c6bcf6d841a5124deb006b878"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fe0a7776d4d19e613bb8dd80fe2d78ae49e8b49d"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52593",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T14:56:35.440963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T15:03:29.606Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/silabs/wfx/sta.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "574dcd3126aa2eed75437137843f254b1190dd03",
"status": "affected",
"version": "268bceec1684932e194ae87877dcc73f534d921c",
"versionType": "git"
},
{
"lessThan": "9ab224744a47363f74ea29c6894c405e3bcf5132",
"status": "affected",
"version": "268bceec1684932e194ae87877dcc73f534d921c",
"versionType": "git"
},
{
"lessThan": "3739121443f5114c6bcf6d841a5124deb006b878",
"status": "affected",
"version": "268bceec1684932e194ae87877dcc73f534d921c",
"versionType": "git"
},
{
"lessThan": "fe0a7776d4d19e613bb8dd80fe2d78ae49e8b49d",
"status": "affected",
"version": "268bceec1684932e194ae87877dcc73f534d921c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/silabs/wfx/sta.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.10"
},
{
"lessThan": "5.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.77",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.16",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.77",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.16",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.4",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "5.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()\n\nSince \u0027ieee80211_beacon_get()\u0027 can return NULL, \u0027wfx_set_mfp_ap()\u0027\nshould check the return value before examining skb data. So convert\nthe latter to return an appropriate error code and propagate it to\nreturn from \u0027wfx_start_ap()\u0027 as well. Compile tested only."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T19:29:57.298Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/574dcd3126aa2eed75437137843f254b1190dd03"
},
{
"url": "https://git.kernel.org/stable/c/9ab224744a47363f74ea29c6894c405e3bcf5132"
},
{
"url": "https://git.kernel.org/stable/c/3739121443f5114c6bcf6d841a5124deb006b878"
},
{
"url": "https://git.kernel.org/stable/c/fe0a7776d4d19e613bb8dd80fe2d78ae49e8b49d"
}
],
"title": "wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52593",
"datePublished": "2024-03-06T06:45:24.551Z",
"dateReserved": "2024-03-02T21:55:42.571Z",
"dateUpdated": "2026-05-11T19:29:57.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-52650 (GCVE-0-2023-52650)
Vulnerability from cvelistv5 – Published: 2024-05-01 12:53 – Updated: 2026-05-11 19:31
VLAI
EPSS
Title
drm/tegra: dsi: Add missing check for of_find_device_by_node
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/tegra: dsi: Add missing check for of_find_device_by_node
Add check for the return value of of_find_device_by_node() and return
the error if it fails in order to avoid NULL pointer dereference.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://git.kernel.org/stable/c/47a13d0b9d8527518… | |
| https://git.kernel.org/stable/c/f05631a8525c3b5e5… | |
| https://git.kernel.org/stable/c/92003981a6df5dc84… | |
| https://git.kernel.org/stable/c/93128052bf8323595… | |
| https://git.kernel.org/stable/c/50c0ad785a780c72a… | |
| https://git.kernel.org/stable/c/52aa507148c4aad41… | |
| https://git.kernel.org/stable/c/c5d2342d24ef6e08f… | |
| https://git.kernel.org/stable/c/3169eaf1365541fd8… | |
| https://git.kernel.org/stable/c/afe6fcb9775882230… | |
| https://lists.debian.org/debian-lts-announce/2024… | x_transferred |
| https://lists.debian.org/debian-lts-announce/2024… | x_transferred |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
e94236cde4d519cdecd45e2435defba33abdc99f , < 47a13d0b9d8527518639ab5c39667f69d6203e80
(git)
Affected: e94236cde4d519cdecd45e2435defba33abdc99f , < f05631a8525c3b5e5994ecb1304d2d878956c0f5 (git) Affected: e94236cde4d519cdecd45e2435defba33abdc99f , < 92003981a6df5dc84af8a5904f8ee112fa324129 (git) Affected: e94236cde4d519cdecd45e2435defba33abdc99f , < 93128052bf832359531c3c0a9e3567b2b8682a2d (git) Affected: e94236cde4d519cdecd45e2435defba33abdc99f , < 50c0ad785a780c72a2fdaba10b38c645ffb4eae6 (git) Affected: e94236cde4d519cdecd45e2435defba33abdc99f , < 52aa507148c4aad41436e2005d742ffcafad9976 (git) Affected: e94236cde4d519cdecd45e2435defba33abdc99f , < c5d2342d24ef6e08fc90a529fe3dc59de421a2b9 (git) Affected: e94236cde4d519cdecd45e2435defba33abdc99f , < 3169eaf1365541fd8e521091010c44fbe14691fc (git) Affected: e94236cde4d519cdecd45e2435defba33abdc99f , < afe6fcb9775882230cd29b529203eabd5d2a638d (git) |
|
| Linux | Linux |
Affected:
3.19
Unaffected: 0 , < 3.19 (semver) Unaffected: 4.19.311 , ≤ 4.19.* (semver) Unaffected: 5.4.273 , ≤ 5.4.* (semver) Unaffected: 5.10.214 , ≤ 5.10.* (semver) Unaffected: 5.15.153 , ≤ 5.15.* (semver) Unaffected: 6.1.83 , ≤ 6.1.* (semver) Unaffected: 6.6.23 , ≤ 6.6.* (semver) Unaffected: 6.7.11 , ≤ 6.7.* (semver) Unaffected: 6.8.2 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52650",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T19:31:29.279840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T19:31:41.334Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:21.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/47a13d0b9d8527518639ab5c39667f69d6203e80"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f05631a8525c3b5e5994ecb1304d2d878956c0f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/92003981a6df5dc84af8a5904f8ee112fa324129"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/93128052bf832359531c3c0a9e3567b2b8682a2d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/50c0ad785a780c72a2fdaba10b38c645ffb4eae6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/52aa507148c4aad41436e2005d742ffcafad9976"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c5d2342d24ef6e08fc90a529fe3dc59de421a2b9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3169eaf1365541fd8e521091010c44fbe14691fc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/afe6fcb9775882230cd29b529203eabd5d2a638d"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/tegra/dsi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "47a13d0b9d8527518639ab5c39667f69d6203e80",
"status": "affected",
"version": "e94236cde4d519cdecd45e2435defba33abdc99f",
"versionType": "git"
},
{
"lessThan": "f05631a8525c3b5e5994ecb1304d2d878956c0f5",
"status": "affected",
"version": "e94236cde4d519cdecd45e2435defba33abdc99f",
"versionType": "git"
},
{
"lessThan": "92003981a6df5dc84af8a5904f8ee112fa324129",
"status": "affected",
"version": "e94236cde4d519cdecd45e2435defba33abdc99f",
"versionType": "git"
},
{
"lessThan": "93128052bf832359531c3c0a9e3567b2b8682a2d",
"status": "affected",
"version": "e94236cde4d519cdecd45e2435defba33abdc99f",
"versionType": "git"
},
{
"lessThan": "50c0ad785a780c72a2fdaba10b38c645ffb4eae6",
"status": "affected",
"version": "e94236cde4d519cdecd45e2435defba33abdc99f",
"versionType": "git"
},
{
"lessThan": "52aa507148c4aad41436e2005d742ffcafad9976",
"status": "affected",
"version": "e94236cde4d519cdecd45e2435defba33abdc99f",
"versionType": "git"
},
{
"lessThan": "c5d2342d24ef6e08fc90a529fe3dc59de421a2b9",
"status": "affected",
"version": "e94236cde4d519cdecd45e2435defba33abdc99f",
"versionType": "git"
},
{
"lessThan": "3169eaf1365541fd8e521091010c44fbe14691fc",
"status": "affected",
"version": "e94236cde4d519cdecd45e2435defba33abdc99f",
"versionType": "git"
},
{
"lessThan": "afe6fcb9775882230cd29b529203eabd5d2a638d",
"status": "affected",
"version": "e94236cde4d519cdecd45e2435defba33abdc99f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/tegra/dsi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.19"
},
{
"lessThan": "3.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.311",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.311",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.273",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.214",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.153",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.83",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.23",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.11",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8.2",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9",
"versionStartIncluding": "3.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: dsi: Add missing check for of_find_device_by_node\n\nAdd check for the return value of of_find_device_by_node() and return\nthe error if it fails in order to avoid NULL pointer dereference."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T19:31:04.597Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/47a13d0b9d8527518639ab5c39667f69d6203e80"
},
{
"url": "https://git.kernel.org/stable/c/f05631a8525c3b5e5994ecb1304d2d878956c0f5"
},
{
"url": "https://git.kernel.org/stable/c/92003981a6df5dc84af8a5904f8ee112fa324129"
},
{
"url": "https://git.kernel.org/stable/c/93128052bf832359531c3c0a9e3567b2b8682a2d"
},
{
"url": "https://git.kernel.org/stable/c/50c0ad785a780c72a2fdaba10b38c645ffb4eae6"
},
{
"url": "https://git.kernel.org/stable/c/52aa507148c4aad41436e2005d742ffcafad9976"
},
{
"url": "https://git.kernel.org/stable/c/c5d2342d24ef6e08fc90a529fe3dc59de421a2b9"
},
{
"url": "https://git.kernel.org/stable/c/3169eaf1365541fd8e521091010c44fbe14691fc"
},
{
"url": "https://git.kernel.org/stable/c/afe6fcb9775882230cd29b529203eabd5d2a638d"
}
],
"title": "drm/tegra: dsi: Add missing check for of_find_device_by_node",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52650",
"datePublished": "2024-05-01T12:53:12.145Z",
"dateReserved": "2024-03-06T09:52:12.097Z",
"dateUpdated": "2026-05-11T19:31:04.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-53034 (GCVE-0-2023-53034)
Vulnerability from cvelistv5 – Published: 2025-04-16 14:11 – Updated: 2026-05-11 19:37
VLAI
EPSS
Title
ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans
Summary
In the Linux kernel, the following vulnerability has been resolved:
ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans
There is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and
size. This would make xlate_pos negative.
[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000
[ 23.734158] ================================================================================
[ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntb_hw_switchtec.c:293:7
[ 23.734418] shift exponent -1 is negative
Ensuring xlate_pos is a positive or zero before BIT.
Severity
No CVSS data available.
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://git.kernel.org/stable/c/f56951f211f181410… | |
| https://git.kernel.org/stable/c/5b6857bb3bfb0dae1… | |
| https://git.kernel.org/stable/c/2429bdf26a0f3950f… | |
| https://git.kernel.org/stable/c/7ed22f8d8be26225a… | |
| https://git.kernel.org/stable/c/c61a3f2df162ba424… | |
| https://git.kernel.org/stable/c/cb153bdc1812a3375… | |
| https://git.kernel.org/stable/c/36d32cfb00d42e865… | |
| https://git.kernel.org/stable/c/0df2e03e4620548b4… | |
| https://git.kernel.org/stable/c/de203da734fae00e7… | |
| https://lists.debian.org/debian-lts-announce/2025… | |
| https://lists.debian.org/debian-lts-announce/2025… |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
1e2fd202f8593985cdadca32e0c322f98e7fe7cb , < f56951f211f181410a383d305e8d370993e45294
(git)
Affected: 1e2fd202f8593985cdadca32e0c322f98e7fe7cb , < 5b6857bb3bfb0dae17fab1e42c1e82c204a508b1 (git) Affected: 1e2fd202f8593985cdadca32e0c322f98e7fe7cb , < 2429bdf26a0f3950fdd996861e9c1a3873af1dbe (git) Affected: 1e2fd202f8593985cdadca32e0c322f98e7fe7cb , < 7ed22f8d8be26225a78cf5e85b2036421a6bf2d5 (git) Affected: 1e2fd202f8593985cdadca32e0c322f98e7fe7cb , < c61a3f2df162ba424be0141649a9ef5f28eaccc1 (git) Affected: 1e2fd202f8593985cdadca32e0c322f98e7fe7cb , < cb153bdc1812a3375639ed6ca5f147eaefb65349 (git) Affected: 1e2fd202f8593985cdadca32e0c322f98e7fe7cb , < 36d32cfb00d42e865396424bb5d340fc0a28870d (git) Affected: 1e2fd202f8593985cdadca32e0c322f98e7fe7cb , < 0df2e03e4620548b41891b4e0d1bd9d2e0d8a39a (git) Affected: 1e2fd202f8593985cdadca32e0c322f98e7fe7cb , < de203da734fae00e75be50220ba5391e7beecdf9 (git) |
|
| Linux | Linux |
Affected:
4.16
Unaffected: 0 , < 4.16 (semver) Unaffected: 5.4.292 , ≤ 5.4.* (semver) Unaffected: 5.10.236 , ≤ 5.10.* (semver) Unaffected: 5.15.180 , ≤ 5.15.* (semver) Unaffected: 6.1.134 , ≤ 6.1.* (semver) Unaffected: 6.6.87 , ≤ 6.6.* (semver) Unaffected: 6.12.23 , ≤ 6.12.* (semver) Unaffected: 6.13.11 , ≤ 6.13.* (semver) Unaffected: 6.14.2 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:28:57.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/ntb/hw/mscc/ntb_hw_switchtec.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f56951f211f181410a383d305e8d370993e45294",
"status": "affected",
"version": "1e2fd202f8593985cdadca32e0c322f98e7fe7cb",
"versionType": "git"
},
{
"lessThan": "5b6857bb3bfb0dae17fab1e42c1e82c204a508b1",
"status": "affected",
"version": "1e2fd202f8593985cdadca32e0c322f98e7fe7cb",
"versionType": "git"
},
{
"lessThan": "2429bdf26a0f3950fdd996861e9c1a3873af1dbe",
"status": "affected",
"version": "1e2fd202f8593985cdadca32e0c322f98e7fe7cb",
"versionType": "git"
},
{
"lessThan": "7ed22f8d8be26225a78cf5e85b2036421a6bf2d5",
"status": "affected",
"version": "1e2fd202f8593985cdadca32e0c322f98e7fe7cb",
"versionType": "git"
},
{
"lessThan": "c61a3f2df162ba424be0141649a9ef5f28eaccc1",
"status": "affected",
"version": "1e2fd202f8593985cdadca32e0c322f98e7fe7cb",
"versionType": "git"
},
{
"lessThan": "cb153bdc1812a3375639ed6ca5f147eaefb65349",
"status": "affected",
"version": "1e2fd202f8593985cdadca32e0c322f98e7fe7cb",
"versionType": "git"
},
{
"lessThan": "36d32cfb00d42e865396424bb5d340fc0a28870d",
"status": "affected",
"version": "1e2fd202f8593985cdadca32e0c322f98e7fe7cb",
"versionType": "git"
},
{
"lessThan": "0df2e03e4620548b41891b4e0d1bd9d2e0d8a39a",
"status": "affected",
"version": "1e2fd202f8593985cdadca32e0c322f98e7fe7cb",
"versionType": "git"
},
{
"lessThan": "de203da734fae00e75be50220ba5391e7beecdf9",
"status": "affected",
"version": "1e2fd202f8593985cdadca32e0c322f98e7fe7cb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/ntb/hw/mscc/ntb_hw_switchtec.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.16"
},
{
"lessThan": "4.16",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.292",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.236",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.180",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.134",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.87",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.23",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"version": "6.13.11",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.292",
"versionStartIncluding": "4.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.236",
"versionStartIncluding": "4.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.180",
"versionStartIncluding": "4.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.134",
"versionStartIncluding": "4.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.87",
"versionStartIncluding": "4.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.23",
"versionStartIncluding": "4.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.11",
"versionStartIncluding": "4.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.2",
"versionStartIncluding": "4.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans\n\nThere is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and\nsize. This would make xlate_pos negative.\n\n[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000\n[ 23.734158] ================================================================================\n[ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntb_hw_switchtec.c:293:7\n[ 23.734418] shift exponent -1 is negative\n\nEnsuring xlate_pos is a positive or zero before BIT."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T19:37:17.261Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f56951f211f181410a383d305e8d370993e45294"
},
{
"url": "https://git.kernel.org/stable/c/5b6857bb3bfb0dae17fab1e42c1e82c204a508b1"
},
{
"url": "https://git.kernel.org/stable/c/2429bdf26a0f3950fdd996861e9c1a3873af1dbe"
},
{
"url": "https://git.kernel.org/stable/c/7ed22f8d8be26225a78cf5e85b2036421a6bf2d5"
},
{
"url": "https://git.kernel.org/stable/c/c61a3f2df162ba424be0141649a9ef5f28eaccc1"
},
{
"url": "https://git.kernel.org/stable/c/cb153bdc1812a3375639ed6ca5f147eaefb65349"
},
{
"url": "https://git.kernel.org/stable/c/36d32cfb00d42e865396424bb5d340fc0a28870d"
},
{
"url": "https://git.kernel.org/stable/c/0df2e03e4620548b41891b4e0d1bd9d2e0d8a39a"
},
{
"url": "https://git.kernel.org/stable/c/de203da734fae00e75be50220ba5391e7beecdf9"
}
],
"title": "ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-53034",
"datePublished": "2025-04-16T14:11:41.985Z",
"dateReserved": "2025-03-27T16:40:15.758Z",
"dateUpdated": "2026-05-11T19:37:17.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-26700 (GCVE-0-2024-26700)
Vulnerability from cvelistv5 – Published: 2024-04-03 14:54 – Updated: 2026-05-11 20:02
VLAI
EPSS
Title
drm/amd/display: Fix MST Null Ptr for RV
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix MST Null Ptr for RV
The change try to fix below error specific to RV platform:
BUG: kernel NULL pointer dereference, address: 0000000000000008
PGD 0 P4D 0
Oops: 0000 [#1] PREEMPT SMP NOPTI
CPU: 4 PID: 917 Comm: sway Not tainted 6.3.9-arch1-1 #1 124dc55df4f5272ccb409f39ef4872fc2b3376a2
Hardware name: LENOVO 20NKS01Y00/20NKS01Y00, BIOS R12ET61W(1.31 ) 07/28/2022
RIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper]
Code: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 <48> 8>
RSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224
RDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280
RBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850
R10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000
R13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224
FS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000008 CR3: 000000010ddc6000 CR4: 00000000003506e0
Call Trace:
<TASK>
? __die+0x23/0x70
? page_fault_oops+0x171/0x4e0
? plist_add+0xbe/0x100
? exc_page_fault+0x7c/0x180
? asm_exc_page_fault+0x26/0x30
? drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]
? drm_dp_atomic_find_time_slots+0x28/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]
compute_mst_dsc_configs_for_link+0x2ff/0xa40 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]
? fill_plane_buffer_attributes+0x419/0x510 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]
compute_mst_dsc_configs_for_state+0x1e1/0x250 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]
amdgpu_dm_atomic_check+0xecd/0x1190 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]
drm_atomic_check_only+0x5c5/0xa40
drm_mode_atomic_ioctl+0x76e/0xbc0
? _copy_to_user+0x25/0x30
? drm_ioctl+0x296/0x4b0
? __pfx_drm_mode_atomic_ioctl+0x10/0x10
drm_ioctl_kernel+0xcd/0x170
drm_ioctl+0x26d/0x4b0
? __pfx_drm_mode_atomic_ioctl+0x10/0x10
amdgpu_drm_ioctl+0x4e/0x90 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]
__x64_sys_ioctl+0x94/0xd0
do_syscall_64+0x60/0x90
? do_syscall_64+0x6c/0x90
entry_SYSCALL_64_after_hwframe+0x72/0xdc
RIP: 0033:0x7f4dad17f76f
Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c>
RSP: 002b:00007ffd9ae859f0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000055e255a55900 RCX: 00007f4dad17f76f
RDX: 00007ffd9ae85a90 RSI: 00000000c03864bc RDI: 000000000000000b
RBP: 00007ffd9ae85a90 R08: 0000000000000003 R09: 0000000000000003
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000c03864bc
R13: 000000000000000b R14: 000055e255a7fc60 R15: 000055e255a01eb0
</TASK>
Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device ccm cmac algif_hash algif_skcipher af_alg joydev mousedev bnep >
typec libphy k10temp ipmi_msghandler roles i2c_scmi acpi_cpufreq mac_hid nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_mas>
CR2: 0000000000000008
---[ end trace 0000000000000000 ]---
RIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper]
Code: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 <48> 8>
RSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224
RDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280
RBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850
R10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000
R13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224
FS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000
---truncated---
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < 01d992088dce3945f70f49f34b0b911c5213c238
(git)
Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < 7407c61f43b66e90ad127d0cdd13cbc9d87141a5 (git) Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < 5cd7185d2db76c42a9b7e69adad9591d9fca093f (git) Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < e6a7df96facdcf5b1f71eb3ec26f2f9f6ad61e57 (git) |
|
| Linux | Linux |
Affected:
4.15
Unaffected: 0 , < 4.15 (semver) Unaffected: 6.1.82 , ≤ 6.1.* (semver) Unaffected: 6.6.18 , ≤ 6.6.* (semver) Unaffected: 6.7.6 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:12.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/01d992088dce3945f70f49f34b0b911c5213c238"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7407c61f43b66e90ad127d0cdd13cbc9d87141a5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5cd7185d2db76c42a9b7e69adad9591d9fca093f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e6a7df96facdcf5b1f71eb3ec26f2f9f6ad61e57"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26700",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:52:43.322834Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:33:28.912Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "01d992088dce3945f70f49f34b0b911c5213c238",
"status": "affected",
"version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
"versionType": "git"
},
{
"lessThan": "7407c61f43b66e90ad127d0cdd13cbc9d87141a5",
"status": "affected",
"version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
"versionType": "git"
},
{
"lessThan": "5cd7185d2db76c42a9b7e69adad9591d9fca093f",
"status": "affected",
"version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
"versionType": "git"
},
{
"lessThan": "e6a7df96facdcf5b1f71eb3ec26f2f9f6ad61e57",
"status": "affected",
"version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.15"
},
{
"lessThan": "4.15",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.82",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.18",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.82",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.18",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.6",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "4.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix MST Null Ptr for RV\n\nThe change try to fix below error specific to RV platform:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 4 PID: 917 Comm: sway Not tainted 6.3.9-arch1-1 #1 124dc55df4f5272ccb409f39ef4872fc2b3376a2\nHardware name: LENOVO 20NKS01Y00/20NKS01Y00, BIOS R12ET61W(1.31 ) 07/28/2022\nRIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper]\nCode: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 \u003c48\u003e 8\u003e\nRSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224\nRDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280\nRBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850\nR10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000\nR13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224\nFS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 000000010ddc6000 CR4: 00000000003506e0\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? plist_add+0xbe/0x100\n ? exc_page_fault+0x7c/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]\n ? drm_dp_atomic_find_time_slots+0x28/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]\n compute_mst_dsc_configs_for_link+0x2ff/0xa40 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n ? fill_plane_buffer_attributes+0x419/0x510 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n compute_mst_dsc_configs_for_state+0x1e1/0x250 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n amdgpu_dm_atomic_check+0xecd/0x1190 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n drm_atomic_check_only+0x5c5/0xa40\n drm_mode_atomic_ioctl+0x76e/0xbc0\n ? _copy_to_user+0x25/0x30\n ? drm_ioctl+0x296/0x4b0\n ? __pfx_drm_mode_atomic_ioctl+0x10/0x10\n drm_ioctl_kernel+0xcd/0x170\n drm_ioctl+0x26d/0x4b0\n ? __pfx_drm_mode_atomic_ioctl+0x10/0x10\n amdgpu_drm_ioctl+0x4e/0x90 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n __x64_sys_ioctl+0x94/0xd0\n do_syscall_64+0x60/0x90\n ? do_syscall_64+0x6c/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x7f4dad17f76f\nCode: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 \u003c89\u003e c\u003e\nRSP: 002b:00007ffd9ae859f0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000055e255a55900 RCX: 00007f4dad17f76f\nRDX: 00007ffd9ae85a90 RSI: 00000000c03864bc RDI: 000000000000000b\nRBP: 00007ffd9ae85a90 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000000 R11: 0000000000000246 R12: 00000000c03864bc\nR13: 000000000000000b R14: 000055e255a7fc60 R15: 000055e255a01eb0\n \u003c/TASK\u003e\nModules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device ccm cmac algif_hash algif_skcipher af_alg joydev mousedev bnep \u003e\n typec libphy k10temp ipmi_msghandler roles i2c_scmi acpi_cpufreq mac_hid nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_mas\u003e\nCR2: 0000000000000008\n---[ end trace 0000000000000000 ]---\nRIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper]\nCode: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 \u003c48\u003e 8\u003e\nRSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224\nRDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280\nRBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850\nR10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000\nR13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224\nFS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:02:30.659Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/01d992088dce3945f70f49f34b0b911c5213c238"
},
{
"url": "https://git.kernel.org/stable/c/7407c61f43b66e90ad127d0cdd13cbc9d87141a5"
},
{
"url": "https://git.kernel.org/stable/c/5cd7185d2db76c42a9b7e69adad9591d9fca093f"
},
{
"url": "https://git.kernel.org/stable/c/e6a7df96facdcf5b1f71eb3ec26f2f9f6ad61e57"
}
],
"title": "drm/amd/display: Fix MST Null Ptr for RV",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26700",
"datePublished": "2024-04-03T14:54:59.997Z",
"dateReserved": "2024-02-19T14:20:24.157Z",
"dateUpdated": "2026-05-11T20:02:30.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-26896 (GCVE-0-2024-26896)
Vulnerability from cvelistv5 – Published: 2024-04-17 10:27 – Updated: 2026-05-11 20:06
VLAI
EPSS
Title
wifi: wfx: fix memory leak when starting AP
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: wfx: fix memory leak when starting AP
Kmemleak reported this error:
unreferenced object 0xd73d1180 (size 184):
comm "wpa_supplicant", pid 1559, jiffies 13006305 (age 964.245s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 1e 00 01 00 00 00 00 00 ................
backtrace:
[<5ca11420>] kmem_cache_alloc+0x20c/0x5ac
[<127bdd74>] __alloc_skb+0x144/0x170
[<fb8a5e38>] __netdev_alloc_skb+0x50/0x180
[<0f9fa1d5>] __ieee80211_beacon_get+0x290/0x4d4 [mac80211]
[<7accd02d>] ieee80211_beacon_get_tim+0x54/0x18c [mac80211]
[<41e25cc3>] wfx_start_ap+0xc8/0x234 [wfx]
[<93a70356>] ieee80211_start_ap+0x404/0x6b4 [mac80211]
[<a4a661cd>] nl80211_start_ap+0x76c/0x9e0 [cfg80211]
[<47bd8b68>] genl_rcv_msg+0x198/0x378
[<453ef796>] netlink_rcv_skb+0xd0/0x130
[<6b7c977a>] genl_rcv+0x34/0x44
[<66b2d04d>] netlink_unicast+0x1b4/0x258
[<f965b9b6>] netlink_sendmsg+0x1e8/0x428
[<aadb8231>] ____sys_sendmsg+0x1e0/0x274
[<d2b5212d>] ___sys_sendmsg+0x80/0xb4
[<69954f45>] __sys_sendmsg+0x64/0xa8
unreferenced object 0xce087000 (size 1024):
comm "wpa_supplicant", pid 1559, jiffies 13006305 (age 964.246s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
10 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............
backtrace:
[<9a993714>] __kmalloc_track_caller+0x230/0x600
[<f83ea192>] kmalloc_reserve.constprop.0+0x30/0x74
[<a2c61343>] __alloc_skb+0xa0/0x170
[<fb8a5e38>] __netdev_alloc_skb+0x50/0x180
[<0f9fa1d5>] __ieee80211_beacon_get+0x290/0x4d4 [mac80211]
[<7accd02d>] ieee80211_beacon_get_tim+0x54/0x18c [mac80211]
[<41e25cc3>] wfx_start_ap+0xc8/0x234 [wfx]
[<93a70356>] ieee80211_start_ap+0x404/0x6b4 [mac80211]
[<a4a661cd>] nl80211_start_ap+0x76c/0x9e0 [cfg80211]
[<47bd8b68>] genl_rcv_msg+0x198/0x378
[<453ef796>] netlink_rcv_skb+0xd0/0x130
[<6b7c977a>] genl_rcv+0x34/0x44
[<66b2d04d>] netlink_unicast+0x1b4/0x258
[<f965b9b6>] netlink_sendmsg+0x1e8/0x428
[<aadb8231>] ____sys_sendmsg+0x1e0/0x274
[<d2b5212d>] ___sys_sendmsg+0x80/0xb4
However, since the kernel is build optimized, it seems the stack is not
accurate. It appears the issue is related to wfx_set_mfp_ap(). The issue
is obvious in this function: memory allocated by ieee80211_beacon_get()
is never released. Fixing this leak makes kmemleak happy.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
268bceec1684932e194ae87877dcc73f534d921c , < a1f57a0127b89a6b6620514564aa7eaec16d9af3
(git)
Affected: 268bceec1684932e194ae87877dcc73f534d921c , < 3a71ec74e5e3478d202a1874f085ca3ef40be49b (git) Affected: 268bceec1684932e194ae87877dcc73f534d921c , < 12f00a367b2b62756e0396f14b54c2c15524e1c3 (git) Affected: 268bceec1684932e194ae87877dcc73f534d921c , < dadbb5d29d6c5f571a50272fce8c1505a9559487 (git) Affected: 268bceec1684932e194ae87877dcc73f534d921c , < b8cfb7c819dd39965136a66fe3a7fde688d976fc (git) |
|
| Linux | Linux |
Affected:
5.10
Unaffected: 0 , < 5.10 (semver) Unaffected: 6.1.83 , ≤ 6.1.* (semver) Unaffected: 6.6.23 , ≤ 6.6.* (semver) Unaffected: 6.7.11 , ≤ 6.7.* (semver) Unaffected: 6.8.2 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix) |
|
| linux | linux_kernel |
Affected:
5.10
cpe:2.3:o:linux:linux_kernel:5.10:-:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
268bceec1684 , < a1f57a0127b8
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:5.10:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "5.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "a1f57a0127b8",
"status": "affected",
"version": "268bceec1684",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26896",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T16:49:12.892582Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:38.723Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a1f57a0127b89a6b6620514564aa7eaec16d9af3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3a71ec74e5e3478d202a1874f085ca3ef40be49b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/12f00a367b2b62756e0396f14b54c2c15524e1c3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dadbb5d29d6c5f571a50272fce8c1505a9559487"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b8cfb7c819dd39965136a66fe3a7fde688d976fc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/silabs/wfx/sta.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a1f57a0127b89a6b6620514564aa7eaec16d9af3",
"status": "affected",
"version": "268bceec1684932e194ae87877dcc73f534d921c",
"versionType": "git"
},
{
"lessThan": "3a71ec74e5e3478d202a1874f085ca3ef40be49b",
"status": "affected",
"version": "268bceec1684932e194ae87877dcc73f534d921c",
"versionType": "git"
},
{
"lessThan": "12f00a367b2b62756e0396f14b54c2c15524e1c3",
"status": "affected",
"version": "268bceec1684932e194ae87877dcc73f534d921c",
"versionType": "git"
},
{
"lessThan": "dadbb5d29d6c5f571a50272fce8c1505a9559487",
"status": "affected",
"version": "268bceec1684932e194ae87877dcc73f534d921c",
"versionType": "git"
},
{
"lessThan": "b8cfb7c819dd39965136a66fe3a7fde688d976fc",
"status": "affected",
"version": "268bceec1684932e194ae87877dcc73f534d921c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/silabs/wfx/sta.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.10"
},
{
"lessThan": "5.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.83",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.23",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.11",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8.2",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9",
"versionStartIncluding": "5.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wfx: fix memory leak when starting AP\n\nKmemleak reported this error:\n\n unreferenced object 0xd73d1180 (size 184):\n comm \"wpa_supplicant\", pid 1559, jiffies 13006305 (age 964.245s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 1e 00 01 00 00 00 00 00 ................\n backtrace:\n [\u003c5ca11420\u003e] kmem_cache_alloc+0x20c/0x5ac\n [\u003c127bdd74\u003e] __alloc_skb+0x144/0x170\n [\u003cfb8a5e38\u003e] __netdev_alloc_skb+0x50/0x180\n [\u003c0f9fa1d5\u003e] __ieee80211_beacon_get+0x290/0x4d4 [mac80211]\n [\u003c7accd02d\u003e] ieee80211_beacon_get_tim+0x54/0x18c [mac80211]\n [\u003c41e25cc3\u003e] wfx_start_ap+0xc8/0x234 [wfx]\n [\u003c93a70356\u003e] ieee80211_start_ap+0x404/0x6b4 [mac80211]\n [\u003ca4a661cd\u003e] nl80211_start_ap+0x76c/0x9e0 [cfg80211]\n [\u003c47bd8b68\u003e] genl_rcv_msg+0x198/0x378\n [\u003c453ef796\u003e] netlink_rcv_skb+0xd0/0x130\n [\u003c6b7c977a\u003e] genl_rcv+0x34/0x44\n [\u003c66b2d04d\u003e] netlink_unicast+0x1b4/0x258\n [\u003cf965b9b6\u003e] netlink_sendmsg+0x1e8/0x428\n [\u003caadb8231\u003e] ____sys_sendmsg+0x1e0/0x274\n [\u003cd2b5212d\u003e] ___sys_sendmsg+0x80/0xb4\n [\u003c69954f45\u003e] __sys_sendmsg+0x64/0xa8\n unreferenced object 0xce087000 (size 1024):\n comm \"wpa_supplicant\", pid 1559, jiffies 13006305 (age 964.246s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 10 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............\n backtrace:\n [\u003c9a993714\u003e] __kmalloc_track_caller+0x230/0x600\n [\u003cf83ea192\u003e] kmalloc_reserve.constprop.0+0x30/0x74\n [\u003ca2c61343\u003e] __alloc_skb+0xa0/0x170\n [\u003cfb8a5e38\u003e] __netdev_alloc_skb+0x50/0x180\n [\u003c0f9fa1d5\u003e] __ieee80211_beacon_get+0x290/0x4d4 [mac80211]\n [\u003c7accd02d\u003e] ieee80211_beacon_get_tim+0x54/0x18c [mac80211]\n [\u003c41e25cc3\u003e] wfx_start_ap+0xc8/0x234 [wfx]\n [\u003c93a70356\u003e] ieee80211_start_ap+0x404/0x6b4 [mac80211]\n [\u003ca4a661cd\u003e] nl80211_start_ap+0x76c/0x9e0 [cfg80211]\n [\u003c47bd8b68\u003e] genl_rcv_msg+0x198/0x378\n [\u003c453ef796\u003e] netlink_rcv_skb+0xd0/0x130\n [\u003c6b7c977a\u003e] genl_rcv+0x34/0x44\n [\u003c66b2d04d\u003e] netlink_unicast+0x1b4/0x258\n [\u003cf965b9b6\u003e] netlink_sendmsg+0x1e8/0x428\n [\u003caadb8231\u003e] ____sys_sendmsg+0x1e0/0x274\n [\u003cd2b5212d\u003e] ___sys_sendmsg+0x80/0xb4\n\nHowever, since the kernel is build optimized, it seems the stack is not\naccurate. It appears the issue is related to wfx_set_mfp_ap(). The issue\nis obvious in this function: memory allocated by ieee80211_beacon_get()\nis never released. Fixing this leak makes kmemleak happy."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:06:31.074Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a1f57a0127b89a6b6620514564aa7eaec16d9af3"
},
{
"url": "https://git.kernel.org/stable/c/3a71ec74e5e3478d202a1874f085ca3ef40be49b"
},
{
"url": "https://git.kernel.org/stable/c/12f00a367b2b62756e0396f14b54c2c15524e1c3"
},
{
"url": "https://git.kernel.org/stable/c/dadbb5d29d6c5f571a50272fce8c1505a9559487"
},
{
"url": "https://git.kernel.org/stable/c/b8cfb7c819dd39965136a66fe3a7fde688d976fc"
}
],
"title": "wifi: wfx: fix memory leak when starting AP",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26896",
"datePublished": "2024-04-17T10:27:47.214Z",
"dateReserved": "2024-02-19T14:20:24.186Z",
"dateUpdated": "2026-05-11T20:06:31.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-36350 (GCVE-0-2024-36350)
Vulnerability from cvelistv5 – Published: 2025-07-08 16:56 – Updated: 2025-11-04 21:08
VLAI
EPSS
Summary
A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.
Severity
5.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1421 - Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution
Assigner
References
Impacted products
23 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | AMD EPYC™ 7003 Series Processors |
Unaffected:
MilanPI 1.0.0.G + OS Updates
|
|
| AMD | AMD EPYC™ 9004 Series Processors |
Unaffected:
GenoaPI 1.0.0.E + OS Updates
|
|
| AMD | AMD EPYC™ 8004 Series Processors |
Unaffected:
GenoaPI 1.0.0.E + OS Updates
|
|
| AMD | AMD EPYC™ 9V64H Processor |
Unaffected:
MI300PI 1.0.0.7 + OS Updates
|
|
| AMD | AMD Ryzen™ 5000 Series Desktop Processors |
Unaffected:
ComboAM4v2PI 1.2.0.E + OS Updates
|
|
| AMD | AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics |
Unaffected:
ComboAM4v2PI 1.2.0.E + OS Updates
|
|
| AMD | AMD Ryzen™ 7000 Series Desktop Processors |
Unaffected:
ComboAM5PI 1.2.0.3 + OS Updates
Unaffected: ComboAM5PI 1.0.0.a+ OS Updates Unaffected: ComboAM5PI 1.1.0.3c+ OS Updates |
|
| AMD | AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics |
Unaffected:
ComboAM5PI 1.2.0.3 + OS Updates
Unaffected: ComboAM5PI 1.1.0.3c+ OS Updates |
|
| AMD | AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors |
Unaffected:
StormPeakPI-SP6 1.1.0.0i + OS Updates
Unaffected: StormPeakPI-SP6 1.0.0.1k + OS Updates |
|
| AMD | AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics |
Unaffected:
RembrandtPI-FP7 1.0.0.Bb + OS Updates
|
|
| AMD | AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics |
Unaffected:
RembrandtPI-FP7 1.0.0.Bb + OS Updates
|
|
| AMD | AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics |
Unaffected:
CezannePI-FP6 1.0.1.1b + OS Updates
|
|
| AMD | AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics |
Unaffected:
PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates
|
|
| AMD | AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics |
Unaffected:
PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates
|
|
| AMD | AMD Ryzen™ 7000 Series Mobile Processors |
Unaffected:
DragonRangeFL1 1.0.0.3g + OS Updates
|
|
| AMD | AMD EPYC™ Embedded 7003 Series Processors |
Unaffected:
EmbMilanPI-SP3 1.0.0.A + OS updates
|
|
| AMD | AMD EPYC™ Embedded 8004 Series Processors |
Unaffected:
EmbGenoaPI-SP5 1.0.0.9 + OS updates
|
|
| AMD | AMD EPYC™ Embedded 9004 Series Processors |
Unaffected:
EmbGenoaPI-SP5 1.0.0.9 + OS updates
|
|
| AMD | AMD Ryzen™ Embedded 5000 Series Processors |
Unaffected:
EmbAM4PI 1.0.0.7 + OS Update
|
|
| AMD | AMD Ryzen™ Embedded 7000 Series Processors |
Unaffected:
EmbeddedAM5PI 1.0.0.3 + OS updates
|
|
| AMD | AMD Ryzen™ Embedded V3000 Series Processors |
Unaffected:
Embedded-PI_FP7r2 100C + OS updates
|
|
| AMD | AMD EPYC™ Embedded 97X4 |
Unaffected:
EmbGenoaPI-SP5 1.0.0.9 + OS updates
|
|
| AMD | AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics |
Unaffected:
CezannePI-FP6 1.0.1.1b + OS Updates
|
Date Public
2025-07-08 16:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T20:23:14.382306Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T20:23:25.907Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:08:39.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"url": "http://xenbits.xen.org/xsa/advisory-471.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/28/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MilanPI 1.0.0.G + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI 1.0.0.E + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI 1.0.0.E + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9V64H Processor",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MI300PI 1.0.0.7 + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM4v2PI 1.2.0.E + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM4v2PI 1.2.0.E + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.0.3 + OS Updates"
},
{
"status": "unaffected",
"version": "ComboAM5PI 1.0.0.a+ OS Updates"
},
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3c+ OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.0.3 + OS Updates"
},
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3c+ OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StormPeakPI-SP6 1.1.0.0i + OS Updates"
},
{
"status": "unaffected",
"version": "StormPeakPI-SP6 1.0.0.1k + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "RembrandtPI-FP7 1.0.0.Bb + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "RembrandtPI-FP7 1.0.0.Bb + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "CezannePI-FP6 1.0.1.1b + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "DragonRangeFL1 1.0.0.3g + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbMilanPI-SP3 1.0.0.A + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbAM4PI 1.0.0.7 + OS Update"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedAM5PI 1.0.0.3 + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Embedded-PI_FP7r2 100C + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 97X4",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "CezannePI-FP6 1.0.1.1b + OS Updates"
}
]
}
],
"datePublic": "2025-07-08T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.\u003cbr\u003e"
}
],
"value": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1421",
"description": "CWE-1421 Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:02:23.593Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2024-36350",
"datePublished": "2025-07-08T16:56:39.834Z",
"dateReserved": "2024-05-23T19:44:50.000Z",
"dateUpdated": "2025-11-04T21:08:39.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-36357 (GCVE-0-2024-36357)
Vulnerability from cvelistv5 – Published: 2025-07-08 17:01 – Updated: 2025-11-04 21:08
VLAI
EPSS
Summary
A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.
Severity
5.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1421 - Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution
Assigner
References
Impacted products
23 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | AMD EPYC™ 7003 Series Processors |
Unaffected:
MilanPI 1.0.0.G + OS Updates
|
|
| AMD | AMD EPYC™ 9004 Series Processors |
Unaffected:
GenoaPI 1.0.0.E + OS Updates
|
|
| AMD | AMD EPYC™ 8004 Series Processors |
Unaffected:
GenoaPI 1.0.0.E + OS Updates
|
|
| AMD | AMD EPYC™ 9V64H Processor |
Unaffected:
MI300PI 1.0.0.7 + OS Updates
|
|
| AMD | AMD Ryzen™ 5000 Series Desktop Processors |
Unaffected:
ComboAM4v2PI 1.2.0.E + OS Updates
|
|
| AMD | AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics |
Unaffected:
ComboAM4v2PI 1.2.0.E + OS Updates
|
|
| AMD | AMD Ryzen™ 7000 Series Desktop Processors |
Unaffected:
ComboAM5PI 1.2.0.3 + OS Updates
Unaffected: ComboAM5PI 1.0.0.a+ OS Updates Unaffected: ComboAM5PI 1.1.0.3c+ OS Updates |
|
| AMD | AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics |
Unaffected:
ComboAM5PI 1.2.0.3 + OS Updates
Unaffected: ComboAM5PI 1.1.0.3c+ OS Updates |
|
| AMD | AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors |
Unaffected:
StormPeakPI-SP6 1.1.0.0i + OS Updates
Unaffected: StormPeakPI-SP6 1.0.0.1k + OS Updates |
|
| AMD | AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics |
Unaffected:
RembrandtPI-FP7 1.0.0.Bb + OS Updates
|
|
| AMD | AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics |
Unaffected:
RembrandtPI-FP7 1.0.0.Bb + OS Updates
|
|
| AMD | AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics |
Unaffected:
CezannePI-FP6 1.0.1.1b + OS Updates
|
|
| AMD | AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics |
Unaffected:
PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates
|
|
| AMD | AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics |
Unaffected:
PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates
|
|
| AMD | AMD Ryzen™ 7000 Series Mobile Processors |
Unaffected:
DragonRangeFL1 1.0.0.3g + OS Updates
|
|
| AMD | AMD EPYC™ Embedded 7003 Series Processors |
Unaffected:
EmbMilanPI-SP3 1.0.0.A + OS updates
|
|
| AMD | AMD EPYC™ Embedded 8004 Series Processors |
Unaffected:
EmbGenoaPI-SP5 1.0.0.9 + OS updates
|
|
| AMD | AMD EPYC™ Embedded 9004 Series Processors |
Unaffected:
EmbGenoaPI-SP5 1.0.0.9 + OS updates
|
|
| AMD | AMD Ryzen™ Embedded 5000 Series Processors |
Unaffected:
EmbAM4PI 1.0.0.7 + OS Update
|
|
| AMD | AMD Ryzen™ Embedded 7000 Series Processors |
Unaffected:
EmbeddedAM5PI 1.0.0.3 + OS updates
|
|
| AMD | AMD Ryzen™ Embedded V3000 Series Processors |
Unaffected:
Embedded-PI_FP7r2 100C + OS updates
|
|
| AMD | AMD EPYC™ Embedded 97X4 |
Unaffected:
EmbGenoaPI-SP5 1.0.0.9 + OS updates
|
|
| AMD | AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics |
Unaffected:
CezannePI-FP6 1.0.1.1b + OS Updates
|
Date Public
2025-07-08 16:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36357",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-09T13:36:59.777404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-09T13:37:06.013Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:08:40.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"url": "http://xenbits.xen.org/xsa/advisory-471.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/28/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MilanPI 1.0.0.G + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI 1.0.0.E + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "GenoaPI 1.0.0.E + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9V64H Processor",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MI300PI 1.0.0.7 + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM4v2PI 1.2.0.E + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM4v2PI 1.2.0.E + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.0.3 + OS Updates"
},
{
"status": "unaffected",
"version": "ComboAM5PI 1.0.0.a+ OS Updates"
},
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3c+ OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "ComboAM5PI 1.2.0.3 + OS Updates"
},
{
"status": "unaffected",
"version": "ComboAM5PI 1.1.0.3c+ OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "StormPeakPI-SP6 1.1.0.0i + OS Updates"
},
{
"status": "unaffected",
"version": "StormPeakPI-SP6 1.0.0.1k + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "RembrandtPI-FP7 1.0.0.Bb + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "RembrandtPI-FP7 1.0.0.Bb + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "CezannePI-FP6 1.0.1.1b + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "DragonRangeFL1 1.0.0.3g + OS Updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbMilanPI-SP3 1.0.0.A + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbAM4PI 1.0.0.7 + OS Update"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbeddedAM5PI 1.0.0.3 + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Embedded-PI_FP7r2 100C + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 97X4",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "CezannePI-FP6 1.0.1.1b + OS Updates"
}
]
}
],
"datePublic": "2025-07-08T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.\u003cbr\u003e"
}
],
"value": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1421",
"description": "CWE-1421 Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:01:48.957Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2024-36357",
"datePublished": "2025-07-08T17:01:48.957Z",
"dateReserved": "2024-05-23T19:44:50.001Z",
"dateUpdated": "2025-11-04T21:08:40.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…