linux kernel

CVE-2023-7192 is a memory-management bug in the Linux kernel’s netfilter conntrack netlink path that can leak references and eventually cause a denial-of-service (DoS) condition; the flaw lives in ctnetlink_create_conntrack (net/netfilter/nf_conntrack_netlink.c) and can be triggered by a local...

A recently disclosed Linux-kernel vulnerability, tracked as CVE-2023-51042, exposes a fence-related use‑after‑free in the AMD GPU driver (amdgpu) that was fixed upstream in the 6.4.12 stable release; the bug can crash affected kernels or otherwise deny availability to systems that accept...

A subtle bug in the Linux kernel’s TIPC subsystem — a double-locking condition in tipc_crypto_key_revoke() — can be driven into a kernel‑level deadlock that lets a local, authenticated user hang or crash a machine. The issue, tracked as CVE‑2024‑0641, is an availability‑only failure (denial of...

The Linux kernel received a low‑to‑medium severity vulnerability report identified as CVE-2024-0639, a subtle locking bug in the SCTP subsystem that can trigger a kernel deadlock on the per‑net workqueue lock net->sctp.addr_wq_lock, allowing a local attacker to cause a denial‑of‑service (DoS) by...

A critical robustness bug in the Linux kernel’s SMB/CIFS client—tracked as CVE-2024-0565—creates an integer-underflow condition in the function receive_encrypted_standard that can lead to out‑of‑bounds memory reads, denial-of-service, and in some vendor assessments the potential for remote code...

A subtle timing bug deep in the Linux writeback code — a use‑after‑free in wb_inode_writeback_end() — can let an attacker trigger a kernel panic or sustained denial‑of‑service by removing a disk while writeback bookkeeping is still racing to schedule bandwidth‑estimation work; the flaw is...

The Linux kernel vulnerability tracked as CVE-2023-52340 exposes a subtle but powerful availability risk: a flaw in the IPv6 route-caching logic can be driven into a denial-of-service condition by repeated IPv6 traffic patterns (for example, packets sent in a loop from a raw socket or floods of...

A subtle concurrency bug in the Linux kernel’s I²C LPI2C driver — tracked as CVE‑2024‑40965 — can produce a system‑level deadlock when clock rate queries are made while a device probe or transfer is in progress, and upstream maintainers fixed it by locking and caching the clock rate instead of...

A small timing bug in the Linux kernel’s PowerPC pseries kexec path — tracked as CVE-2024-42230 — can cause a deterministic kernel crash during kexec on affected IBM Power systems, and upstream maintainers have changed the kexec sequence to prevent CPUs from executing the SCV instruction after...

The ionic network driver bug tracked as CVE-2024-42083 is a low-level Linux kernel flaw that can trigger a hard kernel panic when the driver mishandles multi-buffer (scatter-gather) packets in XDP paths; Microsoft’s public guidance currently identifies Azure Linux as the only Microsoft product...

The Linux kernel received a targeted, upstream fix in July 2024 for a memory-safety bug in the BPF arena subsystem — tracked as CVE-2024-42075 — that could produce a use-after-free when memory regions backed by the BPF arena are remapped. The patch adds a reference counter to account for...

Microsoft’s short MSRC advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is an inventory attestation, not a technical guarantee that no other Microsoft product could contain the same vulnerable Linux kernel code. erview...

A subtle mapping bug in the Linux kernel’s AMD Kernel Fusion Driver (KFD) — tracked as CVE-2024-41011 — can cause the driver to map more MMIO (memory‑mapped I/O) space than intended on systems that use page sizes larger than 4 KB, exposing a full PAGE_SIZE of device MMIO instead of the single 4...

The Linux kernel fix tracked as CVE-2024-41009 addresses a correctness bug in the BPF ring buffer (bpf_ringbuf) implementation that could let allocated records overlap and allow a BPF program to corrupt ring buffer metadata — a kernel-level defect that affects any build of the Linux kernel...

The Linux kernel received a targeted fix this summer for a subtle but real availability bug in the Video for Linux (V4L) asynchronous notifier code: notifier list entries were not being re‑initialised after unregister, leaving dangling list pointers that can crash the kernel and produce a local...

The Linux kernel fix tracked as CVE‑2024‑39482 addresses a memory‑safety defect in the bcache code path — specifically a variable‑length array misuse inside the btree_iter structure — and Microsoft’s public advisory that “Azure Linux includes this open‑source library and is therefore potentially...

Microsoft’s MSRC entry for CVE-2024-39481 names the Linux kernel media controller fix (“media: mc: Fix graph walk in media_pipeline_start”) and explicitly calls out Azure Linux as a Microsoft product that “includes this open‑source library and is therefore potentially affected,” but that...

The Linux kernel’s legacy framebuffer driver for S3 Savage hardware contains a simple-but-serious error‑handling bug that can be triggered locally to crash a host kernel: a missing check in the savagefb probe path fails to handle an error return from savagefb_check_var, allowing a zero-valued...

A quietly released Linux-kernel fix tracked as CVE-2024-39473 closes a NULL-pointer dereference in the Sound Open Firmware (SOF) IPC4 topology code — but Microsoft’s public attestation that “Azure Linux includes this open‑source library and is therefore potentially affected” should be read as a...

A subtle NULL pointer check left out of the Linux kernel’s Intel “ice” Ethernet driver quietly turned into a kernel-level outage: CVE-2022-48841 is a NULL pointer dereference in ice_update_vsi_tx_ring_stats() that can crash an affected system and cause a denial-of-service condition unless the...