linux kernel

Enterprise storage is quietly rewriting its rules: Linux — in both pure open-source form and as the hidden kernel of proprietary NAS platforms — now sits at the heart of most file-server deployments, and the size of the NAS market is ballooning into the tens of billions as organizations and...

A race in the Linux kernel’s Direct Rendering Manager (DRM) stack — tracked as CVE‑2023‑51043 — can let a nonblocking atomic modeset commit touch freed kernel memory when it races with a driver unload, producing a use‑after‑free that can crash or destabilize systems and has been fixed upstream...

A straightforward NULL-pointer bug in the Linux NFC stack — fixed upstream in the 6.5.9 stable release — created a local denial‑of‑service risk that could crash kernels handling Near‑Field Communication traffic; the defect was tracked as CVE‑2023‑46343 and closed by a one‑line defensive check in...

The Linux kernel received a targeted robustness fix for a device‑mapper ioctl bug tracked as CVE‑2024‑23851: a missing check in copy_params (drivers/md/dm-ioctl.c) could let an ioctl request lead the kernel to try to allocate more than INT_MAX bytes and crash, producing a local denial‑of‑service...

The Linux kernel’s md/raid5 code contained a subtle but dangerous integer‑overflow bug in the function raid5_cache_count() that was tracked as CVE‑2024‑23307 — a defect that can be forced by concurrent modifications of RAID stripe‑count variables and that may lead to a sustained or persistent...

A subtle parse-time error in the Linux in‑kernel SMB server (ksmbd) can let a malformed SMB2 Create request provoke an out‑of‑bounds memory access in kernel space — a defect tracked as CVE‑2024‑22705 that was fixed upstream in the 6.6.10 stable release and that carries real, immediate...

A subtle pointer‑math mistake in the Linux kernel’s Netfilter nf_tables code — tracked as CVE‑2024‑0607 — lets a local actor corrupt internal data by writing eight bytes into a four‑byte slot inside nft_byteorder_eval(), producing memory corruption that leads to kernel instability and reliable...

A subtle memory-management bug deep inside the ext4 remount path—tracked as CVE-2024-0775—can turn routine mount option changes into a kernel-level use-after-free, enabling a local attacker to crash systems or leak kernel memory if left unpatched. Background ext4 is the default filesystem for...

A critical Linux-kernel flaw tracked as CVE-2024-0646 allows the kernel’s kTLS path to write past intended memory bounds when a user calls splice() with a kTLS socket as the destination, producing out‑of‑bounds writes that can crash the system or — in the worst case — be weaponized for local...

A subtle race in the Linux kernel’s Unix-domain socket garbage collector can let the kernel free socket buffers (skbs) while another path still holds a pointer to them, producing a classic use‑after‑free (UAF) that can crash or destabilize systems and — in theory — open the door to more serious...

CVE-2023-7192 is a memory-management bug in the Linux kernel’s netfilter conntrack netlink path that can leak references and eventually cause a denial-of-service (DoS) condition; the flaw lives in ctnetlink_create_conntrack (net/netfilter/nf_conntrack_netlink.c) and can be triggered by a local...

A recently disclosed Linux-kernel vulnerability, tracked as CVE-2023-51042, exposes a fence-related use‑after‑free in the AMD GPU driver (amdgpu) that was fixed upstream in the 6.4.12 stable release; the bug can crash affected kernels or otherwise deny availability to systems that accept...

A subtle bug in the Linux kernel’s TIPC subsystem — a double-locking condition in tipc_crypto_key_revoke() — can be driven into a kernel‑level deadlock that lets a local, authenticated user hang or crash a machine. The issue, tracked as CVE‑2024‑0641, is an availability‑only failure (denial of...

The Linux kernel received a low‑to‑medium severity vulnerability report identified as CVE-2024-0639, a subtle locking bug in the SCTP subsystem that can trigger a kernel deadlock on the per‑net workqueue lock net->sctp.addr_wq_lock, allowing a local attacker to cause a denial‑of‑service (DoS) by...

A critical robustness bug in the Linux kernel’s SMB/CIFS client—tracked as CVE-2024-0565—creates an integer-underflow condition in the function receive_encrypted_standard that can lead to out‑of‑bounds memory reads, denial-of-service, and in some vendor assessments the potential for remote code...

A subtle timing bug deep in the Linux writeback code — a use‑after‑free in wb_inode_writeback_end() — can let an attacker trigger a kernel panic or sustained denial‑of‑service by removing a disk while writeback bookkeeping is still racing to schedule bandwidth‑estimation work; the flaw is...

The Linux kernel vulnerability tracked as CVE-2023-52340 exposes a subtle but powerful availability risk: a flaw in the IPv6 route-caching logic can be driven into a denial-of-service condition by repeated IPv6 traffic patterns (for example, packets sent in a loop from a raw socket or floods of...

A subtle concurrency bug in the Linux kernel’s I²C LPI2C driver — tracked as CVE‑2024‑40965 — can produce a system‑level deadlock when clock rate queries are made while a device probe or transfer is in progress, and upstream maintainers fixed it by locking and caching the clock rate instead of...

A small timing bug in the Linux kernel’s PowerPC pseries kexec path — tracked as CVE-2024-42230 — can cause a deterministic kernel crash during kexec on affected IBM Power systems, and upstream maintainers have changed the kexec sequence to prevent CPUs from executing the SCV instruction after...

The ionic network driver bug tracked as CVE-2024-42083 is a low-level Linux kernel flaw that can trigger a hard kernel panic when the driver mishandles multi-buffer (scatter-gather) packets in XDP paths; Microsoft’s public guidance currently identifies Azure Linux as the only Microsoft product...