SB2024082053 - SUSE update for the Linux Kernel
Published: August 20, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 783 secuirty vulnerabilities.
1) Integer overflow (CVE-ID: CVE-2021-47432)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the __genradix_iter_peek() function in lib/generic-radix-tree.c. A local user can execute arbitrary code.
2) NULL pointer dereference (CVE-ID: CVE-2022-48772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lgdt3306a_probe() function in drivers/media/dvb-frontends/lgdt3306a.c. A local user can perform a denial of service (DoS) attack.
3) Improper locking (CVE-ID: CVE-2023-0160)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
4) Input validation error (CVE-ID: CVE-2023-38417)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker on the local network can send specially crafted packets to the system and perform a denial of service (DoS) attack.
5) Input validation error (CVE-ID: CVE-2023-47210)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker on the local network can send specially crafted packets to the system and perform a denial of service (DoS) attack.
6) Race condition (CVE-ID: CVE-2023-51780)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in the ATM (Asynchronous Transfer Mode) subsystem in Linux kernel. A local user can exploit the race and escalate privileges on the system.
7) Buffer overflow (CVE-ID: CVE-2023-52435)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the skb_segment() function. A local user can trigger memory corruption and crash the kernel.
8) NULL pointer dereference (CVE-ID: CVE-2023-52458)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blkpg_do_ioctl() function in block/ioctl.c. A local user can perform a denial of service (DoS) attack.
9) NULL pointer dereference (CVE-ID: CVE-2023-52472)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rsa_check_exponent_fips() function in crypto/rsa.c. A local user can perform a denial of service (DoS) attack.
10) Use-after-free (CVE-ID: CVE-2023-52503)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the destroy_session(), amdtee_open_session() and amdtee_close_session() functions in drivers/tee/amdtee/core.c. A local user can escalate privileges on the system.
11) Improper Initialization (CVE-ID: CVE-2023-52616)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the mpi_ec_init() function in lib/mpi/ec.c. A local user can perform a denial of service (DoS) attack.
12) Buffer overflow (CVE-ID: CVE-2023-52618)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rnbd_srv_get_full_path() function in drivers/block/rnbd/rnbd-srv.c. A local user can perform a denial of service (DoS) attack.
13) Buffer overflow (CVE-ID: CVE-2023-52622)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the alloc_flex_gd() and ext4_setup_next_flex_gd() functions in fs/ext4/resize.c. A local user can escalate privileges on the system.
14) NULL pointer dereference (CVE-ID: CVE-2023-52631)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fs/ntfs3/ntfs_fs.h. A local user can perform a denial of service (DoS) attack.
15) Improper locking (CVE-ID: CVE-2023-52635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the devfreq_monitor(), devfreq_monitor_start() and devfreq_monitor_stop() functions in drivers/devfreq/devfreq.c. A local user can perform a denial of service (DoS) attack.
16) Out-of-bounds read (CVE-ID: CVE-2023-52640)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ntfs_list_ea() function in fs/ntfs3/xattr.c. A local user can perform a denial of service (DoS) attack.
17) NULL pointer dereference (CVE-ID: CVE-2023-52641)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ni_find_attr() and run_truncate_around() functions in fs/ntfs3/attrib.c. A local user can perform a denial of service (DoS) attack.
18) Race condition (CVE-ID: CVE-2023-52645)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the scpsys_add_subdomain() and scpsys_remove_one_domain() functions in drivers/soc/mediatek/mtk-pm-domains.c. A local user can perform a denial of service (DoS) attack.
19) Information disclosure (CVE-ID: CVE-2023-52652)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the pci_vntb_probe() function in drivers/pci/endpoint/functions/pci-epf-vntb.c, within the EXPORT_SYMBOL() and ntb_register_device() functions in drivers/ntb/core.c. A local user can gain access to sensitive information.
20) Memory leak (CVE-ID: CVE-2023-52653)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gss_import_v2_context() function in net/sunrpc/auth_gss/gss_krb5_mech.c. A local user can perform a denial of service (DoS) attack.
21) Use of obsolete function (CVE-ID: CVE-2023-52656)
The vulnerability allows a local user to have negative impact on system performance.
The vulnerability exists due to usage of dead code related to SCM_RIGHTS within the io_allocate_scq_urings(), io_ring_ctx_free(), and io_cqring_wait() function in fs/io_uring.c. A local user can influence system performance.
22) Improper error handling (CVE-ID: CVE-2023-52657)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the si_dpm_enable() and si_dpm_process_interrupt() functions in drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c. A local user can perform a denial of service (DoS) attack.
23) Input validation error (CVE-ID: CVE-2023-52658)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the esw_inline_mode_to_devlink() and mlx5_devlink_eswitch_mode_set() functions in drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c. A local user can perform a denial of service (DoS) attack.
24) Input validation error (CVE-ID: CVE-2023-52659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the arch/x86/include/asm/page.h. A local user can perform a denial of service (DoS) attack.
25) Improper error handling (CVE-ID: CVE-2023-52660)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the rkisp1_isp_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c, within the rkisp1_runtime_suspend() and rkisp1_runtime_resume() functions in drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c, within the rkisp1_csi_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c, within the rkisp1_capture_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c. A local user can perform a denial of service (DoS) attack.
26) Improper error handling (CVE-ID: CVE-2023-52661)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the tegra_dc_rgb_probe() function in drivers/gpu/drm/tegra/rgb.c. A local user can perform a denial of service (DoS) attack.
27) Memory leak (CVE-ID: CVE-2023-52662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vmw_gmrid_man_get_node() function in drivers/gpu/drm/vmwgfx/vmwgfx_gmrid_manager.c. A local user can perform a denial of service (DoS) attack.
28) Memory leak (CVE-ID: CVE-2023-52663)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amd_sof_acp_probe() function in sound/soc/sof/amd/acp.c. A local user can perform a denial of service (DoS) attack.
29) Double free (CVE-ID: CVE-2023-52664)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the aq_vec_ring_alloc() function in drivers/net/ethernet/aquantia/atlantic/aq_vec.c, within the aq_get_rxpages(), aq_ring_alloc(), aq_ring_rx_alloc() and aq_ring_hwts_rx_alloc() functions in drivers/net/ethernet/aquantia/atlantic/aq_ring.c, within the aq_ptp_ring_alloc() function in drivers/net/ethernet/aquantia/atlantic/aq_ptp.c. A local user can perform a denial of service (DoS) attack.
30) Double free (CVE-ID: CVE-2023-52667)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the fs_any_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en/fs_tt_redirect.c. A local user can perform a denial of service (DoS) attack.
31) Out-of-bounds read (CVE-ID: CVE-2023-52669)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ctr_paes_crypt() function in arch/s390/crypto/paes_s390.c, within the ctr_aes_crypt() function in arch/s390/crypto/aes_s390.c. A local user can perform a denial of service (DoS) attack.
32) Memory leak (CVE-ID: CVE-2023-52670)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the virtio_rpmsg_release_device() function in drivers/rpmsg/virtio_rpmsg_bus.c. A local user can perform a denial of service (DoS) attack.
33) Integer underflow (CVE-ID: CVE-2023-52671)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the optc32_disable_crtc() function in drivers/gpu/drm/amd/display/dc/dcn32/dcn32_optc.c. A local user can execute arbitrary code.
34) Improper locking (CVE-ID: CVE-2023-52672)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pipe_resize_ring() and pipe_set_size() functions in fs/pipe.c. A local user can perform a denial of service (DoS) attack.
35) NULL pointer dereference (CVE-ID: CVE-2023-52673)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the capabilities_show() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can perform a denial of service (DoS) attack.
36) Out-of-bounds read (CVE-ID: CVE-2023-52674)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the scarlett2_mixer_ctl_put() function in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
37) NULL pointer dereference (CVE-ID: CVE-2023-52675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the update_events_in_group() function in arch/powerpc/perf/imc-pmu.c. A local user can perform a denial of service (DoS) attack.
38) Integer overflow (CVE-ID: CVE-2023-52676)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the check_ptr_to_map_access() and check_stack_access_within_bounds() functions in kernel/bpf/verifier.c. A local user can execute arbitrary code.
39) Improper error handling (CVE-ID: CVE-2023-52678)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the kfd_create_indirect_link_prop() and kfd_add_peer_prop() functions in drivers/gpu/drm/amd/amdkfd/kfd_topology.c. A local user can perform a denial of service (DoS) attack.
40) Double free (CVE-ID: CVE-2023-52679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the of_unittest_parse_phandle_with_args() and of_unittest_parse_phandle_with_args_map() functions in drivers/of/unittest.c, within the of_parse_phandle_with_args_map() function in drivers/of/base.c. A local user can perform a denial of service (DoS) attack.
41) Improper error handling (CVE-ID: CVE-2023-52680)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the scarlett2_sync_ctl_get(), scarlett2_master_volume_ctl_get(), scarlett2_volume_ctl_get(), scarlett2_mute_ctl_get(), scarlett2_level_enum_ctl_get(), scarlett2_pad_ctl_get(), scarlett2_air_ctl_get(), scarlett2_phantom_ctl_get(), scarlett2_direct_monitor_ctl_get(), scarlett2_speaker_switch_enum_ctl_get(), scarlett2_talkback_enum_ctl_get(), scarlett2_dim_mute_ctl_get() and scarlett2_mux_src_enum_ctl_get() functions in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
42) Improper locking (CVE-ID: CVE-2023-52681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the efivarfs_init_fs_context() function in fs/efivarfs/super.c. A local user can perform a denial of service (DoS) attack.
43) Integer overflow (CVE-ID: CVE-2023-52683)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the lpit_update_residency() function in drivers/acpi/acpi_lpit.c. A local user can execute arbitrary code.
44) Buffer overflow (CVE-ID: CVE-2023-52685)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the persistent_ram_init_ecc() function in fs/pstore/ram_core.c. A local user can escalate privileges on the system.
45) NULL pointer dereference (CVE-ID: CVE-2023-52686)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the opal_event_init() function in arch/powerpc/platforms/powernv/opal-irqchip.c. A local user can perform a denial of service (DoS) attack.
46) Improper error handling (CVE-ID: CVE-2023-52687)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the safexcel_send_req() function in drivers/crypto/inside-secure/safexcel_cipher.c. A local user can perform a denial of service (DoS) attack.
47) Memory leak (CVE-ID: CVE-2023-52690)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the scom_debug_init_one() function in arch/powerpc/platforms/powernv/opal-xscom.c. A local user can perform a denial of service (DoS) attack.
48) Double free (CVE-ID: CVE-2023-52691)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the si_dpm_init() function in drivers/gpu/drm/amd/amdgpu/si_dpm.c. A local user can perform a denial of service (DoS) attack.
49) Improper error handling (CVE-ID: CVE-2023-52692)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the scarlett2_usb_set_config() function in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
50) Use of uninitialized resource (CVE-ID: CVE-2023-52693)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the acpi_video_dev_register_backlight() function in drivers/acpi/acpi_video.c. A local user can perform a denial of service (DoS) attack.
51) Resource management error (CVE-ID: CVE-2023-52694)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the tpd12s015_probe() function in drivers/gpu/drm/bridge/ti-tpd12s015.c. A local user can perform a denial of service (DoS) attack.
52) NULL pointer dereference (CVE-ID: CVE-2023-52695)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the create_validate_stream_for_sink() and dm_update_crtc_state() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
53) NULL pointer dereference (CVE-ID: CVE-2023-52696)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the opal_powercap_init() function in arch/powerpc/platforms/powernv/opal-powercap.c. A local user can perform a denial of service (DoS) attack.
54) Input validation error (CVE-ID: CVE-2023-52697)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sof_sdw_rt_sdca_jack_exit() function in sound/soc/intel/boards/sof_sdw_rt_sdca_jack_common.c. A local user can perform a denial of service (DoS) attack.
55) Memory leak (CVE-ID: CVE-2023-52698)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the netlbl_calipso_ops_register(), netlbl_calipso_add_pass() and netlbl_calipso_genl_init() functions in net/netlabel/netlabel_calipso.c. A local user can perform a denial of service (DoS) attack.
56) Improper locking (CVE-ID: CVE-2023-52699)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the block_end(), get_branch(), get_block() and find_shared() functions in fs/sysv/itree.c. A local user can perform a denial of service (DoS) attack.
57) Memory leak (CVE-ID: CVE-2023-52735)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sock_map_unhash(), sock_map_destroy() and sock_map_close() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
58) NULL pointer dereference (CVE-ID: CVE-2023-52749)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the spi_unregister_controller(), __spi_transfer_message_noqueue() and __spi_sync() functions in drivers/spi/spi.c. A local user can perform a denial of service (DoS) attack.
59) Improper error handling (CVE-ID: CVE-2023-52750)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/arm64/Kconfig. A local user can perform a denial of service (DoS) attack.
60) Use-after-free (CVE-ID: CVE-2023-52751)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the find_or_create_cached_dir(), spin_unlock() and open_cached_dir() functions in fs/smb/client/cached_dir.c. A local user can escalate privileges on the system.
61) NULL pointer dereference (CVE-ID: CVE-2023-52753)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_stream_get_vblank_counter() and dc_stream_get_scanoutpos() functions in drivers/gpu/drm/amd/display/dc/core/dc_stream.c. A local user can perform a denial of service (DoS) attack.
62) Input validation error (CVE-ID: CVE-2023-52754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the imon_probe() function in drivers/media/rc/imon.c. A local user can perform a denial of service (DoS) attack.
63) Use-after-free (CVE-ID: CVE-2023-52757)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the alloc_mid() function in fs/smb/client/transport.c, within the __smb2_handle_cancelled_cmd() function in fs/smb/client/smb2misc.c, within the cifs_compose_mount_options(), __release_mid() and cifs_get_tcon_super() functions in fs/smb/client/cifsproto.h. A local user can escalate privileges on the system.
64) Reachable Assertion (CVE-ID: CVE-2023-52759)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the qd_check_sync() function in fs/gfs2/quota.c. A local user can perform a denial of service (DoS) attack.
65) Buffer overflow (CVE-ID: CVE-2023-52762)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the virtblk_probe() function in drivers/block/virtio_blk.c. A local user can perform a denial of service (DoS) attack.
66) Resource management error (CVE-ID: CVE-2023-52763)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the hci_dat_v1_init(), hci_dat_v1_cleanup() and hci_dat_v1_free_entry() functions in drivers/i3c/master/mipi-i3c-hci/dat_v1.c. A local user can perform a denial of service (DoS) attack.
67) Out-of-bounds read (CVE-ID: CVE-2023-52764)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the set_flicker() function in drivers/media/usb/gspca/cpia1.c. A local user can perform a denial of service (DoS) attack.
68) NULL pointer dereference (CVE-ID: CVE-2023-52765)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the DEFINE_MUTEX(), qcom_pmic_get_base_usid(), qcom_pmic_get() and pmic_spmi_probe() functions in drivers/mfd/qcom-spmi-pmic.c. A local user can perform a denial of service (DoS) attack.
69) Out-of-bounds read (CVE-ID: CVE-2023-52766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hci_dma_irq_handler() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.
70) NULL pointer dereference (CVE-ID: CVE-2023-52767)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tls_sw_splice_eof() function in net/tls/tls_sw.c. A local user can perform a denial of service (DoS) attack.
71) Out-of-bounds read (CVE-ID: CVE-2023-52768)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a boundary condition within the wilc_wlan_init() function in drivers/net/wireless/microchip/wilc1000/wlan.c. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
72) Use-after-free (CVE-ID: CVE-2023-52769)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath12k_htt_mlo_offset_event_handler() function in drivers/net/wireless/ath/ath12k/dp_rx.c. A local user can escalate privileges on the system.
73) Use-after-free (CVE-ID: CVE-2023-52771)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the grandparent() function in drivers/cxl/core/port.c. A local user can escalate privileges on the system.
74) Use-after-free (CVE-ID: CVE-2023-52772)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the unix_stream_recv_urg() function in net/unix/af_unix.c. A local user can escalate privileges on the system.
75) NULL pointer dereference (CVE-ID: CVE-2023-52773)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_i2c_xfer() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
76) Improper locking (CVE-ID: CVE-2023-52774)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dasd_profile_start() function in drivers/s390/block/dasd.c. A local user can perform a denial of service (DoS) attack.
77) Buffer overflow (CVE-ID: CVE-2023-52775)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the smcr_clnt_conf_first_link() function in net/smc/af_smc.c when handling SMC DECLINE messages. A remote attacker can send specially crafted SMC DECLINE message to the system, trigger memory corruption and perform a denial of service (DoS) attack.
78) Use-after-free (CVE-ID: CVE-2023-52776)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath12k_wmi_pdev_dfs_radar_detected_event() and ath12k_wmi_pdev_temperature_event() functions in drivers/net/wireless/ath/ath12k/wmi.c. A local user can escalate privileges on the system.
79) Use-after-free (CVE-ID: CVE-2023-52777)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath11k_wmi_gtk_offload_status_event() function in drivers/net/wireless/ath/ath11k/wmi.c. A local user can escalate privileges on the system.
80) NULL pointer dereference (CVE-ID: CVE-2023-52780)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mvneta_ethtool_get_strings(), mvneta_ethtool_pp_stats() and mvneta_ethtool_get_stats() functions in drivers/net/ethernet/marvell/mvneta.c. A local user can perform a denial of service (DoS) attack.
81) Incorrect calculation (CVE-ID: CVE-2023-52781)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the usb_get_bos_descriptor() function in drivers/usb/core/config.c. A local user can perform a denial of service (DoS) attack.
82) Improper locking (CVE-ID: CVE-2023-52782)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_txwqe_complete() function in drivers/net/ethernet/mellanox/mlx5/core/en_tx.c. A local user can perform a denial of service (DoS) attack.
83) NULL pointer dereference (CVE-ID: CVE-2023-52783)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the txgbe_sw_init() function in drivers/net/ethernet/wangxun/txgbe/txgbe_main.c, within the ngbe_sw_init() function in drivers/net/ethernet/wangxun/ngbe/ngbe_main.c, within the wx_sw_init() function in drivers/net/ethernet/wangxun/libwx/wx_hw.c. A local user can perform a denial of service (DoS) attack.
84) Improper error handling (CVE-ID: CVE-2023-52784)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bond_setup_by_slave() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
85) Improper locking (CVE-ID: CVE-2023-52786)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_dio_write_iter() function in fs/ext4/file.c. A local user can perform a denial of service (DoS) attack.
86) Resource management error (CVE-ID: CVE-2023-52787)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the blk_mq_get_new_requests(), blk_mq_get_cached_request() and blk_mq_submit_bio() functions in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
87) NULL pointer dereference (CVE-ID: CVE-2023-52788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i915_perf_open_ioctl(), i915_perf_add_config_ioctl() and i915_perf_remove_config_ioctl() functions in drivers/gpu/drm/i915/i915_perf.c. A local user can perform a denial of service (DoS) attack.
88) NULL pointer dereference (CVE-ID: CVE-2023-52789)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vcc_probe() and vcc_table_remove() functions in drivers/tty/vcc.c. A local user can perform a denial of service (DoS) attack.
89) Improper locking (CVE-ID: CVE-2023-52791)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/i2c/i2c-core.h. A local user can perform a denial of service (DoS) attack.
90) Use of uninitialized resource (CVE-ID: CVE-2023-52792)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the cxl_region_attach() function in drivers/cxl/core/region.c. A local user can perform a denial of service (DoS) attack.
91) Out-of-bounds read (CVE-ID: CVE-2023-52794)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the module_param_cb() function in drivers/thermal/intel/intel_powerclamp.c. A local user can perform a denial of service (DoS) attack.
92) Double free (CVE-ID: CVE-2023-52795)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the vhost_vdpa_probe() function in drivers/vhost/vdpa.c. A local user can perform a denial of service (DoS) attack.
93) Improper locking (CVE-ID: CVE-2023-52796)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ipvlan_addr_lookup(), IS_ENABLED() and ipvlan_process_v6_outbound() functions in drivers/net/ipvlan/ipvlan_core.c. A local user can perform a denial of service (DoS) attack.
94) Use-after-free (CVE-ID: CVE-2023-52798)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath11k_wmi_pdev_dfs_radar_detected_event() function in drivers/net/wireless/ath/ath11k/wmi.c. A local user can escalate privileges on the system.
95) Out-of-bounds read (CVE-ID: CVE-2023-52799)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAllocCtl(), dbFindCtl(), dbAllocDmapLev(), dbAdjTree() and dbFindLeaf() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
96) Use-after-free (CVE-ID: CVE-2023-52800)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath11k_htt_pktlog() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can escalate privileges on the system.
97) Use-after-free (CVE-ID: CVE-2023-52801)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iopt_area_split() function in drivers/iommu/iommufd/io_pagetable.c. A local user can escalate privileges on the system.
98) Use-after-free (CVE-ID: CVE-2023-52803)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rpc_clnt_remove_pipedir() and rpc_setup_pipedir() functions in net/sunrpc/clnt.c. A local user can escalate privileges on the system.
99) Out-of-bounds read (CVE-ID: CVE-2023-52804)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
100) Out-of-bounds read (CVE-ID: CVE-2023-52805)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the diInitInode() and diAlloc() functions in fs/jfs/jfs_imap.c. A local user can perform a denial of service (DoS) attack.
101) NULL pointer dereference (CVE-ID: CVE-2023-52806)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_hdac_stream_assign() function in sound/hda/hdac_stream.c. A local user can perform a denial of service (DoS) attack.
102) Out-of-bounds read (CVE-ID: CVE-2023-52807)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hns3_get_coal_info() function in drivers/net/ethernet/hisilicon/hns3/hns3_debugfs.c. A local user can perform a denial of service (DoS) attack.
103) NULL pointer dereference (CVE-ID: CVE-2023-52808)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the debugfs_bist_init_v3_hw() and debugfs_init_v3_hw() functions in drivers/scsi/hisi_sas/hisi_sas_v3_hw.c. A local user can perform a denial of service (DoS) attack.
104) NULL pointer dereference (CVE-ID: CVE-2023-52809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fc_lport_ptp_setup() function in drivers/scsi/libfc/fc_lport.c. A local user can perform a denial of service (DoS) attack.
105) Out-of-bounds read (CVE-ID: CVE-2023-52810)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
106) NULL pointer dereference (CVE-ID: CVE-2023-52811)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ibmvfc_get_event(), ibmvfc_queuecommand(), ibmvfc_bsg_timeout(), ibmvfc_bsg_plogi(), ibmvfc_bsg_request(), ibmvfc_reset_device(), ibmvfc_init_tmf(), ibmvfc_cancel_all_mq(), ibmvfc_abort_task_set(), ibmvfc_tgt_send_prli(), ibmvfc_tgt_send_plogi(), __ibmvfc_tgt_get_implicit_logout_evt(), ibmvfc_tgt_implicit_logout(), ibmvfc_tgt_move_login(), ibmvfc_adisc_timeout(), ibmvfc_tgt_adisc(), ibmvfc_tgt_query_target(), ibmvfc_discover_targets(), ibmvfc_channel_setup(), ibmvfc_channel_enquiry(), ibmvfc_npiv_login() and ibmvfc_npiv_logout() functions in drivers/scsi/ibmvscsi/ibmvfc.c. A local user can perform a denial of service (DoS) attack.
107) Out-of-bounds read (CVE-ID: CVE-2023-52812)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the smu_v13_0_update_pcie_parameters() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c. A local user can perform a denial of service (DoS) attack.
108) Resource management error (CVE-ID: CVE-2023-52813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the pcrypt_aead_encrypt() function in crypto/pcrypt.c. A local user can perform a denial of service (DoS) attack.
109) NULL pointer dereference (CVE-ID: CVE-2023-52814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_device_gpu_recover() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
110) NULL pointer dereference (CVE-ID: CVE-2023-52815)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_vkms_conn_get_modes() function in drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c. A local user can perform a denial of service (DoS) attack.
111) Out-of-bounds read (CVE-ID: CVE-2023-52816)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the svm_range_apply_attrs() function in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can perform a denial of service (DoS) attack.
112) NULL pointer dereference (CVE-ID: CVE-2023-52817)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_debugfs_regs_smc_read() and amdgpu_debugfs_regs_smc_write() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c. A local user can perform a denial of service (DoS) attack.
113) Out-of-bounds read (CVE-ID: CVE-2023-52818)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/include/pptable.h, drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h. A local user can perform a denial of service (DoS) attack.
114) Out-of-bounds read (CVE-ID: CVE-2023-52819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h. A local user can perform a denial of service (DoS) attack.
115) NULL pointer dereference (CVE-ID: CVE-2023-52821)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the versatile_panel_get_modes() function in drivers/gpu/drm/panel/panel-arm-versatile.c. A local user can perform a denial of service (DoS) attack.
116) Use-after-free (CVE-ID: CVE-2023-52825)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svm_range_vram_node_free() function in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can escalate privileges on the system.
117) NULL pointer dereference (CVE-ID: CVE-2023-52826)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tpg110_get_modes() function in drivers/gpu/drm/panel/panel-tpo-tpg110.c. A local user can perform a denial of service (DoS) attack.
118) Out-of-bounds read (CVE-ID: CVE-2023-52827)
The vulnerability allows a local user to read data or crash the application.
The vulnerability exists due to an out-of-bounds read error within the ath12k_htt_pull_ppdu_stats() function in drivers/net/wireless/ath/ath12k/dp_rx.c. A local user can read data or crash the application.
119) Out-of-bounds read (CVE-ID: CVE-2023-52829)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath12k_wmi_ext_hal_reg_caps() function in drivers/net/wireless/ath/ath12k/wmi.c. A local user can perform a denial of service (DoS) attack.
120) Integer overflow (CVE-ID: CVE-2023-52832)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the ieee80211_get_tx_power() function in net/mac80211/cfg.c. A local user can execute arbitrary code.
121) NULL pointer dereference (CVE-ID: CVE-2023-52833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btusb_mtk_hci_wmt_sync() function in drivers/bluetooth/btusb.c. A local user can perform a denial of service (DoS) attack.
122) Buffer overflow (CVE-ID: CVE-2023-52834)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the atl1c_set_mac_addr(), atl1c_init_ring_ptrs(), atl1c_free_ring_resources(), atl1c_rx_checksum() and atl1c_alloc_rx_buffer() functions in drivers/net/ethernet/atheros/atl1c/atl1c_main.c. A local user can escalate privileges on the system.
123) Out-of-bounds read (CVE-ID: CVE-2023-52835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rb_alloc_aux() function in kernel/events/ring_buffer.c. A local user can perform a denial of service (DoS) attack.
124) Improper locking (CVE-ID: CVE-2023-52836)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the list_for_each_entry_safe(), stress_one_work() and stress() functions in kernel/locking/test-ww_mutex.c. A local user can perform a denial of service (DoS) attack.
125) Use-after-free (CVE-ID: CVE-2023-52837)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nbd_dev_remove(), nbd_release() and IS_ENABLED() functions in drivers/block/nbd.c. A local user can escalate privileges on the system.
126) Improper error handling (CVE-ID: CVE-2023-52838)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the imsttfb_probe() function in drivers/video/fbdev/imsttfb.c. A local user can perform a denial of service (DoS) attack.
127) Use-after-free (CVE-ID: CVE-2023-52840)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rmi_unregister_function() function in drivers/input/rmi4/rmi_bus.c. A local user can escalate privileges on the system.
128) Memory leak (CVE-ID: CVE-2023-52841)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vidtv_mux_init() and vidtv_channel_si_destroy() functions in drivers/media/test-drivers/vidtv/vidtv_mux.c. A local user can perform a denial of service (DoS) attack.
129) Use of uninitialized resource (CVE-ID: CVE-2023-52842)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the virtio_transport_alloc_skb() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.
130) Use of uninitialized resource (CVE-ID: CVE-2023-52843)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the llc_station_ac_send_test_r() function in net/llc/llc_station.c, within the llc_sap_action_send_test_r() function in net/llc/llc_s_ac.c, within the llc_fixup_skb() function in net/llc/llc_input.c. A local user can perform a denial of service (DoS) attack.
131) NULL pointer dereference (CVE-ID: CVE-2023-52844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vidtv_psi_service_desc_init() and kstrdup() functions in drivers/media/test-drivers/vidtv/vidtv_psi.c. A local user can perform a denial of service (DoS) attack.
132) Use of uninitialized resource (CVE-ID: CVE-2023-52845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the net/tipc/netlink.c. A local user can perform a denial of service (DoS) attack.
133) Use-after-free (CVE-ID: CVE-2023-52847)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bttv_remove() function in drivers/media/pci/bt8xx/bttv-driver.c. A local user can escalate privileges on the system.
134) NULL pointer dereference (CVE-ID: CVE-2023-52849)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cxl_memdev_unregister() function in drivers/cxl/core/memdev.c. A local user can perform a denial of service (DoS) attack.
135) NULL pointer dereference (CVE-ID: CVE-2023-52850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hantro_watchdog() function in drivers/media/platform/verisilicon/hantro_drv.c. A local user can perform a denial of service (DoS) attack.
136) Use-after-free (CVE-ID: CVE-2023-52851)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlx5_ib_stage_post_ib_reg_umr_init() function in drivers/infiniband/hw/mlx5/main.c. A local user can escalate privileges on the system.
137) NULL pointer dereference (CVE-ID: CVE-2023-52853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cp2112_gpio_irq_startup() and cp2112_probe() functions in drivers/hid/hid-cp2112.c. A local user can perform a denial of service (DoS) attack.
138) Use-after-free (CVE-ID: CVE-2023-52854)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL() function in kernel/padata.c. A local user can escalate privileges on the system.
139) NULL pointer dereference (CVE-ID: CVE-2023-52855)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.
140) NULL pointer dereference (CVE-ID: CVE-2023-52856)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lt8912_bridge_detach() function in drivers/gpu/drm/bridge/lontium-lt8912b.c. A local user can perform a denial of service (DoS) attack.
141) Integer overflow (CVE-ID: CVE-2023-52857)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the mtk_plane_update_new_state() function in drivers/gpu/drm/mediatek/mtk_drm_plane.c, within the mtk_drm_gem_dumb_create() function in drivers/gpu/drm/mediatek/mtk_drm_gem.c. A local user can execute arbitrary code.
142) NULL pointer dereference (CVE-ID: CVE-2023-52858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init() and mtk_pericfg_init() functions in drivers/clk/mediatek/clk-mt7629.c. A local user can perform a denial of service (DoS) attack.
143) NULL pointer dereference (CVE-ID: CVE-2023-52860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hns3_pmu_init_pmu() and hns3_pmu_uninit_pmu() functions in drivers/perf/hisilicon/hns3_pmu.c. A local user can perform a denial of service (DoS) attack.
144) NULL pointer dereference (CVE-ID: CVE-2023-52861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the it66121_audio_get_eld() function in drivers/gpu/drm/bridge/ite-it66121.c. A local user can perform a denial of service (DoS) attack.
145) NULL pointer dereference (CVE-ID: CVE-2023-52862)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_init() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
146) NULL pointer dereference (CVE-ID: CVE-2023-52863)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the axi_fan_control_probe() function in drivers/hwmon/axi-fan-control.c. A local user can perform a denial of service (DoS) attack.
147) Buffer overflow (CVE-ID: CVE-2023-52864)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the wmi_dev_match() function in drivers/platform/x86/wmi.c. A local user can escalate privileges on the system.
148) NULL pointer dereference (CVE-ID: CVE-2023-52865)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init_early() and mtk_infrasys_init() functions in drivers/clk/mediatek/clk-mt6797.c. A local user can perform a denial of service (DoS) attack.
149) Resource management error (CVE-ID: CVE-2023-52866)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the hid_test_uclogic_parse_ugee_v2_desc() function in drivers/hid/hid-uclogic-params-test.c. A local user can perform a denial of service (DoS) attack.
150) Buffer overflow (CVE-ID: CVE-2023-52867)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the drivers/gpu/drm/radeon/evergreen.c. A local user can escalate privileges on the system.
151) Buffer overflow (CVE-ID: CVE-2023-52868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the thermal_zone_bind_cooling_device() function in drivers/thermal/thermal_core.c. A local user can perform a denial of service (DoS) attack.
152) NULL pointer dereference (CVE-ID: CVE-2023-52869)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pstore_register() function in fs/pstore/platform.c. A local user can perform a denial of service (DoS) attack.
153) NULL pointer dereference (CVE-ID: CVE-2023-52870)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_mt6765_apmixed_probe(), clk_mt6765_top_probe() and clk_mt6765_ifr_probe() functions in drivers/clk/mediatek/clk-mt6765.c. A local user can perform a denial of service (DoS) attack.
154) Buffer overflow (CVE-ID: CVE-2023-52871)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the qcom_llcc_probe() function in drivers/soc/qcom/llcc-qcom.c. A local user can perform a denial of service (DoS) attack.
155) Race condition (CVE-ID: CVE-2023-52872)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the gsm_modem_upd_via_msc() function in drivers/tty/n_gsm.c. A local user can escalate privileges on the system.
156) NULL pointer dereference (CVE-ID: CVE-2023-52873)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_mt6779_apmixed_probe() and clk_mt6779_top_probe() functions in drivers/clk/mediatek/clk-mt6779.c. A local user can perform a denial of service (DoS) attack.
157) Buffer overflow (CVE-ID: CVE-2023-52874)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYM_FUNC_END() function in arch/x86/coco/tdx/tdcall.S. A local user can perform a denial of service (DoS) attack.
158) NULL pointer dereference (CVE-ID: CVE-2023-52875)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init_early(), mtk_infrasys_init() and mtk_pericfg_init() functions in drivers/clk/mediatek/clk-mt2701.c. A local user can perform a denial of service (DoS) attack.
159) NULL pointer dereference (CVE-ID: CVE-2023-52876)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_mt7629_ethsys_init() and clk_mt7629_sgmiisys_init() functions in drivers/clk/mediatek/clk-mt7629-eth.c. A local user can perform a denial of service (DoS) attack.
160) NULL pointer dereference (CVE-ID: CVE-2023-52877)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tcpm_pd_svdm() function in drivers/usb/typec/tcpm/tcpm.c. A local user can perform a denial of service (DoS) attack.
161) Out-of-bounds read (CVE-ID: CVE-2023-52878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the can_put_echo_skb() function in drivers/net/can/dev/skb.c. A local user can perform a denial of service (DoS) attack.
162) Use-after-free (CVE-ID: CVE-2023-52879)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the apply_event_filter() function in kernel/trace/trace_events_filter.c, within the remove_subsystem(), event_enable_read(), event_enable_write(), event_filter_read() and trace_create_new_event() functions in kernel/trace/trace_events.c, within the register_event_command() function in kernel/trace/trace.h, within the tracing_open_file_tr() and tracing_release_file_tr() functions in kernel/trace/trace.c. A local user can escalate privileges on the system.
163) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-52880)
The vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to missing permissions checks within the gsmld_open() function in drivers/tty/n_gsm.c. A local user with CAP_NET_ADMIN capability can create a GSM network.
164) Spoofing attack (CVE-ID: CVE-2023-52881)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.
165) Input validation error (CVE-ID: CVE-2023-52882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c. A local user can perform a denial of service (DoS) attack.
166) NULL pointer dereference (CVE-ID: CVE-2023-52883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_vm_bo_update() function in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can perform a denial of service (DoS) attack.
167) Improper locking (CVE-ID: CVE-2023-52884)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cyapa_suspend() and cyapa_resume() functions in drivers/input/mouse/cyapa.c. A local user can perform a denial of service (DoS) attack.
168) Buffer overflow (CVE-ID: CVE-2023-6238)
The vulnerability allows a local privileged user to execute arbitrary code.
A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.
169) NULL pointer dereference (CVE-ID: CVE-2023-7042)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can pass specially crafted data to the driver and perform a denial of service (DoS) attack.
170) Improper locking (CVE-ID: CVE-2024-0639)
The vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to improper locking within the sctp_auto_asconf_init() function in net/sctp/socket.c. A local user can crash the kernel.
171) Deserialization of Untrusted Data (CVE-ID: CVE-2024-21823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insecure deserialization in hardware logic. A local user can perform a denial of service (DoS) attack.
172) NULL pointer dereference (CVE-ID: CVE-2024-22099)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
173) Use-after-free (CVE-ID: CVE-2024-23848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. A local user can perform a denial of service (DoS) attack.
174) Race condition (CVE-ID: CVE-2024-24861)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the xc4000 xc4000_get_frequency() function in the media/xc4000 device driver. A local user can exploit the race and escalate privileges on the system.
175) Improper check for unusual or exceptional conditions (CVE-ID: CVE-2024-25739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper check for unusual or exceptional conditions error within the ubi_read_volume_table() function in drivers/mtd/ubi/vtbl.c. A local user can perform a denial of service (DoS) attack.
176) Resource management error (CVE-ID: CVE-2024-25741)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the printer_write() in drivers/usb/gadget/function/f_printer.c. A local user can perform a denial of service (DoS) attack.
177) Improper locking (CVE-ID: CVE-2024-26601)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_generate_buddy() and mb_free_blocks() functions in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
178) NULL pointer dereference (CVE-ID: CVE-2024-26611)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_sk_base_func_proto(), bpf_xdp_frags_increase_tail() and bpf_xdp_frags_shrink_tail() functions in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
179) Resource management error (CVE-ID: CVE-2024-26614)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the reqsk_queue_alloc() function in net/core/request_sock.c. A remote attacker can send specially crafted ACK packets to the system and perform a denial of service (DoS) attack.
180) NULL pointer dereference (CVE-ID: CVE-2024-26615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __smc_diag_dump() function in net/smc/smc_diag.c. A local user can perform a denial of service (DoS) attack.
181) NULL pointer dereference (CVE-ID: CVE-2024-26623)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pdsc_setup(), pdsc_stop() and pdsc_fw_down() functions in drivers/net/ethernet/amd/pds_core/core.c, within the pdsc_process_notifyq(), pdsc_process_adminq(), pds_core_intr_credits(), pdsc_adminq_isr(), pdsc_adminq_post() and queue_work() functions in drivers/net/ethernet/amd/pds_core/adminq.c. A local user can perform a denial of service (DoS) attack.
182) Use-after-free (CVE-ID: CVE-2024-26625)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in net/llc/af_llc.c when handling orphan sockets. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
183) NULL pointer dereference (CVE-ID: CVE-2024-26632)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/bio.h. A local user can perform a denial of service (DoS) attack.
184) Input validation error (CVE-ID: CVE-2024-26633)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in NEXTHDR_FRAGMENT handling within the ip6_tnl_parse_tlv_enc_lim() function in net/ipv6/ip6_tunnel.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
185) Use of uninitialized resource (CVE-ID: CVE-2024-26635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the cpu_to_be16() function in net/llc/llc_core.c. A local user can perform a denial of service (DoS) attack.
186) Input validation error (CVE-ID: CVE-2024-26636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the llc_ui_sendmsg() function in net/llc/af_llc.c. A local user can perform a denial of service (DoS) attack.
187) Use of uninitialized resource (CVE-ID: CVE-2024-26638)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the __sock_xmit() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
188) Access of Uninitialized Pointer (CVE-ID: CVE-2024-26641)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to access to uninitialized data within the __ip6_tnl_rcv() function in net/ipv6/ip6_tunnel.c. A remote attacker can send specially crafted data to the system and perform a denial of service (DoS) attack.
189) Improper access control (CVE-ID: CVE-2024-26642)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c. A local user can set arbitrary timeouts, which can result in a denial of service condition.
190) Race condition (CVE-ID: CVE-2024-26643)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nf_tables_unbind_set() function in net/netfilter/nf_tables_api.c. A local user can exploit the race and escalate privileges on the system.
191) Deadlock (CVE-ID: CVE-2024-26650)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a deadlock in drivers/platform/x86/p2sb.c. A local user can perform a denial of service (DoS) attack.
192) Double free (CVE-ID: CVE-2024-26652)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the pdsc_auxbus_dev_register() function in drivers/net/ethernet/amd/pds_core/auxbus.c. A local user can perform a denial of service (DoS) attack.
193) Race condition (CVE-ID: CVE-2024-26654)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in sound/sh/aica.c. A local user can exploit the race and escalate privileges on the system.
194) Use-after-free (CVE-ID: CVE-2024-26656)
The vulnerability allows a local user to crash the kernel.
The vulnerability exists due to a use-after-free error in drivers/gpu/drm/amd/amdgpu/amdgpu_hmm.c. A local user can send a single amdgpu_gem_userptr_ioctl
to the AMDGPU DRM driver on any ASICs with an invalid address and size and perform a denial of service (DoS) attack.
195) NULL pointer dereference (CVE-ID: CVE-2024-26657)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in drivers/gpu/drm/scheduler/sched_entity.c. A local user can send an amdgpu_cs_wait_ioctl to the AMDGPU DRM driver on any ASICs with valid context and perform a denial of service (DoS) attack.
196) NULL pointer dereference (CVE-ID: CVE-2024-26663)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tipc_nl_bearer_add() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.
197) Out-of-bounds read (CVE-ID: CVE-2024-26665)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iptunnel_pmtud_build_icmpv6() function in net/ipv4/ip_tunnel_core.c. A local user can perform a denial of service (DoS) attack.
198) Buffer overflow (CVE-ID: CVE-2024-26671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_mq_mark_tag_wait() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
199) Input validation error (CVE-ID: CVE-2024-26673)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the nft_ct_expect_obj_init() function in net/netfilter/nft_ct.c. A local user can perform a denial of service (DoS) attack.
200) Improper error handling (CVE-ID: CVE-2024-26674)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the SYM_CODE_START_LOCAL() function in arch/x86/lib/putuser.S, within the SYM_CODE_END() function in arch/x86/lib/getuser.S. A local user can perform a denial of service (DoS) attack.
201) Out-of-bounds read (CVE-ID: CVE-2024-26676)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the unix_gc() function in net/unix/garbage.c. A local user can perform a denial of service (DoS) attack.
202) Improper locking (CVE-ID: CVE-2024-26679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the EXPORT_SYMBOL() function in net/ipv4/af_inet.c. A local user can perform a denial of service (DoS) attack.
203) Improper error handling (CVE-ID: CVE-2024-26684)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dwxgmac3_handle_dma_err(), dwxgmac3_safety_feat_config(), dwxgmac3_safety_feat_irq_status() and dwxgmac3_safety_feat_dump() functions in drivers/net/ethernet/stmicro/stmmac/dwxgmac2_core.c. A local user can perform a denial of service (DoS) attack.
204) Race condition (CVE-ID: CVE-2024-26685)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nilfs_segctor_prepare_write(), nilfs_abort_logs() and nilfs_segctor_complete_write() functions in fs/nilfs2/segment.c. A local user can escalate privileges on the system.
205) Improper locking (CVE-ID: CVE-2024-26691)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kvm_hyp_reserve(), __pkvm_create_hyp_vm() and pkvm_create_hyp_vm() functions in arch/arm64/kvm/pkvm.c. A local user can perform a denial of service (DoS) attack.
206) Double free (CVE-ID: CVE-2024-26704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ext4_move_extents() function in fs/ext4/move_extent.c. A local user can perform a denial of service (DoS) attack.
207) Input validation error (CVE-ID: CVE-2024-26714)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/interconnect/qcom/sc8180x.c. A local user can perform a denial of service (DoS) attack.
208) Improper locking (CVE-ID: CVE-2024-26726)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the clear_extent_uptodate() function in fs/btrfs/inode.c. A local user can perform a denial of service (DoS) attack.
209) NULL pointer dereference (CVE-ID: CVE-2024-26731)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sk_psock_verdict_data_ready() function in net/core/skmsg.c. A local user can perform a denial of service (DoS) attack.
210) Buffer overflow (CVE-ID: CVE-2024-26733)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the arp_req_get() function in net/ipv4/arp.c. A local user can escalate privileges on the system.
211) Memory leak (CVE-ID: CVE-2024-26734)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the devlink_init() function in net/devlink/core.c. A local user can perform a denial of service (DoS) attack.
212) Race condition (CVE-ID: CVE-2024-26737)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition between the bpf_timer_cancel_and_free and bpf_timer_cancel calls in kernel/bpf/helpers.c. A local user can exploit the race and escalate privileges on the system.
213) Use-after-free (CVE-ID: CVE-2024-26739)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcf_mirred_to_dev() function in net/sched/act_mirred.c. A local user can escalate privileges on the system.
214) Improper locking (CVE-ID: CVE-2024-26740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mirred_egress_to_ingress_tcp_test() function in tools/testing/selftests/net/forwarding/tc_actions.sh, within the is_mirred_nested() and tcf_mirred_to_dev() functions in net/sched/act_mirred.c. A local user can perform a denial of service (DoS) attack.
215) Resource management error (CVE-ID: CVE-2024-26742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pqi_map_queues() function in drivers/scsi/smartpqi/smartpqi_init.c. A local user can perform a denial of service (DoS) attack.
216) Out-of-bounds read (CVE-ID: CVE-2024-26750)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the unix_gc() function in net/unix/garbage.c. A local user can perform a denial of service (DoS) attack.
217) Resource management error (CVE-ID: CVE-2024-26756)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the raid5_run() and raid5_start_reshape() functions in drivers/md/raid5.c, within the raid10_run() and clear_bit() functions in drivers/md/raid10.c, within the md_start_sync() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
218) Resource management error (CVE-ID: CVE-2024-26758)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
219) NULL pointer dereference (CVE-ID: CVE-2024-26760)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/target/target_core_pscsi.c. A local user can perform a denial of service (DoS) attack.
220) Resource management error (CVE-ID: CVE-2024-26761)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __cxl_hdm_decode_init() function in drivers/cxl/core/pci.c. A local user can perform a denial of service (DoS) attack.
221) Resource management error (CVE-ID: CVE-2024-26764)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kiocb_set_cancel_fn() and aio_prep_rw() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.
222) Infinite loop (CVE-ID: CVE-2024-26767)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the link_validate_dpia_bandwidth() function in drivers/gpu/drm/amd/display/dc/link/link_validation.c, within the get_firmware_info_v3_2(), get_integrated_info_v11(), get_integrated_info_v2_1() and get_integrated_info_v2_2() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
223) Improper locking (CVE-ID: CVE-2024-26769)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvmet_fc_tgt_a_get(), __nvmet_fc_finish_ls_req() and nvmet_fc_register_targetport() functions in drivers/nvme/target/fc.c. A local user can perform a denial of service (DoS) attack.
224) Improper locking (CVE-ID: CVE-2024-26772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_find_by_goal() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
225) Improper locking (CVE-ID: CVE-2024-26773)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_try_best_found() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
226) Division by zero (CVE-ID: CVE-2024-26774)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the mb_update_avg_fragment_size() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
227) Improper locking (CVE-ID: CVE-2024-26775)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the aoeblk_gdalloc() function in drivers/block/aoe/aoeblk.c. A local user can perform a denial of service (DoS) attack.
228) Out-of-bounds read (CVE-ID: CVE-2024-26780)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the unix_gc() function in net/unix/garbage.c. A local user can perform a denial of service (DoS) attack.
229) Resource management error (CVE-ID: CVE-2024-26783)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the numamigrate_isolate_page() function in mm/migrate.c. A local user can perform a denial of service (DoS) attack.
230) Improper locking (CVE-ID: CVE-2024-26785)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the iommufd_test_syz_conv_iova(), iommufd_test_syz_conv_iova_id(), iommufd_test_access_pages() and iommufd_test_access_rw() functions in drivers/iommu/iommufd/selftest.c. A local user can perform a denial of service (DoS) attack.
231) Improper resource shutdown or release (CVE-ID: CVE-2024-26786)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the iopt_add_access() function in drivers/iommu/iommufd/io_pagetable.c. A local user can perform a denial of service (DoS) attack.
232) Out-of-bounds read (CVE-ID: CVE-2024-26791)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the btrfs_check_replace_dev_names() and btrfs_dev_replace_by_ioctl() functions in fs/btrfs/dev-replace.c. A local user can perform a denial of service (DoS) attack.
233) Use-after-free (CVE-ID: CVE-2024-26793)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gtp_init() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
234) Improper locking (CVE-ID: CVE-2024-26794)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the emit_fiemap_extent() function in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
235) NULL pointer dereference (CVE-ID: CVE-2024-26802)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the stmmac_fpe_stop_wq() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.
236) Use of uninitialized resource (CVE-ID: CVE-2024-26805)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the netlink_group_mask() function in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
237) Buffer overflow (CVE-ID: CVE-2024-26807)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the cqspi_remove(), cqspi_suspend() and cqspi_resume() functions in drivers/spi/spi-cadence-quadspi.c. A local user can escalate privileges on the system.
238) NULL pointer dereference (CVE-ID: CVE-2024-26813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vfio_platform_set_irq_unmask(), vfio_automasked_irq_handler(), vfio_irq_handler(), vfio_set_trigger(), vfio_platform_set_irq_trigger(), vfio_platform_set_irqs_ioctl(), vfio_platform_irq_init() and vfio_platform_irq_cleanup() functions in drivers/vfio/platform/vfio_platform_irq.c. A local user can perform a denial of service (DoS) attack.
239) Improper error handling (CVE-ID: CVE-2024-26814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the vfio_fsl_mc_set_irq_trigger() function in drivers/vfio/fsl-mc/vfio_fsl_mc_intr.c. A local user can perform a denial of service (DoS) attack.
240) Out-of-bounds read (CVE-ID: CVE-2024-26815)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the NLA_POLICY_MAX() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
241) Memory leak (CVE-ID: CVE-2024-26816)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the print_absolute_relocs() function in arch/x86/tools/relocs.c. A local user can perform a denial of service (DoS) attack.
242) Resource management error (CVE-ID: CVE-2024-26822)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to improper management of internal resources within the automount_fullpath() and cifs_do_automount() functions in fs/smb/client/namespace.c. A local user can force the SMB client to reuse its parent mount uid, gid and cruid and gain unauthorized access to information.
243) Improper locking (CVE-ID: CVE-2024-26826)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __mptcp_retransmit_pending_data() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
244) Race condition (CVE-ID: CVE-2024-26832)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the zswap_writeback_entry() function in mm/zswap.c. A local user can escalate privileges on the system.
245) Resource management error (CVE-ID: CVE-2024-26836)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the current_value_store() function in drivers/platform/x86/think-lmi.c. A local user can perform a denial of service (DoS) attack.
246) Out-of-bounds read (CVE-ID: CVE-2024-26842)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ufshcd_cmd_inflight() and ufshcd_clear_cmd() functions in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
247) Memory leak (CVE-ID: CVE-2024-26844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bio_copy_user_iov() function in block/blk-map.c. A local user can perform a denial of service (DoS) attack.
248) Improper locking (CVE-ID: CVE-2024-26845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the transport_generic_handle_tmr() function in drivers/target/target_core_transport.c, within the transport_lookup_tmr_lun() and rcu_dereference_raw() functions in drivers/target/target_core_device.c. A local user can perform a denial of service (DoS) attack.
249) Double free (CVE-ID: CVE-2024-26846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the LIST_HEAD(), nvme_fc_free_lport(), nvme_fc_init_module(), device_destroy() and nvme_fc_delete_controllers() functions in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.
250) Buffer overflow (CVE-ID: CVE-2024-26853)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the igc_xdp_xmit() function in drivers/net/ethernet/intel/igc/igc_main.c. A local user can escalate privileges on the system.
251) Improper locking (CVE-ID: CVE-2024-26854)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ice_dpll_init() function in drivers/net/ethernet/intel/ice/ice_dpll.c. A local user can perform a denial of service (DoS) attack.
252) NULL pointer dereference (CVE-ID: CVE-2024-26855)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_bridge_setlink() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
253) Use-after-free (CVE-ID: CVE-2024-26856)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sparx5_del_mact_entry() function in drivers/net/ethernet/microchip/sparx5/sparx5_mactable.c. A local user can escalate privileges on the system.
254) Use of uninitialized resource (CVE-ID: CVE-2024-26857)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the geneve_rx() function in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.
255) NULL pointer dereference (CVE-ID: CVE-2024-26858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5e_txwqe_complete() function in drivers/net/ethernet/mellanox/mlx5/core/en_tx.c. A local user can perform a denial of service (DoS) attack.
256) Memory leak (CVE-ID: CVE-2024-26860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dm_integrity_rw_tag() function in drivers/md/dm-integrity.c. A local user can perform a denial of service (DoS) attack.
257) Race condition within a thread (CVE-ID: CVE-2024-26861)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the decrypt_packet(), counter_validate() and wg_packet_rx_poll() functions in drivers/net/wireguard/receive.c. A local user can manipulate data.
258) Race condition within a thread (CVE-ID: CVE-2024-26862)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the packet_setsockopt() and packet_getsockopt() functions in net/packet/af_packet.c, within the dev_queue_xmit_nit() function in net/core/dev.c. A local user can manipulate data.
259) Use of uninitialized resource (CVE-ID: CVE-2024-26863)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the hsr_get_node() function in net/hsr/hsr_framereg.c. A local user can perform a denial of service (DoS) attack.
260) Use-after-free (CVE-ID: CVE-2024-26866)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c. A local user can escalate privileges on the system.
261) NULL pointer dereference (CVE-ID: CVE-2024-26868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ff_layout_cancel_io() function in fs/nfs/flexfilelayout/flexfilelayout.c. A local user can perform a denial of service (DoS) attack.
262) Buffer overflow (CVE-ID: CVE-2024-26870)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nfs4_listxattr() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
263) NULL pointer dereference (CVE-ID: CVE-2024-26878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dquot_mark_dquot_dirty(), __dquot_alloc_space(), dquot_alloc_inode(), EXPORT_SYMBOL(), dquot_claim_space_nodirty(), dquot_reclaim_space_nodirty(), __dquot_free_space(), dquot_free_inode() and __dquot_transfer() functions in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
264) NULL pointer dereference (CVE-ID: CVE-2024-26881)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hclge_ptp_get_rx_hwts() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c. A local user can perform a denial of service (DoS) attack.
265) Use of uninitialized resource (CVE-ID: CVE-2024-26882)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to use of uninitialized resource within the ip_tunnel_rcv() function in net/ipv4/ip_tunnel.c. A local user can execute arbitrary code.
266) Buffer overflow (CVE-ID: CVE-2024-26883)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the stack_map_alloc() function in kernel/bpf/stackmap.c on a 32-bit platform. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
267) Buffer overflow (CVE-ID: CVE-2024-26884)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the htab_map_alloc() function in kernel/bpf/hashtab.c on 32-bit platforms. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
268) Buffer overflow (CVE-ID: CVE-2024-26885)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the dev_map_init_map() function in kernel/bpf/devmap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
269) Buffer overflow (CVE-ID: CVE-2024-26889)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the hci_get_dev_info() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
270) Improper locking (CVE-ID: CVE-2024-26899)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DEFINE_MUTEX(), bd_link_disk_holder(), kfree() and bd_unlink_disk_holder() functions in block/holder.c. A local user can perform a denial of service (DoS) attack.
271) Memory leak (CVE-ID: CVE-2024-26900)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bind_rdev_to_array() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
272) Information disclosure (CVE-ID: CVE-2024-26901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to information disclosure within the do_sys_name_to_handle() function in fs/fhandle.c. A local user can perform a denial of service (DoS) attack.
273) NULL pointer dereference (CVE-ID: CVE-2024-26903)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rfcomm_process_rx() function in net/bluetooth/rfcomm/core.c. A local user can perform a denial of service (DoS) attack.
274) Improper error handling (CVE-ID: CVE-2024-26906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the copy_from_kernel_nofault_allowed() function in arch/x86/mm/maccess.c. A local user can perform a denial of service (DoS) attack.
275) Use-after-free (CVE-ID: CVE-2024-26909)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pmic_glink_altmode_probe() function in drivers/soc/qcom/pmic_glink_altmode.c. A local user can escalate privileges on the system.
276) Buffer overflow (CVE-ID: CVE-2024-26920)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the register_snapshot_trigger() function in kernel/trace/trace_events_trigger.c. A local user can perform a denial of service (DoS) attack.
277) Integer underflow (CVE-ID: CVE-2024-26921)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nf_ct_frag6_queue() and nf_ct_frag6_gather() functions in net/ipv6/netfilter/nf_conntrack_reasm.c, within the ip_frag_queue() and ip_defrag() functions in net/ipv4/ip_fragment.c, within the FRAG_CB(), inet_frag_queue_insert(), inet_frag_reasm_prepare(), EXPORT_SYMBOL() and inet_frag_reasm_finish() functions in net/ipv4/inet_fragment.c. A local user can execute arbitrary code.
278) Input validation error (CVE-ID: CVE-2024-26922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the amdgpu_vm_bo_insert_map(), amdgpu_vm_bo_map(), amdgpu_vm_bo_replace_map(), and amdgpu_vm_bo_clear_mappings() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can pass specially crafted input to the driver and perform a denial of service (DoS) attack.
279) Improper locking (CVE-ID: CVE-2024-26923)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper locking within the unix_gc() function in net/unix/garbage.c due to garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. A local user can execute arbitrary code with elevated privileges.
280) Improper locking (CVE-ID: CVE-2024-26925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __nf_tables_abort() and nf_tables_abort() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
281) Use-after-free (CVE-ID: CVE-2024-26928)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_debug_files_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
282) Double free (CVE-ID: CVE-2024-26932)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a double free error within the tcpm_port_unregister_pd() function in drivers/usb/typec/tcpm/tcpm.c. A local user can execute arbitrary code.
283) Improper locking (CVE-ID: CVE-2024-26933)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the disable_show() and disable_store() functions in drivers/usb/core/port.c. A local user can execute arbitrary code.
284) Improper locking (CVE-ID: CVE-2024-26934)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the interface_authorized_store() function in drivers/usb/core/sysfs.c. A local user can execute arbitrary code.
285) Information disclosure (CVE-ID: CVE-2024-26935)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the scsi_host_dev_release() function in drivers/scsi/hosts.c. A local user can gain access to sensitive information.
286) Reachable assertion (CVE-ID: CVE-2024-26937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the gen11_emit_fini_breadcrumb_rcs() function in drivers/gpu/drm/i915/gt/intel_lrc.c, within the __engine_park() function in drivers/gpu/drm/i915/gt/intel_engine_pm.c. A local user can perform a denial of service (DoS) attack.
287) Resource management error (CVE-ID: CVE-2024-26938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the intel_bios_encoder_supports_dp_dual_mode() function in drivers/gpu/drm/i915/display/intel_bios.c. A local user can perform a denial of service (DoS) attack.
288) Resource management error (CVE-ID: CVE-2024-26940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmw_debugfs_resource_managers_init() function in drivers/gpu/drm/vmwgfx/vmwgfx_drv.c. A local user can perform a denial of service (DoS) attack.
289) NULL pointer dereference (CVE-ID: CVE-2024-26943)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nouveau_dmem_evict_chunk() function in drivers/gpu/drm/nouveau/nouveau_dmem.c. A local user can perform a denial of service (DoS) attack.
290) Use-after-free (CVE-ID: CVE-2024-26944)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_load_block_group_zone_info(), bitmap_free() and do_zone_finish() functions in fs/btrfs/zoned.c. A local user can escalate privileges on the system.
291) Division by zero (CVE-ID: CVE-2024-26945)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the save_iaa_wq() and remove_iaa_wq() functions in drivers/crypto/intel/iaa/iaa_crypto_main.c. A local user can perform a denial of service (DoS) attack.
292) Input validation error (CVE-ID: CVE-2024-26946)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the can_probe() function in arch/x86/kernel/kprobes/core.c. A local user can perform a denial of service (DoS) attack.
293) Input validation error (CVE-ID: CVE-2024-26948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dc_state_free() function in drivers/gpu/drm/amd/display/dc/core/dc_state.c. A local user can perform a denial of service (DoS) attack.
294) NULL pointer dereference (CVE-ID: CVE-2024-26949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smu_v13_0_7_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c, within the smu_v13_0_0_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c, within the sienna_cichlid_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c, within the navi10_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c, within the arcturus_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c. A local user can perform a denial of service (DoS) attack.
295) NULL pointer dereference (CVE-ID: CVE-2024-26950)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the get_peer() function in drivers/net/wireguard/netlink.c. A local user can perform a denial of service (DoS) attack.
296) Use-after-free (CVE-ID: CVE-2024-26951)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wg_get_device_dump() function in drivers/net/wireguard/netlink.c. A local user can escalate privileges on the system.
297) Use-after-free (CVE-ID: CVE-2024-26957)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zcrypt_pick_queue() and zcrypt_drop_queue() functions in drivers/s390/crypto/zcrypt_api.c. A local user can escalate privileges on the system.
298) Use-after-free (CVE-ID: CVE-2024-26958)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the , within the wait_on_commit() function in fs/nfs/write.c, within the nfs_direct_commit_schedule() function in fs/nfs/direct.c. A local user can escalate privileges on the system.
299) Race condition (CVE-ID: CVE-2024-26960)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the __swap_entry_free_locked() and free_swap_and_cache() functions in mm/swapfile.c. A local user can escalate privileges on the system.
300) Use-after-free (CVE-ID: CVE-2024-26961)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mac802154_llsec_key_del_rcu() function in net/mac802154/llsec.c. A local user can escalate privileges on the system.
301) Improper locking (CVE-ID: CVE-2024-26962)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the make_stripe_request(), raid5_make_request(), raid5_start() and raid5_init() functions in drivers/md/raid5.c, within the is_suspended() and md_account_bio() functions in drivers/md/md.c, within the raid_map(), raid_message(), raid_presuspend() and raid_resume() functions in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
302) Resource management error (CVE-ID: CVE-2024-26963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dwc3_ti_remove_core() and dwc3_ti_remove() functions in drivers/usb/dwc3/dwc3-am62.c. A local user can perform a denial of service (DoS) attack.
303) NULL pointer dereference (CVE-ID: CVE-2024-26964)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xhci_map_temp_buffer() function in drivers/usb/host/xhci.c. A local user can perform a denial of service (DoS) attack.
304) Memory leak (CVE-ID: CVE-2024-26972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mutex_unlock() function in fs/ubifs/dir.c. A local user can perform a denial of service (DoS) attack.
305) Information disclosure (CVE-ID: CVE-2024-26973)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the fat_encode_fh_nostale() function in fs/fat/nfs.c. A local user can gain access to sensitive information.
306) NULL pointer dereference (CVE-ID: CVE-2024-26978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the max310x_i2c_slave_addr() function in drivers/tty/serial/max310x.c. A local user can perform a denial of service (DoS) attack.
307) Out-of-bounds read (CVE-ID: CVE-2024-26981)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nilfs_type_by_mode[() function in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
308) Input validation error (CVE-ID: CVE-2024-26982)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the squashfs_new_inode() function in fs/squashfs/inode.c. A local user can perform a denial of service (DoS) attack.
309) Use-after-free (CVE-ID: CVE-2024-26983)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xbc_alloc_mem(), xbc_parse_tree() and xbc_init() functions in lib/bootconfig.c. A local user can escalate privileges on the system.
310) NULL pointer dereference (CVE-ID: CVE-2024-26984)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nv50_instobj_acquire() function in drivers/gpu/drm/nouveau/nvkm/subdev/instmem/nv50.c. A local user can perform a denial of service (DoS) attack.
311) Memory leak (CVE-ID: CVE-2024-26986)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kfd_create_process() function in drivers/gpu/drm/amd/amdkfd/kfd_process.c. A local user can perform a denial of service (DoS) attack.
312) Buffer overflow (CVE-ID: CVE-2024-26988)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the setup_command_line() function in init/main.c. A local user can escalate privileges on the system.
313) Resource management error (CVE-ID: CVE-2024-26989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kernel_page_present() function in arch/arm64/mm/pageattr.c. A local user can perform a denial of service (DoS) attack.
314) Incorrect calculation (CVE-ID: CVE-2024-26990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the kvm_tdp_mmu_try_split_huge_pages(), kvm_tdp_mmu_clear_dirty_slot() and clear_dirty_pt_masked() functions in arch/x86/kvm/mmu/tdp_mmu.c. A local user can perform a denial of service (DoS) attack.
315) Out-of-bounds read (CVE-ID: CVE-2024-26991)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the kvm_arch_post_set_memory_attributes() function in arch/x86/kvm/mmu/mmu.c. A local user can perform a denial of service (DoS) attack.
316) Information disclosure (CVE-ID: CVE-2024-26992)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the vmx_get_perf_capabilities() function in arch/x86/kvm/vmx/vmx.c. A local user can gain access to sensitive information.
317) Information disclosure (CVE-ID: CVE-2024-26993)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the sysfs_break_active_protection() function in fs/sysfs/file.c. A local user can gain access to sensitive information.
318) Buffer overflow (CVE-ID: CVE-2024-26994)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the get_word() function in drivers/accessibility/speakup/main.c. A local user can perform a denial of service (DoS) attack.
319) Off-by-one (CVE-ID: CVE-2024-26995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the tcpm_pd_set() function in drivers/usb/typec/tcpm/tcpm.c. A local user can perform a denial of service (DoS) attack.
320) Use-after-free (CVE-ID: CVE-2024-26996)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ncm_set_alt() and ncm_disable() functions in drivers/usb/gadget/function/f_ncm.c. A local user can escalate privileges on the system.
321) Input validation error (CVE-ID: CVE-2024-26997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the dwc2_cmpl_host_isoc_dma_desc() function in drivers/usb/dwc2/hcd_ddma.c in DDMA completion flow. A local user can perform a denial of service (DoS) attack.
322) Improper locking (CVE-ID: CVE-2024-26999)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pmz_receive_chars() function in drivers/tty/serial/pmac_zilog.c. A local user can perform a denial of service (DoS) attack.
323) Improper locking (CVE-ID: CVE-2024-27000)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mxs_auart_set_ldisc() and mxs_auart_irq_handle() functions in drivers/tty/serial/mxs-auart.c. A local user can perform a denial of service (DoS) attack.
324) Resource management error (CVE-ID: CVE-2024-27001)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmk80xx_find_usb_endpoints() function in drivers/comedi/drivers/vmk80xx.c. A local user can perform a denial of service (DoS) attack.
325) Improper locking (CVE-ID: CVE-2024-27002)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mtk_clk_simple_probe() and mtk_free_clk_data() functions in drivers/clk/mediatek/clk-mtk.c. A local user can perform a denial of service (DoS) attack.
326) Improper locking (CVE-ID: CVE-2024-27003)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the clk_summary_show_subtree(), clk_summary_show() and clk_dump_show() functions in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
327) Improper locking (CVE-ID: CVE-2024-27004)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the HLIST_HEAD(), clk_pm_runtime_put(), clk_unprepare_unused_subtree(), clk_disable_unused_subtree(), __setup(), clk_disable_unused(), __clk_release() and __clk_register() functions in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
328) Out-of-bounds read (CVE-ID: CVE-2024-27008)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the apply_dcb_encoder_quirks() and fabricate_dcb_encoder_table() functions in drivers/gpu/drm/nouveau/nouveau_bios.c. A local user can perform a denial of service (DoS) attack.
329) Memory leak (CVE-ID: CVE-2024-27012)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_rbtree_activate() and nft_rbtree_walk() functions in net/netfilter/nft_set_rbtree.c, within the nft_pipapo_activate() and nft_pipapo_walk() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_activate(), nft_rhash_walk(), nft_hash_activate() and nft_hash_walk() functions in net/netfilter/nft_set_hash.c, within the nft_bitmap_activate() and nft_bitmap_walk() functions in net/netfilter/nft_set_bitmap.c, within the nft_mapelem_deactivate(), nft_map_catchall_deactivate(), nft_setelem_validate(), nf_tables_bind_check_setelem(), nft_mapelem_activate(), nft_map_catchall_activate(), nf_tables_dump_setelem(), nft_setelem_activate(), nft_setelem_flush() and nf_tables_loop_check_setelem() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
330) Improper locking (CVE-ID: CVE-2024-27013)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tun_put_user() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
331) Improper locking (CVE-ID: CVE-2024-27014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_arfs_enable(), arfs_del_rules(), arfs_handle_work() and mlx5e_rx_flow_steer() functions in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c. A local user can perform a denial of service (DoS) attack.
332) Input validation error (CVE-ID: CVE-2024-27015)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nf_flow_tuple_encap() function in net/netfilter/nf_flow_table_ip.c. A local user can perform a denial of service (DoS) attack.
333) Input validation error (CVE-ID: CVE-2024-27016)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nf_flow_xmit_xfrm(), nf_flow_skb_encap_protocol() and nf_flow_encap_pop() functions in net/netfilter/nf_flow_table_ip.c, within the nf_flow_offload_inet_hook() function in net/netfilter/nf_flow_table_inet.c. A local user can perform a denial of service (DoS) attack.
334) Race condition within a thread (CVE-ID: CVE-2024-27019)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a data race within the __nft_obj_type_get() and nft_obj_type_get() functions in net/netfilter/nf_tables_api.c. A local user can gain access to sensitive information.
335) Race condition within a thread (CVE-ID: CVE-2024-27020)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a data race within the __nft_expr_type_get() and nft_expr_type_get() functions in net/netfilter/nf_tables_api.c. A local user can execute arbitrary code.
336) Improper locking (CVE-ID: CVE-2024-27022)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the dup_mmap() function in kernel/fork.c. A local user can execute arbitrary code.
337) Improper error handling (CVE-ID: CVE-2024-27025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nbd_genl_status() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
338) Incorrect calculation (CVE-ID: CVE-2024-27027)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the dpll_xa_ref_pin_del() and dpll_xa_ref_dpll_del() functions in drivers/dpll/dpll_core.c. A local user can perform a denial of service (DoS) attack.
339) NULL pointer dereference (CVE-ID: CVE-2024-27028)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_spi_interrupt() function in drivers/spi/spi-mt65xx.c. A local user can perform a denial of service (DoS) attack.
340) Race condition (CVE-ID: CVE-2024-27030)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rvu_queue_work(), rvu_mbox_intr_handler() and rvu_register_interrupts() functions in drivers/net/ethernet/marvell/octeontx2/af/rvu.c. A local user can escalate privileges on the system.
341) Improper locking (CVE-ID: CVE-2024-27031)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfs_netfs_issue_read() function in fs/nfs/fscache.c. A local user can perform a denial of service (DoS) attack.
342) NULL pointer dereference (CVE-ID: CVE-2024-27046)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfp_fl_lag_do_work() function in drivers/net/ethernet/netronome/nfp/flower/lag_conf.c. A local user can perform a denial of service (DoS) attack.
343) Resource management error (CVE-ID: CVE-2024-27056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iwl_mvm_sta_ensure_queue() function in drivers/net/wireless/intel/iwlwifi/mvm/sta.c, within the __iwl_mvm_suspend() function in drivers/net/wireless/intel/iwlwifi/mvm/d3.c. A local user can perform a denial of service (DoS) attack.
344) Resource management error (CVE-ID: CVE-2024-27057)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sof_ipc4_set_multi_pipeline_state() function in sound/soc/sof/ipc4-pcm.c. A local user can perform a denial of service (DoS) attack.
345) Race condition (CVE-ID: CVE-2024-27062)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nvkm_object_search() and nvkm_object_remove() functions in drivers/gpu/drm/nouveau/nvkm/core/object.c, within the nvkm_client_new() function in drivers/gpu/drm/nouveau/nvkm/core/client.c. A local user can escalate privileges on the system.
346) Memory leak (CVE-ID: CVE-2024-27064)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nf_tables_updchain() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
347) Resource management error (CVE-ID: CVE-2024-27065)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nf_tables_updtable() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
348) Resource management error (CVE-ID: CVE-2024-27067)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the evtchn_free_ring(), evtchn_interrupt() and evtchn_unbind_from_user() functions in drivers/xen/evtchn.c. A local user can perform a denial of service (DoS) attack.
349) Improper locking (CVE-ID: CVE-2024-27080)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the try_release_extent_state(), flush_fiemap_cache(), emit_fiemap_extent(), fiemap_search_slot(), fiemap_process_hole(), extent_fiemap(), i_size_read() and unlock_extent() functions in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
350) Memory leak (CVE-ID: CVE-2024-27388)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gssx_dec_option_array() function in net/sunrpc/auth_gss/gss_rpc_xdr.c. A local user can perform a denial of service (DoS) attack.
351) Resource management error (CVE-ID: CVE-2024-27389)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the pstore_put_backend_records() function in fs/pstore/inode.c. A local user can perform a denial of service (DoS) attack.
352) Memory leak (CVE-ID: CVE-2024-27393)
The vulnerability allows a malicious guest to perform DoS attack on the target system.
The vulnerability exists due memory leak within the xennet_alloc_one_rx_buffer() function in xen-netback implementation. A malicious guest userspace process can exhaust memory resources within the guest kernel and perform a denial of service (DoS) attack.
353) Use-after-free (CVE-ID: CVE-2024-27395)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ovs_ct_limit_exit() function in net/openvswitch/conntrack.c. A local user can escalate privileges on the system.
354) Use-after-free (CVE-ID: CVE-2024-27396)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gtp_dellink() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
355) NULL pointer dereference (CVE-ID: CVE-2024-27399)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dreference error within the l2cap_chan_timeout() function in net/bluetooth/l2cap_core.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
356) Resource management error (CVE-ID: CVE-2024-27400)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in amdgpu driver. A local user can crash the OS kernel.
357) Buffer overflow (CVE-ID: CVE-2024-27401)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the packet_buffer_get() function in drivers/firewire/nosy.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
358) Improper locking (CVE-ID: CVE-2024-27402)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pep_sock_enable() and pep_ioctl() functions in net/phonet/pep.c. A local user can perform a denial of service (DoS) attack.
359) Race condition within a thread (CVE-ID: CVE-2024-27404)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the subflow_finish_connect(), __mptcp_subflow_connect() and subflow_ulp_clone() functions in net/mptcp/subflow.c, within the fill_remote_addresses_vec() and mptcp_pm_nl_rm_addr_or_subflow() functions in net/mptcp/pm_netlink.c. A local user can manipulate data.
360) Buffer overflow (CVE-ID: CVE-2024-27405)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/usb/gadget/function/f_ncm.c. A local user can perform a denial of service (DoS) attack.
361) Race condition (CVE-ID: CVE-2024-27408)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the dw_edma_v0_core_write_chunk() and dw_edma_v0_core_start() functions in drivers/dma/dw-edma/dw-edma-v0-core.c. A local user can escalate privileges on the system.
362) Resource management error (CVE-ID: CVE-2024-27410)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nl80211_set_interface() function in net/wireless/nl80211.c. A local user can manipulate with the interface mesh ID and perform a denial of service (DoS) attack.
363) Buffer overflow (CVE-ID: CVE-2024-27411)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the r535_gsp_postinit() and r535_gsp_dtor() functions in drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c. A local user can perform a denial of service (DoS) attack.
364) Resource management error (CVE-ID: CVE-2024-27412)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bq27xxx_battery_i2c_remove() function in drivers/power/supply/bq27xxx_battery_i2c.c. A local user can perform a denial of service (DoS) attack.
365) Buffer overflow (CVE-ID: CVE-2024-27413)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the efi_capsule_open() function in drivers/firmware/efi/capsule-loader.c. A local user can escalate privileges on the system.
366) Buffer overflow (CVE-ID: CVE-2024-27414)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the rtnl_bridge_setlink() function in net/core/rtnetlink.c. A local user can escalate privileges on the system.
367) Information disclosure (CVE-ID: CVE-2024-27416)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to an error within the hci_io_capa_request_evt() function in net/bluetooth/hci_event.c when handling HCI_EV_IO_CAPA_REQUEST packets. A remote attacker on the local network can force the system to assume that the remote peer
does support SSP and potentially gain access to sensitive information.
368) Information disclosure (CVE-ID: CVE-2024-27417)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the inet6_rtm_getaddr() function in net/ipv6/addrconf.c. A local user can gain access to sensitive information.
369) Information disclosure (CVE-ID: CVE-2024-27418)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the mctp_local_output() function in net/mctp/route.c. A local user can gain access to sensitive information.
370) Race condition within a thread (CVE-ID: CVE-2024-27419)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the nr_state1_machine(), nr_state2_machine() and nr_state3_machine() functions in net/netrom/nr_in.c, within the nr_rx_frame() function in net/netrom/af_netrom.c. A local user can manipulate data.
371) Use of uninitialized resource (CVE-ID: CVE-2024-27431)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the cpu_map_bpf_prog_run_xdp() function in kernel/bpf/cpumap.c. A local user can perform a denial of service (DoS) attack.
372) Resource management error (CVE-ID: CVE-2024-27432)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mtk_ppe_start() and mtk_ppe_stop() functions in drivers/net/ethernet/mediatek/mtk_ppe.c. A local user can perform a denial of service (DoS) attack.
373) Input validation error (CVE-ID: CVE-2024-27434)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the iwl_mvm_get_sec_flags() function in drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c. A local user can perform a denial of service (DoS) attack.
374) Improper locking (CVE-ID: CVE-2024-27435)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_alloc_admin_tag_set() and nvme_alloc_io_tag_set() functions in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
375) Out-of-bounds write (CVE-ID: CVE-2024-27436)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the convert_chmap() function in sound/usb/stream.c. A local user can execute arbitrary code.
376) Use of uninitialized resource (CVE-ID: CVE-2024-33619)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the efi_free() function in drivers/firmware/efi/libstub/fdt.c. A local user can perform a denial of service (DoS) attack.
377) Input validation error (CVE-ID: CVE-2024-34777)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the map_benchmark_ioctl() function in kernel/dma/map_benchmark.c. A local user can perform a denial of service (DoS) attack.
378) NULL pointer dereference (CVE-ID: CVE-2024-35247)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fpga_region_get(), fpga_region_put(), ATTRIBUTE_GROUPS(), fpga_region_register_full(), ERR_PTR() and EXPORT_SYMBOL_GPL() functions in drivers/fpga/fpga-region.c, within the fpga_region_register_full() function in Documentation/driver-api/fpga/fpga-region.rst. A local user can perform a denial of service (DoS) attack.
379) Improper locking (CVE-ID: CVE-2024-35784)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fiemap_process_hole(), extent_fiemap(), btrfs_free_path() and emit_last_fiemap_cache() functions in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
380) Improper locking (CVE-ID: CVE-2024-35786)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nouveau_gem_ioctl_pushbuf() function in drivers/gpu/drm/nouveau/nouveau_gem.c. A local user can perform a denial of service (DoS) attack.
381) Out-of-bounds read (CVE-ID: CVE-2024-35788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dcn35_clk_mgr_helper_populate_bw_params() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c. A local user can perform a denial of service (DoS) attack.
382) Use-after-free (CVE-ID: CVE-2024-35789)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ieee80211_change_station() function in net/mac80211/cfg.c. A local user can escalate privileges on the system.
383) NULL pointer dereference (CVE-ID: CVE-2024-35790)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hpd_show(), dp_altmode_probe(), dp_altmode_remove() and module_typec_altmode_driver() functions in drivers/usb/typec/altmodes/displayport.c. A local user can perform a denial of service (DoS) attack.
384) Use-after-free (CVE-ID: CVE-2024-35791)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svm_register_enc_region() function in arch/x86/kvm/svm/sev.c. A local user can escalate privileges on the system.
385) Improper locking (CVE-ID: CVE-2024-35794)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the md_clean() and __md_stop_writes() functions in drivers/md/md.c, within the raid_message(), raid_postsuspend(), raid_preresume() and raid_resume() functions in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
386) Improper locking (CVE-ID: CVE-2024-35795)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amdgpu_debugfs_mqd_read() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c. A local user can perform a denial of service (DoS) attack.
387) NULL pointer dereference (CVE-ID: CVE-2024-35796)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the temac_probe() function in drivers/net/ethernet/xilinx/ll_temac_main.c. A local user can perform a denial of service (DoS) attack.
388) Input validation error (CVE-ID: CVE-2024-35799)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dce110_disable_stream() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_hw_sequencer.c. A local user can perform a denial of service (DoS) attack.
389) NULL pointer dereference (CVE-ID: CVE-2024-35800)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the generic_ops_supported() function in drivers/firmware/efi/efi.c. A local user can perform a denial of service (DoS) attack.
390) Input validation error (CVE-ID: CVE-2024-35801)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the fpu__init_cpu_xstate() function in arch/x86/kernel/fpu/xstate.c. A local user can perform a denial of service (DoS) attack.
391) Buffer overflow (CVE-ID: CVE-2024-35803)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYM_FUNC_START(), SYM_FUNC_START_LOCAL() and SYM_DATA_END() functions in arch/x86/boot/compressed/efi_mixed.S. A local user can perform a denial of service (DoS) attack.
392) Buffer overflow (CVE-ID: CVE-2024-35804)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the emulator_cmpxchg_emulated() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
393) Improper locking (CVE-ID: CVE-2024-35805)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dm_exception_table_exit() function in drivers/md/dm-snap.c. A local user can perform a denial of service (DoS) attack.
394) Improper locking (CVE-ID: CVE-2024-35806)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qm_congestion_task() and qman_create_cgr() functions in drivers/soc/fsl/qbman/qman.c. A local user can perform a denial of service (DoS) attack.
395) Resource management error (CVE-ID: CVE-2024-35807)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the EXT4_DESC_PER_BLOCK() function in fs/ext4/resize.c. A local user can perform a denial of service (DoS) attack.
396) Improper locking (CVE-ID: CVE-2024-35808)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the raid_message() function in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
397) Improper error handling (CVE-ID: CVE-2024-35809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the pci_device_remove() function in drivers/pci/pci-driver.c. A local user can perform a denial of service (DoS) attack.
398) Buffer overflow (CVE-ID: CVE-2024-35810)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vmw_du_cursor_mob_size() and vmw_du_cursor_plane_cleanup_fb() functions in drivers/gpu/drm/vmwgfx/vmwgfx_kms.c. A local user can perform a denial of service (DoS) attack.
399) Use-after-free (CVE-ID: CVE-2024-35811)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcmf_notify_escan_complete() and brcmf_cfg80211_detach() functions in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. A local user can escalate privileges on the system.
400) Improper error handling (CVE-ID: CVE-2024-35812)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the service_outstanding_interrupt() function in drivers/usb/class/cdc-wdm.c. A local user can perform a denial of service (DoS) attack.
401) Incorrect calculation (CVE-ID: CVE-2024-35813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the __mmc_blk_ioctl_cmd() function in drivers/mmc/core/block.c. A local user can perform a denial of service (DoS) attack.
402) Resource management error (CVE-ID: CVE-2024-35814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to double allocation of slots within the swiotlb_area_find_slots() function in kernel/dma/swiotlb.c. A local user can perform a denial of service (DoS) attack.
403) Resource management error (CVE-ID: CVE-2024-35815)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the aio_setup_ring() and kiocb_set_cancel_fn() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.
404) Resource management error (CVE-ID: CVE-2024-35817)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_ttm_gart_bind() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can perform a denial of service (DoS) attack.
405) Improper locking (CVE-ID: CVE-2024-35819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qman_create_portal(), qm_congestion_task(), qman_create_cgr(), qman_delete_cgr() and qman_update_cgr() functions in drivers/soc/fsl/qbman/qman.c. A local user can perform a denial of service (DoS) attack.
406) Improper locking (CVE-ID: CVE-2024-35821)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the write_begin_slow(), ubifs_write_begin() and ubifs_write_end() functions in fs/ubifs/file.c. A local user can perform a denial of service (DoS) attack.
407) Improper locking (CVE-ID: CVE-2024-35822)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the usb_ep_queue() function in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.
408) Buffer overflow (CVE-ID: CVE-2024-35823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vc_uniscr_delete() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.
409) Resource management error (CVE-ID: CVE-2024-35824)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the lis3lv02d_i2c_suspend() and lis3lv02d_i2c_resume() functions in drivers/misc/lis3lv02d/lis3lv02d_i2c.c. A local user can perform a denial of service (DoS) attack.
410) Buffer overflow (CVE-ID: CVE-2024-35825)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/usb/gadget/function/f_ncm.c. A local user can perform a denial of service (DoS) attack.
411) Integer underflow (CVE-ID: CVE-2024-35827)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the io_recvmsg_mshot_prep() function in io_uring/net.c. A local user can execute arbitrary code.
412) Memory leak (CVE-ID: CVE-2024-35828)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lbs_allocate_cmd_buffer() function in drivers/net/wireless/marvell/libertas/cmd.c. A local user can perform a denial of service (DoS) attack.
413) Memory leak (CVE-ID: CVE-2024-35829)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lima_heap_alloc() function in drivers/gpu/drm/lima/lima_gem.c. A local user can perform a denial of service (DoS) attack.
414) Resource management error (CVE-ID: CVE-2024-35830)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tc358743_probe() function in drivers/media/i2c/tc358743.c. A local user can perform a denial of service (DoS) attack.
415) Input validation error (CVE-ID: CVE-2024-35831)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __io_uaddr_map() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
416) Memory leak (CVE-ID: CVE-2024-35833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/dma/fsl-qdma.c. A local user can perform a denial of service (DoS) attack.
417) Improper locking (CVE-ID: CVE-2024-35834)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xsk_rcv_zc() function in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.
418) Double free (CVE-ID: CVE-2024-35835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the arfs_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c. A local user can perform a denial of service (DoS) attack.
419) Use-after-free (CVE-ID: CVE-2024-35836)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dpll_msg_add_pin_freq(), dpll_pin_is_freq_supported(), dpll_cmd_pin_get_one(), dpll_pin_on_pin_state_set(), dpll_pin_state_set(), dpll_pin_prio_set(), dpll_pin_direction_set(), dpll_pin_phase_adj_set() and dpll_pin_find() functions in drivers/dpll/dpll_netlink.c, within the dpll_device_unregister(), dpll_pin_alloc(), dpll_pin_put() and dpll_pin_on_pin_register() functions in drivers/dpll/dpll_core.c. A local user can escalate privileges on the system.
420) Use of uninitialized resource (CVE-ID: CVE-2024-35837)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mvpp2_bm_pool_cleanup() and mvpp2_bm_init() functions in drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c. A local user can perform a denial of service (DoS) attack.
421) Information disclosure (CVE-ID: CVE-2024-35838)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the sta_info_free() function in net/mac80211/sta_info.c. A local user can gain access to sensitive information.
422) Infinite loop (CVE-ID: CVE-2024-35841)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the net/tls/tls_sw.c. A local user can perform a denial of service (DoS) attack.
423) NULL pointer dereference (CVE-ID: CVE-2024-35842)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_sof_dai_link_fixup() function in sound/soc/mediatek/common/mtk-dsp-sof-common.c. A local user can perform a denial of service (DoS) attack.
424) Use-after-free (CVE-ID: CVE-2024-35843)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the prq_event_thread() function in drivers/iommu/intel/svm.c, within the intel_iommu_release_device() function in drivers/iommu/intel/iommu.c, within the alloc_iommu() function in drivers/iommu/intel/dmar.c. A local user can escalate privileges on the system.
425) Input validation error (CVE-ID: CVE-2024-35845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the iwl_dbg_tlv_alloc_debug_info() function in drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c. A local user can perform a denial of service (DoS) attack.
426) Double free (CVE-ID: CVE-2024-35847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the its_vpe_irq_domain_alloc() function in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.
427) Buffer overflow (CVE-ID: CVE-2024-35848)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the at24_probe() function in drivers/misc/eeprom/at24.c. A local user can escalate privileges on the system.
428) Information disclosure (CVE-ID: CVE-2024-35849)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the init_data_container() function in fs/btrfs/backref.c. A local user can gain access to sensitive information.
429) NULL pointer dereference (CVE-ID: CVE-2024-35850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qca_debugfs_init() function in drivers/bluetooth/hci_qca.c. A local user can perform a denial of service (DoS) attack.
430) NULL pointer dereference (CVE-ID: CVE-2024-35851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qca_prevent_wake() function in drivers/bluetooth/hci_qca.c. A local user can perform a denial of service (DoS) attack.
431) Memory leak (CVE-ID: CVE-2024-35852)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlxsw_sp_acl_tcam_vregion_destroy() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
432) Memory leak (CVE-ID: CVE-2024-35853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlxsw_sp_acl_tcam_vchunk_migrate_start() and mlxsw_sp_acl_tcam_vregion_migrate() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
433) Use-after-free (CVE-ID: CVE-2024-35854)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_vregion_rehash() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.
434) NULL pointer dereference (CVE-ID: CVE-2024-35857)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the icmp_build_probe() function in net/ipv4/icmp.c. A local user can perform a denial of service (DoS) attack.
435) Incorrect calculation (CVE-ID: CVE-2024-35860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the bpf_kprobe_multi_link_fill_link_info() and bpf_uprobe_multi_link_dealloc() functions in kernel/trace/bpf_trace.c, within the bpf_link_inc() and bpf_raw_tp_link_fill_link_info() functions in kernel/bpf/syscall.c. A local user can perform a denial of service (DoS) attack.
436) Use-after-free (CVE-ID: CVE-2024-35861)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_signal_cifsd_for_reconnect() function in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
437) Use-after-free (CVE-ID: CVE-2024-35862)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_network_name_deleted() function in fs/smb/client/smb2ops.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
438) Use-after-free (CVE-ID: CVE-2024-35863)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the is_valid_oplock_break() function in fs/smb/client/misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
439) Use-after-free (CVE-ID: CVE-2024-35864)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_valid_lease_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
440) Use-after-free (CVE-ID: CVE-2024-35865)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_valid_oplock_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
441) Use-after-free (CVE-ID: CVE-2024-35866)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_dump_full_key() function in fs/smb/client/ioctl.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
442) Use-after-free (CVE-ID: CVE-2024-35867)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_stats_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
443) Use-after-free (CVE-ID: CVE-2024-35868)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_stats_proc_write() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
444) Resource management error (CVE-ID: CVE-2024-35872)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/linux/secretmem.h. A local user can perform a denial of service (DoS) attack.
445) Input validation error (CVE-ID: CVE-2024-35875)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the setup_arch() function in arch/x86/kernel/setup.c, within the cc_mkdec() function in arch/x86/coco/core.c. A local user can perform a denial of service (DoS) attack.
446) Memory leak (CVE-ID: CVE-2024-35877)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the follow_phys() function in mm/memory.c, within the is_cow_mapping(), free_pfn_range() and untrack_pfn() functions in arch/x86/mm/pat.c. A local user can perform a denial of service (DoS) attack.
447) NULL pointer dereference (CVE-ID: CVE-2024-35878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the of_modalias() function in drivers/of/module.c. A local user can perform a denial of service (DoS) attack.
448) Memory leak (CVE-ID: CVE-2024-35879)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pr_fmt() and of_changeset_destroy() functions in drivers/of/dynamic.c. A local user can perform a denial of service (DoS) attack.
449) Improper locking (CVE-ID: CVE-2024-35880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __io_remove_buffers() and io_unregister_pbuf_ring() functions in io_uring/kbuf.c, within the io_uring_validate_mmap_request() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
450) Memory leak (CVE-ID: CVE-2024-35883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci1xxxx_spi_probe() function in drivers/spi/spi-pci1xxxx.c. A local user can perform a denial of service (DoS) attack.
451) Buffer overflow (CVE-ID: CVE-2024-35884)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the udp_gro_receive() function in net/ipv4/udp_offload.c, within the __udp_is_mcast_sock() function in net/ipv4/udp.c. A local user can perform a denial of service (DoS) attack.
452) NULL pointer dereference (CVE-ID: CVE-2024-35885)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlxbf_gige_shutdown() function in drivers/net/ethernet/mellanox/mlxbf_gige/mlxbf_gige_main.c. A local user can perform a denial of service (DoS) attack.
453) Infinite loop (CVE-ID: CVE-2024-35886)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the inet6_dump_fib() function in net/ipv6/ip6_fib.c. A local user can perform a denial of service (DoS) attack.
454) Use-after-free (CVE-ID: CVE-2024-35887)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ax25_dev_device_down() function in net/ax25/ax25_dev.c. A local user can escalate privileges on the system.
455) Input validation error (CVE-ID: CVE-2024-35889)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the idpf_rx_process_skb_fields() function in drivers/net/ethernet/intel/idpf/idpf_txrx.c when handling unknown packet types. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
456) Improper error handling (CVE-ID: CVE-2024-35890)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the skb_gro_receive_list() and skb_gro_receive() functions in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.
457) NULL pointer dereference (CVE-ID: CVE-2024-35891)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lan8814_txtstamp(), lan8814_get_sig_rx(), lan8814_match_rx_ts(), lan8814_ptpci_adjfine(), lan8814_get_sig_tx(), lan8814_dequeue_tx_skb() and lan8814_match_skb() functions in drivers/net/phy/micrel.c. A local user can perform a denial of service (DoS) attack.
458) Improper locking (CVE-ID: CVE-2024-35892)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qdisc_tree_reduce_backlog() function in net/sched/sch_api.c. A local user can perform a denial of service (DoS) attack.
459) Memory leak (CVE-ID: CVE-2024-35893)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tcf_skbmod_dump() function in net/sched/act_skbmod.c. A local user can perform a denial of service (DoS) attack.
460) Improper locking (CVE-ID: CVE-2024-35895)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
461) Out-of-bounds read (CVE-ID: CVE-2024-35896)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_replace() and compat_do_replace() functions in net/ipv6/netfilter/ip6_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/ip_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/arp_tables.c, within the do_replace(), update_counters() and compat_update_counters() functions in net/bridge/netfilter/ebtables.c. A local user can perform a denial of service (DoS) attack.
462) Race condition within a thread (CVE-ID: CVE-2024-35898)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the nf_tables_flowtable_parse_hook() and nft_flowtable_type_get() functions in net/netfilter/nf_tables_api.c. A local user can manipulate data.
463) Use-after-free (CVE-ID: CVE-2024-35899)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_tables_module_exit() function in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.
464) Incorrect calculation (CVE-ID: CVE-2024-35900)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the nf_tables_addchain() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
465) Resource management error (CVE-ID: CVE-2024-35901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mana_get_rxbuf_cfg() function in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.
466) Input validation error (CVE-ID: CVE-2024-35903)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the emit_call() function in arch/x86/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.
467) NULL pointer dereference (CVE-ID: CVE-2024-35904)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_sel_fs() function in security/selinux/selinuxfs.c. A local user can perform a denial of service (DoS) attack.
468) Out-of-bounds read (CVE-ID: CVE-2024-35905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the check_stack_access_within_bounds() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
469) Out-of-bounds read (CVE-ID: CVE-2024-35907)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mlxbf_gige_open() function in drivers/net/ethernet/mellanox/mlxbf_gige/mlxbf_gige_main.c. A local user can perform a denial of service (DoS) attack.
470) Improper locking (CVE-ID: CVE-2024-35908)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tls_sw_recvmsg() function in net/tls/tls_sw.c. A local user can perform a denial of service (DoS) attack.
471) Buffer overflow (CVE-ID: CVE-2024-35909)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the t7xx_pcie_mac_atr_tables_dis() and t7xx_pcie_mac_atr_cfg() functions in drivers/net/wwan/t7xx/t7xx_pcie_mac.c, within the t7xx_cldma_gpd_rx_from_q() and t7xx_cldma_txq_empty_hndl() functions in drivers/net/wwan/t7xx/t7xx_hif_cldma.c, within the t7xx_cldma_tx_addr_is_set() and t7xx_cldma_hw_set_start_addr() functions in drivers/net/wwan/t7xx/t7xx_cldma.c. A local user can escalate privileges on the system.
472) NULL pointer dereference (CVE-ID: CVE-2024-35911)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_vsi_rebuild() function in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.
473) Memory leak (CVE-ID: CVE-2024-35912)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iwl_rfi_get_freq_table() function in drivers/net/wireless/intel/iwlwifi/mvm/rfi.c. A local user can perform a denial of service (DoS) attack.
474) Improper locking (CVE-ID: CVE-2024-35914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lock_rename() and unlock_rename() functions in fs/nfsd/vfs.c. A local user can perform a denial of service (DoS) attack.
475) Use of uninitialized resource (CVE-ID: CVE-2024-35915)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nci_rx_work() function in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.
476) NULL pointer dereference (CVE-ID: CVE-2024-35916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sanitycheck() function in drivers/dma-buf/st-dma-fence-chain.c. A local user can perform a denial of service (DoS) attack.
477) NULL pointer dereference (CVE-ID: CVE-2024-35917)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_skip(), asm(), bpf_jit_epilogue(), bpf_int_jit_compile(), bpf_jit_supports_far_kfunc_call() and bpf_arch_text_poke() functions in arch/s390/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.
478) Improper Initialization (CVE-ID: CVE-2024-35921)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the vdec_hevc_slice_init() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_hevc_req_multi_if.c. A local user can perform a denial of service (DoS) attack.
479) Division by zero (CVE-ID: CVE-2024-35922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the fb_get_mode() and fb_videomode_from_videomode() functions in drivers/video/fbdev/core/fbmon.c. A local user can perform a denial of service (DoS) attack.
480) Buffer overflow (CVE-ID: CVE-2024-35924)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ucsi_read_message_in(), ucsi_read_error(), ucsi_send_command() and ucsi_register() functions in drivers/usb/typec/ucsi/ucsi.c. A local user can perform a denial of service (DoS) attack.
481) Division by zero (CVE-ID: CVE-2024-35925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the blk_rq_stat_init() function in block/blk-stat.c. A local user can perform a denial of service (DoS) attack.
482) Memory leak (CVE-ID: CVE-2024-35926)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iaa_compress() and iaa_decompress() functions in drivers/crypto/intel/iaa/iaa_crypto_main.c. A local user can perform a denial of service (DoS) attack.
483) Use of uninitialized resource (CVE-ID: CVE-2024-35927)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the reschedule_output_poll_work() and EXPORT_SYMBOL() functions in drivers/gpu/drm/drm_probe_helper.c, within the drm_mode_config_helper_suspend() and drm_mode_config_helper_resume() functions in drivers/gpu/drm/drm_modeset_helper.c. A local user can perform a denial of service (DoS) attack.
484) Memory leak (CVE-ID: CVE-2024-35928)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_device_init() and amdgpu_vf_error_trans_all() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
485) Memory leak (CVE-ID: CVE-2024-35930)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_rcv_padisc() function in drivers/scsi/lpfc/lpfc_nportdisc.c. A local user can perform a denial of service (DoS) attack.
486) Improper error handling (CVE-ID: CVE-2024-35931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the amdgpu_pci_slot_reset() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
487) Use-after-free (CVE-ID: CVE-2024-35932)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vc4_prepare_fb() and vc4_cleanup_fb() functions in drivers/gpu/drm/vc4/vc4_plane.c. A local user can escalate privileges on the system.
488) NULL pointer dereference (CVE-ID: CVE-2024-35933)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btintel_read_version() function in drivers/bluetooth/btintel.c. A local user can perform a denial of service (DoS) attack.
489) Improper locking (CVE-ID: CVE-2024-35934)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smc_pnet_create_pnetids_list() function in net/smc/smc_pnet.c. A local user can perform a denial of service (DoS) attack.
490) Improper error handling (CVE-ID: CVE-2024-35935)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the iterate_inode_ref() function in fs/btrfs/send.c. A local user can perform a denial of service (DoS) attack.
491) Improper error handling (CVE-ID: CVE-2024-35936)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mutex_unlock() function in fs/btrfs/volumes.c. A local user can perform a denial of service (DoS) attack.
492) Out-of-bounds read (CVE-ID: CVE-2024-35937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ieee80211_amsdu_subframe_length(), ieee80211_is_valid_amsdu() and ieee80211_amsdu_to_8023s() functions in net/wireless/util.c. A local user can perform a denial of service (DoS) attack.
493) Buffer overflow (CVE-ID: CVE-2024-35938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ARRAY_SIZE() function in drivers/net/wireless/ath/ath11k/mhi.c. A local user can perform a denial of service (DoS) attack.
494) NULL pointer dereference (CVE-ID: CVE-2024-35940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the psz_kmsg_read() function in fs/pstore/zone.c. A local user can perform a denial of service (DoS) attack.
495) Resource management error (CVE-ID: CVE-2024-35942)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the drivers/pmdomain/imx/imx8mp-blk-ctrl.c. A local user can perform a denial of service (DoS) attack.
496) NULL pointer dereference (CVE-ID: CVE-2024-35943)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the omap_prm_domain_init() function in drivers/pmdomain/ti/omap_prm.c. A local user can perform a denial of service (DoS) attack.
497) Resource management error (CVE-ID: CVE-2024-35944)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dg_dispatch_as_host() function in drivers/misc/vmw_vmci/vmci_datagram.c. A local user can perform a denial of service (DoS) attack.
498) Improper error handling (CVE-ID: CVE-2024-35945)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the phy_sfp_probe(), phy_attach_direct() and phy_get_internal_delay() functions in drivers/net/phy/phy_device.c. A local user can perform a denial of service (DoS) attack.
499) NULL pointer dereference (CVE-ID: CVE-2024-35946)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rtw89_ops_bss_info_changed() and rtw89_ops_remain_on_channel() functions in drivers/net/wireless/realtek/rtw89/mac80211.c. A local user can perform a denial of service (DoS) attack.
500) Improper error handling (CVE-ID: CVE-2024-35947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error within the ddebug_tokenize() function in lib/dynamic_debug.c. A local user can crash the OS kernel.
501) Use-after-free (CVE-ID: CVE-2024-35950)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drm_client_modeset_probe() function in drivers/gpu/drm/drm_client_modeset.c. A local user can escalate privileges on the system.
502) Improper resource shutdown or release (CVE-ID: CVE-2024-35951)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the panfrost_mmu_map_fault_addr() and sg_free_table() functions in drivers/gpu/drm/panfrost/panfrost_mmu.c. A local user can perform a denial of service (DoS) attack.
503) Improper locking (CVE-ID: CVE-2024-35952)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ast_dp_set_on_off() function in drivers/gpu/drm/ast/ast_dp.c. A local user can perform a denial of service (DoS) attack.
504) Improper locking (CVE-ID: CVE-2024-35953)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ivpu_dev_init() function in drivers/accel/ivpu/ivpu_drv.c. A local user can perform a denial of service (DoS) attack.
505) NULL pointer dereference (CVE-ID: CVE-2024-35954)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sg_remove_sfp_usercontext() function in drivers/scsi/sg.c. A local user can perform a denial of service (DoS) attack.
506) Use-after-free (CVE-ID: CVE-2024-35955)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the check_kprobe_address_safe() function in kernel/kprobes.c. A local user can escalate privileges on the system.
507) Information disclosure (CVE-ID: CVE-2024-35956)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the btrfs_subvolume_reserve_metadata() function in fs/btrfs/root-tree.c, within the create_subvol() and create_snapshot() functions in fs/btrfs/ioctl.c, within the btrfs_delete_subvolume() and btrfs_end_transaction() functions in fs/btrfs/inode.c. A local user can gain access to sensitive information.
508) Improper locking (CVE-ID: CVE-2024-35957)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the intel_iommu_probe_device() and intel_iommu_release_device() functions in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.
509) Resource management error (CVE-ID: CVE-2024-35958)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ena_unmap_tx_buff() and ena_free_tx_bufs() functions in drivers/net/ethernet/amazon/ena/ena_netdev.c. A local user can perform a denial of service (DoS) attack.
510) Improper locking (CVE-ID: CVE-2024-35959)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_priv_cleanup() function in drivers/net/ethernet/mellanox/mlx5/core/en_main.c, within the mlx5e_selq_init() and mlx5e_selq_cleanup() functions in drivers/net/ethernet/mellanox/mlx5/core/en/selq.c. A local user can perform a denial of service (DoS) attack.
511) Improper Initialization (CVE-ID: CVE-2024-35960)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the add_rule_fg() function in drivers/net/ethernet/mellanox/mlx5/core/fs_core.c. A local user can perform a denial of service (DoS) attack.
512) Improper locking (CVE-ID: CVE-2024-35961)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5_sf_dev_remove() function in drivers/net/ethernet/mellanox/mlx5/core/sf/dev/driver.c, within the mlx5_init_one_devl_locked(), mlx5_init_one(), mlx5_uninit_one(), mlx5_init_one_light(), mlx5_uninit_one_light(), probe_one() and remove_one() functions in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.
513) Input validation error (CVE-ID: CVE-2024-35962)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the do_replace() and compat_do_replace() functions in net/ipv6/netfilter/ip6_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/ip_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/arp_tables.c. A local user can perform a denial of service (DoS) attack.
514) Input validation error (CVE-ID: CVE-2024-35963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_sock_setsockopt_old() and hci_sock_setsockopt() functions in net/bluetooth/hci_sock.c. A local user can perform a denial of service (DoS) attack.
515) Input validation error (CVE-ID: CVE-2024-35964)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the iso_sock_setsockopt() function in net/bluetooth/iso.c. A local user can perform a denial of service (DoS) attack.
516) Input validation error (CVE-ID: CVE-2024-35965)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the l2cap_sock_setsockopt_old() and l2cap_sock_setsockopt() functions in net/bluetooth/l2cap_sock.c. A local user can perform a denial of service (DoS) attack.
517) Out-of-bounds read (CVE-ID: CVE-2024-35966)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rfcomm_sock_setsockopt_old() and rfcomm_sock_setsockopt() functions in net/bluetooth/rfcomm/sock.c. A local user can perform a denial of service (DoS) attack.
518) Out-of-bounds read (CVE-ID: CVE-2024-35967)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sco_sock_setsockopt() function in net/bluetooth/sco.c. A local user can perform a denial of service (DoS) attack.
519) Use-after-free (CVE-ID: CVE-2024-35969)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ipv6_get_ifaddr() function in net/ipv6/addrconf.c, within the in6_ifa_hold() function in include/net/addrconf.h. A local user can escalate privileges on the system.
520) Out-of-bounds read (CVE-ID: CVE-2024-35970)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the manage_oob() function in net/unix/af_unix.c. A local user can perform a denial of service (DoS) attack.
521) Improper locking (CVE-ID: CVE-2024-35971)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ks8851_rx_pkts() and ks8851_irq() functions in drivers/net/ethernet/micrel/ks8851_common.c. A local user can perform a denial of service (DoS) attack.
522) Memory leak (CVE-ID: CVE-2024-35972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bnxt_rdma_aux_device_init() function in drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.c. A local user can perform a denial of service (DoS) attack.
523) Use of uninitialized resource (CVE-ID: CVE-2024-35973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the geneve_xmit_skb() and geneve6_xmit_skb() functions in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.
524) Buffer overflow (CVE-ID: CVE-2024-35974)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_alloc_queue() function in block/blk-core.c, within the blkcg_css_online() and blkcg_init_disk() functions in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
525) Memory leak (CVE-ID: CVE-2024-35975)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the otx2_qos_read_txschq_cfg_tl() function in drivers/net/ethernet/marvell/octeontx2/nic/qos.c. A local user can perform a denial of service (DoS) attack.
526) Out-of-bounds read (CVE-ID: CVE-2024-35976)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the xsk_setsockopt() function in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.
527) NULL pointer dereference (CVE-ID: CVE-2024-35977)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cros_ec_uart_probe() function in drivers/platform/chrome/cros_ec_uart.c. A local user can perform a denial of service (DoS) attack.
528) Memory leak (CVE-ID: CVE-2024-35978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hci_req_sync_complete() function in net/bluetooth/hci_request.c. A local user can perform a denial of service (DoS) attack.
529) Use-after-free (CVE-ID: CVE-2024-35979)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the raid1_write_request() function in drivers/md/raid1.c. A local user can escalate privileges on the system.
530) Infinite loop (CVE-ID: CVE-2024-35981)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the virtnet_get_rxfh() and virtnet_probe() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
531) Infinite loop (CVE-ID: CVE-2024-35982)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the batadv_tt_local_resize_to_mtu() function in net/batman-adv/translation-table.c. A local user can perform a denial of service (DoS) attack.
532) NULL pointer dereference (CVE-ID: CVE-2024-35984)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i2c_check_for_quirks() function in drivers/i2c/i2c-core-base.c. A local user can perform a denial of service (DoS) attack.
533) Race condition (CVE-ID: CVE-2024-35986)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the tusb1210_get_online() and tusb1210_remove_charger_detect() functions in drivers/phy/ti/phy-tusb1210.c. A local user can perform a denial of service (DoS) attack.
534) Resource management error (CVE-ID: CVE-2024-35989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the perf_event_cpu_offline() function in drivers/dma/idxd/perfmon.c. A local user can perform a denial of service (DoS) attack.
535) Improper locking (CVE-ID: CVE-2024-35990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xilinx_dpdma_chan_vsync_irq(), xilinx_dpdma_issue_pending() and xilinx_dpdma_chan_err_task() functions in drivers/dma/xilinx/xilinx_dpdma.c. A local user can perform a denial of service (DoS) attack.
536) Improper locking (CVE-ID: CVE-2024-35991)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the process_evl_entries() function in drivers/dma/idxd/irq.c, within the idxd_init_evl() function in drivers/dma/idxd/init.c, within the idxd_device_evl_setup() and idxd_device_evl_free() functions in drivers/dma/idxd/device.c, within the debugfs_evl_show() function in drivers/dma/idxd/debugfs.c, within the idxd_cdev_evl_drain_pasid() function in drivers/dma/idxd/cdev.c. A local user can perform a denial of service (DoS) attack.
537) Out-of-bounds read (CVE-ID: CVE-2024-35992)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the comphy_gbe_phy_init() function in drivers/phy/marvell/phy-mvebu-a3700-comphy.c. A local user can perform a denial of service (DoS) attack.
538) Buffer overflow (CVE-ID: CVE-2024-35995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the show_cppc_data(), acpi_cppc_processor_probe(), cpc_read() and cpc_write() functions in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.
539) Infinite loop (CVE-ID: CVE-2024-35997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the __i2c_hid_command() and i2c_hid_irq() functions in drivers/hid/i2c-hid/i2c-hid-core.c. A local user can perform a denial of service (DoS) attack.
540) Improper locking (CVE-ID: CVE-2024-35998)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cifs_sync_mid_result() function in fs/smb/client/transport.c. A local user can perform a denial of service (DoS) attack.
541) Race condition within a thread (CVE-ID: CVE-2024-35999)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the cifs_pick_channel() function in fs/smb/client/transport.c. A local user can manipulate data.
542) NULL pointer dereference (CVE-ID: CVE-2024-36002)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpll_device_get_by_id(), dpll_pin_registration_find(), dpll_xa_ref_pin_add(), dpll_xa_ref_pin_del(), dpll_xa_ref_dpll_add(), dpll_xa_ref_dpll_del(), EXPORT_SYMBOL_GPL(), __dpll_pin_register(), dpll_pin_register(), dpll_pin_unregister(), dpll_pin_on_pin_register() and dpll_pin_on_pin_unregister() functions in drivers/dpll/dpll_core.c. A local user can perform a denial of service (DoS) attack.
543) Improper locking (CVE-ID: CVE-2024-36003)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ice_reset_vf() function in drivers/net/ethernet/intel/ice/ice_vf_lib.c. A local user can perform a denial of service (DoS) attack.
544) Resource management error (CVE-ID: CVE-2024-36004)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the i40e_init_module() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
545) Resource management error (CVE-ID: CVE-2024-36005)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nft_netdev_event() function in net/netfilter/nft_chain_filter.c. A local user can perform a denial of service (DoS) attack.
546) Resource management error (CVE-ID: CVE-2024-36006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mlxsw_sp_acl_tcam_vchunk_migrate_one() and mlxsw_sp_acl_tcam_vchunk_migrate_all() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
547) Incorrect calculation (CVE-ID: CVE-2024-36007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the mlxsw_sp_acl_tcam_vregion_rehash_work(), mlxsw_sp_acl_tcam_rehash_ctx_vregion_changed(), mlxsw_sp_acl_tcam_vchunk_migrate_end(), mlxsw_sp_acl_tcam_vchunk_migrate_one(), mlxsw_sp_acl_tcam_vregion_migrate() and mlxsw_sp_acl_tcam_vregion_rehash_start() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
548) NULL pointer dereference (CVE-ID: CVE-2024-36008)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ip_route_use_hint() function in net/ipv4/route.c. A local user can perform a denial of service (DoS) attack.
549) Incorrect calculation (CVE-ID: CVE-2024-36009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the net/ax25/af_ax25.c. A local user can perform a denial of service (DoS) attack.
550) NULL pointer dereference (CVE-ID: CVE-2024-36010)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the igb_set_fw_version() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
551) NULL pointer dereference (CVE-ID: CVE-2024-36011)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hci_le_big_sync_established_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
552) Use-after-free (CVE-ID: CVE-2024-36012)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the msft_monitor_supported() function in net/bluetooth/msft.h, within the msft_register() function in net/bluetooth/msft.c, within the hci_unregister_dev() and hci_release_dev() functions in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
553) Use-after-free (CVE-ID: CVE-2024-36013)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_command_rej(), l2cap_connect() and l2cap_chan_unlock() functions in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
554) NULL pointer dereference (CVE-ID: CVE-2024-36014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the malidp_mw_connector_reset() function in drivers/gpu/drm/arm/malidp_mw.c. A local user can perform a denial of service (DoS) attack.
555) Unchecked Return Value (CVE-ID: CVE-2024-36015)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an unchecked return value within the register_device() function in drivers/char/ppdev.c. A local user can perform a denial of service (DoS) attack.
556) Out-of-bounds write (CVE-ID: CVE-2024-36016)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the gsm0_receive() function in drivers/tty/n_gsm.c. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
557) Out-of-bounds read (CVE-ID: CVE-2024-36017)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_setvfinfo() function in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.
558) Buffer overflow (CVE-ID: CVE-2024-36018)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the op_remap() function in drivers/gpu/drm/nouveau/nouveau_uvmm.c. A local user can perform a denial of service (DoS) attack.
559) Out-of-bounds read (CVE-ID: CVE-2024-36019)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the regcache_maple_drop() function in drivers/base/regmap/regcache-maple.c. A local user can perform a denial of service (DoS) attack.
560) Use of uninitialized resource (CVE-ID: CVE-2024-36020)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the i40e_reset_all_vfs() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.
561) Improper Initialization (CVE-ID: CVE-2024-36021)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the hclge_init_ae_dev() and hclge_comm_cmd_uninit() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.
562) Race condition (CVE-ID: CVE-2024-36024)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the dc_wake_and_execute_dmub_cmd_list() and dc_wake_and_execute_gpint() functions in drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c. A local user can escalate privileges on the system.
563) Off-by-one (CVE-ID: CVE-2024-36025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the qla_edif_app_getstats() function in drivers/scsi/qla2xxx/qla_edif.c. A local user can perform a denial of service (DoS) attack.
564) Resource management error (CVE-ID: CVE-2024-36026)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the smu_v13_0_4_system_features_control() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_4_ppt.c. A local user can perform a denial of service (DoS) attack.
565) Resource management error (CVE-ID: CVE-2024-36029)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sdhci_msm_runtime_suspend() and sdhci_msm_runtime_resume() functions in drivers/mmc/host/sdhci-msm.c. A local user can perform a denial of service (DoS) attack.
566) Double Free (CVE-ID: CVE-2024-36030)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the rvu_npc_freemem() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c. A local user can perform a denial of service (DoS) attack.
567) Input validation error (CVE-ID: CVE-2024-36032)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qca_read_fw_build_info() function in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.
568) Memory leak (CVE-ID: CVE-2024-36281)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_fs.c. A local user can perform a denial of service (DoS) attack.
569) Out-of-bounds read (CVE-ID: CVE-2024-36477)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tpm_tis_spi_write_bytes() function in drivers/char/tpm/tpm_tis_spi_main.c. A local user can perform a denial of service (DoS) attack.
570) NULL pointer dereference (CVE-ID: CVE-2024-36478)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nullb_update_nr_hw_queues(), nullb_device_power_store(), null_add_dev() and null_create_dev() functions in drivers/block/null_blk/main.c. A local user can perform a denial of service (DoS) attack.
571) NULL pointer dereference (CVE-ID: CVE-2024-36479)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fpga_bridge_disable(), of_fpga_bridge_get(), fpga_bridge_dev_match(), fpga_bridge_get(), fpga_bridge_put(), ATTRIBUTE_GROUPS(), fpga_bridge_register() and ERR_PTR() functions in drivers/fpga/fpga-bridge.c, within the fpga_bridge_register() function in Documentation/driver-api/fpga/fpga-bridge.rst. A local user can perform a denial of service (DoS) attack.
572) Input validation error (CVE-ID: CVE-2024-36880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qca_send_pre_shutdown_cmd(), qca_tlv_check_data() and qca_download_firmware() functions in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.
573) Improper locking (CVE-ID: CVE-2024-36882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the page_cache_ra_order() function in mm/readahead.c. A local user can perform a denial of service (DoS) attack.
574) Improper error handling (CVE-ID: CVE-2024-36885)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nvkm_firmware_dtor() and nvkm_firmware_ctor() functions in drivers/gpu/drm/nouveau/nvkm/core/firmware.c. A local user can perform a denial of service (DoS) attack.
575) Input validation error (CVE-ID: CVE-2024-36887)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the e1000e_read_phy_reg_mdic() and e1000e_write_phy_reg_mdic() functions in drivers/net/ethernet/intel/e1000e/phy.c. A local user can perform a denial of service (DoS) attack.
576) Use of uninitialized resource (CVE-ID: CVE-2024-36889)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
577) Resource management error (CVE-ID: CVE-2024-36890)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/linux/slab.h. A local user can perform a denial of service (DoS) attack.
578) NULL pointer dereference (CVE-ID: CVE-2024-36891)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mas_empty_area_rev() function in lib/maple_tree.c. A local user can perform a denial of service (DoS) attack.
579) NULL pointer dereference (CVE-ID: CVE-2024-36893)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the svdm_consume_identity(), tcpm_register_partner_altmodes(), tcpm_init_vconn(), tcpm_typec_connect(), tcpm_typec_disconnect() and tcpm_pwr_opmode_to_rp() functions in drivers/usb/typec/tcpm/tcpm.c. A local user can perform a denial of service (DoS) attack.
580) Improper locking (CVE-ID: CVE-2024-36894)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ffs_user_copy_worker() and ffs_epfile_async_io_complete() functions in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.
581) Buffer overflow (CVE-ID: CVE-2024-36895)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the __uvcg_iter_item_entries() function in drivers/usb/gadget/function/uvc_configfs.c. A local user can escalate privileges on the system.
582) NULL pointer dereference (CVE-ID: CVE-2024-36896)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the disable_show() and disable_store() functions in drivers/usb/core/port.c. A local user can perform a denial of service (DoS) attack.
583) NULL pointer dereference (CVE-ID: CVE-2024-36897)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the construct_integrated_info() function in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
584) Use of uninitialized resource (CVE-ID: CVE-2024-36898)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the edge_detector_update() function in drivers/gpio/gpiolib-cdev.c. A local user can perform a denial of service (DoS) attack.
585) Use-after-free (CVE-ID: CVE-2024-36899)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gpio_chrdev_release() function in drivers/gpio/gpiolib-cdev.c. A local user can escalate privileges on the system.
586) Improper Initialization (CVE-ID: CVE-2024-36900)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the hclgevf_init_hdev() and hclge_comm_cmd_uninit() functions in drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c, within the hclge_init_ae_dev() and pci_free_irq_vectors() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.
587) NULL pointer dereference (CVE-ID: CVE-2024-36901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ip6_output() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.
588) NULL pointer dereference (CVE-ID: CVE-2024-36902)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __fib6_rule_action() function in net/ipv6/fib6_rules.c. A local user can perform a denial of service (DoS) attack.
589) Use of uninitialized resource (CVE-ID: CVE-2024-36903)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the __ip6_make_skb() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.
590) Use-after-free (CVE-ID: CVE-2024-36904)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcp_twsk_unique() function in net/ipv4/tcp_ipv4.c. A local user can escalate privileges on the system.
591) Out-of-bounds read (CVE-ID: CVE-2024-36906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ENDPROC() function in arch/arm/kernel/sleep.S. A local user can perform a denial of service (DoS) attack.
592) Use-after-free (CVE-ID: CVE-2024-36909)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vmbus_free_ring() function in drivers/hv/channel.c. A local user can escalate privileges on the system.
593) Use-after-free (CVE-ID: CVE-2024-36910)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hv_uio_cleanup() and hv_uio_probe() functions in drivers/uio/uio_hv_generic.c. A local user can escalate privileges on the system.
594) Use-after-free (CVE-ID: CVE-2024-36911)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the free_netvsc_device() function in drivers/net/hyperv/netvsc.c. A local user can escalate privileges on the system.
595) Information disclosure (CVE-ID: CVE-2024-36912)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the __vmbus_establish_gpadl() and kfree() functions in drivers/hv/channel.c. A local user can gain access to sensitive information.
596) Information disclosure (CVE-ID: CVE-2024-36913)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the vmbus_connect() and vmbus_disconnect() functions in drivers/hv/connection.c. A local user can gain access to sensitive information.
597) Out-of-bounds read (CVE-ID: CVE-2024-36914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dm_resume(), get_highest_refresh_rate_mode() and amdgpu_dm_commit_audio() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
598) Out-of-bounds read (CVE-ID: CVE-2024-36915)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nfc_llcp_setsockopt() function in net/nfc/llcp_sock.c. A local user can perform a denial of service (DoS) attack.
599) Out-of-bounds read (CVE-ID: CVE-2024-36916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iocg_kick_delay() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.
600) Buffer overflow (CVE-ID: CVE-2024-36917)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the blk_ioctl_discard() function in block/ioctl.c. A local user can escalate privileges on the system.
601) Input validation error (CVE-ID: CVE-2024-36918)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the test_fail_cases() function in tools/testing/selftests/bpf/prog_tests/bloom_filter_map.c, within the bloom_map_get_next_key() and bloom_map_check_btf() functions in kernel/bpf/bloom_filter.c. A local user can perform a denial of service (DoS) attack.
602) Improper locking (CVE-ID: CVE-2024-36919)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the bnx2fc_free_session_resc() function in drivers/scsi/bnx2fc/bnx2fc_tgt.c. A local user can perform a denial of service (DoS) attack.
603) Out-of-bounds read (CVE-ID: CVE-2024-36921)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iwl_mvm_mld_rm_sta() function in drivers/net/wireless/intel/iwlwifi/mvm/mld-sta.c. A local user can perform a denial of service (DoS) attack.
604) Improper locking (CVE-ID: CVE-2024-36922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the iwl_txq_reclaim() function in drivers/net/wireless/intel/iwlwifi/queue/tx.c. A local user can perform a denial of service (DoS) attack.
605) Use of uninitialized resource (CVE-ID: CVE-2024-36923)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the v9fs_evict_inode() function in fs/9p/vfs_inode.c. A local user can perform a denial of service (DoS) attack.
606) Improper locking (CVE-ID: CVE-2024-36924)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_set_rrq_active() and lpfc_sli_post_recovery_event() functions in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_dev_loss_tmo_callbk() function in drivers/scsi/lpfc/lpfc_hbadisc.c, within the lpfc_els_retry_delay() function in drivers/scsi/lpfc/lpfc_els.c. A local user can perform a denial of service (DoS) attack.
607) NULL pointer dereference (CVE-ID: CVE-2024-36926)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pci_dma_bus_setup_pSeriesLP() function in arch/powerpc/platforms/pseries/iommu.c. A local user can perform a denial of service (DoS) attack.
608) Resource management error (CVE-ID: CVE-2024-36928)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qeth_free_cq(), qeth_alloc_qdio_queues(), atomic_set(), qeth_free_qdio_queues() and qeth_qdio_poll() functions in drivers/s390/net/qeth_core_main.c. A local user can perform a denial of service (DoS) attack.
609) NULL pointer dereference (CVE-ID: CVE-2024-36930)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __spi_sync() function in drivers/spi/spi.c. A local user can perform a denial of service (DoS) attack.
610) Out-of-bounds read (CVE-ID: CVE-2024-36931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the crw_inject_write() function in drivers/s390/cio/cio_inject.c. A local user can perform a denial of service (DoS) attack.
611) Out-of-bounds read (CVE-ID: CVE-2024-36934)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bnad_debugfs_write_regrd() and bnad_debugfs_write_regwr() functions in drivers/net/ethernet/brocade/bna/bnad_debugfs.c. A local user can perform a denial of service (DoS) attack.
612) Out-of-bounds read (CVE-ID: CVE-2024-36935)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ice_debugfs_module_write(), ice_debugfs_nr_messages_write(), ice_debugfs_enable_write() and ice_debugfs_log_size_write() functions in drivers/net/ethernet/intel/ice/ice_debugfs.c. A local user can perform a denial of service (DoS) attack.
613) Improper locking (CVE-ID: CVE-2024-36936)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the list_del() function in drivers/firmware/efi/unaccepted_memory.c. A local user can perform a denial of service (DoS) attack.
614) NULL pointer dereference (CVE-ID: CVE-2024-36937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __xdp_do_redirect_frame(), EXPORT_SYMBOL_GPL(), xdp_do_generic_redirect_map() and xdp_do_generic_redirect() functions in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
615) NULL pointer dereference (CVE-ID: CVE-2024-36938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/skmsg.h. A local user can perform a denial of service (DoS) attack.
616) Double Free (CVE-ID: CVE-2024-36940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the pinctrl_enable() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.
617) Memory leak (CVE-ID: CVE-2024-36942)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qca_download_firmware() function in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.
618) Improper locking (CVE-ID: CVE-2024-36944)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qxl_fence_wait() function in drivers/gpu/drm/qxl/qxl_release.c. A local user can perform a denial of service (DoS) attack.
619) Information disclosure (CVE-ID: CVE-2024-36945)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the smc_ib_find_route() function in net/smc/smc_ib.c. A local user can gain access to sensitive information.
620) Buffer overflow (CVE-ID: CVE-2024-36946)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the rtm_phonet_notify() function in net/phonet/pn_netlink.c. A local user can escalate privileges on the system.
621) Memory leak (CVE-ID: CVE-2024-36947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the remove_device_files() function in drivers/infiniband/hw/qib/qib_fs.c. A local user can perform a denial of service (DoS) attack.
622) Improper locking (CVE-ID: CVE-2024-36949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kgd2kfd_suspend() and kgd2kfd_resume() functions in drivers/gpu/drm/amd/amdkfd/kfd_device.c. A local user can perform a denial of service (DoS) attack.
623) Improper error handling (CVE-ID: CVE-2024-36950)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bus_reset_work() and irq_handler() functions in drivers/firewire/ohci.c. A local user can perform a denial of service (DoS) attack.
624) Input validation error (CVE-ID: CVE-2024-36951)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the event_interrupt_wq_v9() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v9.c, within the event_interrupt_wq_v11() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v11.c, within the event_interrupt_wq_v10() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v10.c. A local user can perform a denial of service (DoS) attack.
625) Race condition (CVE-ID: CVE-2024-36952)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the lpfc_vport_delete() function in drivers/scsi/lpfc/lpfc_vport.c. A local user can escalate privileges on the system.
626) Memory leak (CVE-ID: CVE-2024-36955)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the is_link_enabled() function in sound/hda/intel-sdw-acpi.c. A local user can perform a denial of service (DoS) attack.
627) Off-by-one (CVE-ID: CVE-2024-36957)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the rvu_dbg_qsize_write() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c. A local user can perform a denial of service (DoS) attack.
628) Information disclosure (CVE-ID: CVE-2024-36959)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the pinctrl_dt_to_map() function in drivers/pinctrl/devicetree.c. A local user can gain access to sensitive information.
629) Out-of-bounds read (CVE-ID: CVE-2024-36960)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vmw_event_fence_action_create() function in drivers/gpu/drm/vmwgfx/vmwgfx_fence.c. A local user can perform a denial of service (DoS) attack.
630) Improper locking (CVE-ID: CVE-2024-36962)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ks8851_dbg_dumpkkt(), ks8851_rx_pkts() and ks8851_irq() functions in drivers/net/ethernet/micrel/ks8851_common.c. A local user can perform a denial of service (DoS) attack.
631) Improper privilege management (CVE-ID: CVE-2024-36964)
The vulnerability allows a local user to read and manipulate data.
The vulnerability exists due to improperly imposed permissions within the p9mode2perm() function in fs/9p/vfs_inode.c. A local user can read and manipulate data.
632) Buffer overflow (CVE-ID: CVE-2024-36965)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the scp_elf_read_ipi_buf_addr() and scp_ipi_init() functions in drivers/remoteproc/mtk_scp.c. A local user can escalate privileges on the system.
633) Memory leak (CVE-ID: CVE-2024-36967)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tpm2_key_encode() function in security/keys/trusted-keys/trusted_tpm2.c. A local user can perform a denial of service (DoS) attack.
634) Division by zero (CVE-ID: CVE-2024-36969)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the setup_dsc_config() function in drivers/gpu/drm/amd/display/dc/dsc/dc_dsc.c. A local user can perform a denial of service (DoS) attack.
635) Use-after-free (CVE-ID: CVE-2024-36971)
The vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to a use-after-free error within the xfrm_link_failure() function in net/xfrm/xfrm_policy.c, within the dst_entry ip6_dst_check() and ip6_dst_check() functions in net/ipv6/route.c, within the dst_entry ipv4_dst_check() and ip_do_redirect() functions in net/ipv4/route.c. A remote attacker can send specially crafted packets to the system and execute arbitrary code.
Note, the vulnerability is being actively exploited in the wild.
636) Out-of-bounds read (CVE-ID: CVE-2024-36972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the queue_oob(), unix_stream_recv_urg() and manage_oob() functions in net/unix/af_unix.c. A local user can perform a denial of service (DoS) attack.
637) Double free (CVE-ID: CVE-2024-36973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the gp_aux_bus_probe(), auxiliary_device_uninit() and kfree() functions in drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gp.c. A local user can perform a denial of service (DoS) attack.
638) Race condition (CVE-ID: CVE-2024-36975)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the tpm2_key_encode() function in security/keys/trusted-keys/trusted_tpm2.c. A local user can perform a denial of service (DoS) attack.
639) Improper locking (CVE-ID: CVE-2024-36977)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __dwc3_gadget_get_frame() and __dwc3_stop_active_transfer() functions in drivers/usb/dwc3/gadget.c. A local user can perform a denial of service (DoS) attack.
640) Out-of-bounds read (CVE-ID: CVE-2024-36978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the multiq_tune() function in net/sched/sch_multiq.c. A local user can perform a denial of service (DoS) attack.
641) NULL pointer dereference (CVE-ID: CVE-2024-37021)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ATTRIBUTE_GROUPS(), fpga_mgr_dev_match(), EXPORT_SYMBOL_GPL(), fpga_mgr_unlock(), fpga_mgr_register_full(), ERR_PTR(), fpga_mgr_register(), devm_fpga_mgr_unregister(), devm_fpga_mgr_register_full() and devm_fpga_mgr_register() functions in drivers/fpga/fpga-mgr.c, within the fpga_mgr_register() and fpga_mgr_register_full() functions in Documentation/driver-api/fpga/fpga-mgr.rst. A local user can perform a denial of service (DoS) attack.
642) Improper locking (CVE-ID: CVE-2024-37078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_segctor_prepare_write() function in fs/nilfs2/segment.c. A local user can perform a denial of service (DoS) attack.
643) Resource management error (CVE-ID: CVE-2024-37353)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vp_find_vqs_msix() function in drivers/virtio/virtio_pci_common.c. A local user can perform a denial of service (DoS) attack.
644) Race condition (CVE-ID: CVE-2024-37354)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the btrfs_log_prealloc_extents() function in fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.
645) Use of uninitialized resource (CVE-ID: CVE-2024-38381)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nci_core_ntf_packet() and nci_rx_work() functions in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.
646) Infinite loop (CVE-ID: CVE-2024-38384)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the __blkcg_rstat_flush() function in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
647) Use-after-free (CVE-ID: CVE-2024-38385)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the irq_find_free_area() function in kernel/irq/irqdesc.c. A local user can escalate privileges on the system.
648) Memory leak (CVE-ID: CVE-2024-38388)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wmfw_convert_flags(), hda_cs_dsp_add_kcontrol(), hda_cs_dsp_control_add() and hda_cs_dsp_control_remove() functions in sound/pci/hda/hda_cs_dsp_ctl.c. A local user can perform a denial of service (DoS) attack.
649) NULL pointer dereference (CVE-ID: CVE-2024-38390)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the a6xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a6xx_gpu.c. A local user can perform a denial of service (DoS) attack.
650) Memory leak (CVE-ID: CVE-2024-38391)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cxl_pmem_region_alloc() function in drivers/cxl/core/region.c. A local user can perform a denial of service (DoS) attack.
651) Memory leak (CVE-ID: CVE-2024-38539)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cma_validate_port() function in drivers/infiniband/core/cma.c. A local user can perform a denial of service (DoS) attack.
652) Out-of-bounds read (CVE-ID: CVE-2024-38540)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bnxt_qplib_create_qp() function in drivers/infiniband/hw/bnxt_re/qplib_fp.c. A local user can perform a denial of service (DoS) attack.
653) Buffer overflow (CVE-ID: CVE-2024-38541)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the of_modalias() function in drivers/of/module.c. A local user can escalate privileges on the system.
654) NULL pointer dereference (CVE-ID: CVE-2024-38543)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dmirror_device_evict_chunk() function in lib/test_hmm.c. A local user can perform a denial of service (DoS) attack.
655) Buffer overflow (CVE-ID: CVE-2024-38544)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rxe_comp_queue_pkt() function in drivers/infiniband/sw/rxe/rxe_comp.c. A local user can perform a denial of service (DoS) attack.
656) NULL pointer dereference (CVE-ID: CVE-2024-38546)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vc4_hdmi_audio_init() function in drivers/gpu/drm/vc4/vc4_hdmi.c. A local user can perform a denial of service (DoS) attack.
657) NULL pointer dereference (CVE-ID: CVE-2024-38547)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the load_video_binaries() function in drivers/staging/media/atomisp/pci/sh_css.c. A local user can perform a denial of service (DoS) attack.
658) NULL pointer dereference (CVE-ID: CVE-2024-38548)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cdns_mhdp_atomic_enable() function in drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c. A local user can perform a denial of service (DoS) attack.
659) Resource management error (CVE-ID: CVE-2024-38549)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mtk_drm_gem_init() function in drivers/gpu/drm/mediatek/mtk_drm_gem.c. A local user can perform a denial of service (DoS) attack.
660) NULL pointer dereference (CVE-ID: CVE-2024-38550)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the kirkwood_dma_hw_params() function in sound/soc/kirkwood/kirkwood-dma.c. A local user can perform a denial of service (DoS) attack.
661) NULL pointer dereference (CVE-ID: CVE-2024-38551)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the set_card_codec_info() function in sound/soc/mediatek/common/mtk-soundcard-driver.c. A local user can perform a denial of service (DoS) attack.
662) Out-of-bounds read (CVE-ID: CVE-2024-38552)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm_helper_translate_curve_to_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c. A local user can perform a denial of service (DoS) attack.
663) Improper locking (CVE-ID: CVE-2024-38553)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fec_set_mac_address() function in drivers/net/ethernet/freescale/fec_main.c. A local user can perform a denial of service (DoS) attack.
664) Memory leak (CVE-ID: CVE-2024-38554)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ax25_dev_device_down() function in net/ax25/ax25_dev.c. A local user can perform a denial of service (DoS) attack.
665) Use-after-free (CVE-ID: CVE-2024-38555)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cmd_comp_notifier() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can escalate privileges on the system.
666) Out-of-bounds read (CVE-ID: CVE-2024-38556)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cmd_work_handler(), wait_func() and mlx5_cmd_invoke() functions in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.
667) Improper locking (CVE-ID: CVE-2024-38557)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the enable_mpesw() and mlx5_lag_add_devices() functions in drivers/net/ethernet/mellanox/mlx5/core/lag/mpesw.c, within the mlx5_disable_lag() and mlx5_do_bond() functions in drivers/net/ethernet/mellanox/mlx5/core/lag/lag.c, within the esw_offloads_cleanup(), mlx5_esw_offloads_rep_load(), esw_destroy_offloads_acl_tables() and mlx5_eswitch_reload_reps() functions in drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c. A local user can perform a denial of service (DoS) attack.
668) Input validation error (CVE-ID: CVE-2024-38558)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when parsing ICMPv6 packets within the parse_icmpv6() function in net/openvswitch/flow.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
669) Out-of-bounds read (CVE-ID: CVE-2024-38562)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nl80211_trigger_scan() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
670) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-38564)
The vulnerability allows a local user to bypass certain security restrictions.
The vulnerability exists due to improper checks within with bpf_prog_attach_check_attach_type() function in kernel/bpf/syscall.c. A local user can bypass certain security restrictions.
671) Resource management error (CVE-ID: CVE-2024-38565)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ar5523_probe() function in drivers/net/wireless/ath/ar5523/ar5523.c. A local user can perform a denial of service (DoS) attack.
672) NULL pointer dereference (CVE-ID: CVE-2024-38566)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the real_bind() function in tools/testing/selftests/bpf/progs/lsm_cgroup.c, within the BPF_PROG() function in tools/testing/selftests/bpf/progs/local_storage.c, within the SEC() function in tools/testing/selftests/bpf/progs/bench_local_storage_create.c, within the mark_btf_ld_reg(), check_map_kptr_access(), is_trusted_reg(), bpf_map_direct_read(), BTF_TYPE_SAFE_TRUSTED(), type_is_trusted() and check_ptr_to_btf_access() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
673) Input validation error (CVE-ID: CVE-2024-38567)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the carl9170_usb_probe() function in drivers/net/wireless/ath/carl9170/usb.c. A local user can perform a denial of service (DoS) attack.
674) Out-of-bounds read (CVE-ID: CVE-2024-38568)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hns3_pmu_validate_event_group() function in drivers/perf/hisilicon/hns3_pmu.c. A local user can perform a denial of service (DoS) attack.
675) Out-of-bounds read (CVE-ID: CVE-2024-38569)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hisi_pcie_pmu_validate_event_group() function in drivers/perf/hisilicon/hisi_pcie_pmu.c. A local user can perform a denial of service (DoS) attack.
676) Use-after-free (CVE-ID: CVE-2024-38570)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gfs2_gl_hash_clear() function in fs/gfs2/super.c, within the init_sbd() function in fs/gfs2/ops_fstype.c, within the gdlm_ast(), gdlm_bast() and gdlm_put_lock() functions in fs/gfs2/lock_dlm.c, within the glock_blocked_by_withdraw() and gfs2_gl_hash_clear() functions in fs/gfs2/glock.c. A local user can escalate privileges on the system.
677) NULL pointer dereference (CVE-ID: CVE-2024-38571)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the compute_intercept_slope() function in drivers/thermal/qcom/tsens.c. A local user can perform a denial of service (DoS) attack.
678) Out-of-bounds read (CVE-ID: CVE-2024-38572)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sizeof() function in drivers/net/wireless/ath/ath12k/qmi.c. A local user can perform a denial of service (DoS) attack.
679) NULL pointer dereference (CVE-ID: CVE-2024-38573)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() functions in drivers/cpufreq/cppc_cpufreq.c. A local user can perform a denial of service (DoS) attack.
680) NULL pointer dereference (CVE-ID: CVE-2024-38575)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the brcmf_pcie_provide_random_bytes() and brcmf_pcie_download_fw_nvram() functions in drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c. A local user can perform a denial of service (DoS) attack.
681) Out-of-bounds read (CVE-ID: CVE-2024-38578)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the write_tag_66_packet() function in fs/ecryptfs/keystore.c. A local user can perform a denial of service (DoS) attack.
682) Buffer overflow (CVE-ID: CVE-2024-38579)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the spu2_dump_omd() function in drivers/crypto/bcm/spu2.c. A local user can perform a denial of service (DoS) attack.
683) Improper locking (CVE-ID: CVE-2024-38580)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __ep_eventpoll_poll() function in fs/eventpoll.c. A local user can perform a denial of service (DoS) attack.
684) Use-after-free (CVE-ID: CVE-2024-38581)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the amdgpu_mes_remove_ring() function in drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c. A local user can escalate privileges on the system.
685) Improper locking (CVE-ID: CVE-2024-38582)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_segctor_sync(), nilfs_segctor_wakeup(), nilfs_segctor_notify() and nilfs_segctor_destroy() functions in fs/nilfs2/segment.c. A local user can perform a denial of service (DoS) attack.
686) Use-after-free (CVE-ID: CVE-2024-38583)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_segctor_start_timer(), nilfs_construct_dsync_segment(), nilfs_segctor_notify(), nilfs_segctor_thread(), nilfs_segctor_new() and nilfs_segctor_destroy() functions in fs/nilfs2/segment.c. A local user can escalate privileges on the system.
687) Buffer overflow (CVE-ID: CVE-2024-38586)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rtl8169_doorbell() and rtl8169_start_xmit() functions in drivers/net/ethernet/realtek/r8169_main.c. A local user can perform a denial of service (DoS) attack.
688) Out-of-bounds read (CVE-ID: CVE-2024-38587)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_word() function in drivers/staging/speakup/main.c. A local user can perform a denial of service (DoS) attack.
689) Use-after-free (CVE-ID: CVE-2024-38588)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lookup_rec(), ftrace_location_range(), ftrace_process_locs(), ftrace_release_mod() and ftrace_free_mem() functions in kernel/trace/ftrace.c. A local user can escalate privileges on the system.
690) Resource management error (CVE-ID: CVE-2024-38590)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the get_cqe_status() function in drivers/infiniband/hw/hns/hns_roce_hw_v2.c. A local user can perform a denial of service (DoS) attack.
691) Improper locking (CVE-ID: CVE-2024-38591)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the alloc_srqc() and free_srqc() functions in drivers/infiniband/hw/hns/hns_roce_srq.c. A local user can perform a denial of service (DoS) attack.
692) Improper Initialization (CVE-ID: CVE-2024-38592)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the mtk_drm_crtc_create() function in drivers/gpu/drm/mediatek/mtk_drm_crtc.c. A local user can perform a denial of service (DoS) attack.
693) Improper locking (CVE-ID: CVE-2024-38594)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tc_taprio_configure() function in drivers/net/ethernet/stmicro/stmmac/stmmac_tc.c, within the stmmac_adjust_time() function in drivers/net/ethernet/stmicro/stmmac/stmmac_ptp.c. A local user can perform a denial of service (DoS) attack.
694) Improper locking (CVE-ID: CVE-2024-38595)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5_sf_dev_probe() function in drivers/net/ethernet/mellanox/mlx5/core/sf/dev/driver.c, within the mlx5_init_one_light() function in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.
695) Improper locking (CVE-ID: CVE-2024-38597)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gem_interrupt() and gem_init_one() functions in drivers/net/ethernet/sun/sungem.c. A local user can perform a denial of service (DoS) attack.
696) Out-of-bounds read (CVE-ID: CVE-2024-38598)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __acquires() function in drivers/md/md-bitmap.c. A local user can perform a denial of service (DoS) attack.
697) Out-of-bounds read (CVE-ID: CVE-2024-38599)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_jffs2_setxattr() function in fs/jffs2/xattr.c. A local user can perform a denial of service (DoS) attack.
698) Improper locking (CVE-ID: CVE-2024-38600)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_card_disconnect() function in sound/core/init.c. A local user can perform a denial of service (DoS) attack.
699) Infinite loop (CVE-ID: CVE-2024-38601)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the rb_check_list() and ring_buffer_resize() functions in kernel/trace/ring_buffer.c. A local user can perform a denial of service (DoS) attack.
700) Memory leak (CVE-ID: CVE-2024-38602)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ax25_addr_ax25dev(), ax25_dev_device_up() and ax25_dev_device_down() functions in net/ax25/ax25_dev.c. A local user can perform a denial of service (DoS) attack.
701) Memory leak (CVE-ID: CVE-2024-38603)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hns3_pmu_irq_register() function in drivers/perf/hisilicon/hns3_pmu.c. A local user can perform a denial of service (DoS) attack.
702) Resource management error (CVE-ID: CVE-2024-38604)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the blkdev_iomap_begin() function in block/fops.c. A local user can perform a denial of service (DoS) attack.
703) NULL pointer dereference (CVE-ID: CVE-2024-38605)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_card_new() function in sound/core/init.c. A local user can perform a denial of service (DoS) attack.
704) NULL pointer dereference (CVE-ID: CVE-2024-38608)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5e_resume(), _mlx5e_suspend(), mlx5e_suspend(), _mlx5e_probe() and _mlx5e_remove() functions in drivers/net/ethernet/mellanox/mlx5/core/en_main.c. A local user can perform a denial of service (DoS) attack.
705) Use-after-free (CVE-ID: CVE-2024-38610)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the acrn_vm_memseg_unmap() and acrn_vm_ram_map() functions in drivers/virt/acrn/mm.c. A local user can escalate privileges on the system.
706) Memory leak (CVE-ID: CVE-2024-38611)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the et8ek8_remove() and __exit_p() functions in drivers/media/i2c/et8ek8/et8ek8_driver.c. A local user can perform a denial of service (DoS) attack.
707) Input validation error (CVE-ID: CVE-2024-38615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __cpufreq_offline() and cpufreq_remove_dev() functions in drivers/cpufreq/cpufreq.c. A local user can perform a denial of service (DoS) attack.
708) Buffer overflow (CVE-ID: CVE-2024-38616)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the carl9170_tx_release() function in drivers/net/wireless/ath/carl9170/tx.c. A local user can perform a denial of service (DoS) attack.
709) Buffer overflow (CVE-ID: CVE-2024-38617)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the DEFINE_ALLOC_SIZE_TEST_PAIR() function in lib/fortify_kunit.c. A local user can perform a denial of service (DoS) attack.
710) Input validation error (CVE-ID: CVE-2024-38618)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the snd_timer_start1() function in sound/core/timer.c. A local user can perform a denial of service (DoS) attack.
711) Use of uninitialized resource (CVE-ID: CVE-2024-38619)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the short_pack() and alauda_check_media() functions in drivers/usb/storage/alauda.c. A local user can perform a denial of service (DoS) attack.
712) Out-of-bounds read (CVE-ID: CVE-2024-38621)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the stk1160_buffer_done() and stk1160_copy_video() functions in drivers/media/usb/stk1160/stk1160-video.c. A local user can perform a denial of service (DoS) attack.
713) NULL pointer dereference (CVE-ID: CVE-2024-38622)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpu_core_irq_callback_handler() function in drivers/gpu/drm/msm/disp/dpu1/dpu_hw_interrupts.c. A local user can perform a denial of service (DoS) attack.
714) Double free (CVE-ID: CVE-2024-38627)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the stm_register_device() function in drivers/hwtracing/stm/core.c. A local user can perform a denial of service (DoS) attack.
715) Improper locking (CVE-ID: CVE-2024-38628)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the free_ep_fback(), u_audio_set_volume(), u_audio_set_mute() and g_audio_setup() functions in drivers/usb/gadget/function/u_audio.c. A local user can perform a denial of service (DoS) attack.
716) Use-after-free (CVE-ID: CVE-2024-38629)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the idxd_wq_del_cdev() function in drivers/dma/idxd/cdev.c. A local user can escalate privileges on the system.
717) Use-after-free (CVE-ID: CVE-2024-38630)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cpu5wdt_exit() function in drivers/watchdog/cpu5wdt.c. A local user can escalate privileges on the system.
718) NULL pointer dereference (CVE-ID: CVE-2024-38633)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the max3100_probe() and max3100_remove() functions in drivers/tty/serial/max3100.c. A local user can perform a denial of service (DoS) attack.
719) Improper locking (CVE-ID: CVE-2024-38634)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the max3100_sr() and max3100_handlerx() functions in drivers/tty/serial/max3100.c. A local user can perform a denial of service (DoS) attack.
720) Out-of-bounds read (CVE-ID: CVE-2024-38635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sdw_cdns_alloc_pdi() function in drivers/soundwire/cadence_master.c. A local user can perform a denial of service (DoS) attack.
721) Buffer overflow (CVE-ID: CVE-2024-38636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the f2fs_iomap_begin() function in fs/f2fs/data.c. A local user can perform a denial of service (DoS) attack.
722) Out-of-bounds read (CVE-ID: CVE-2024-38659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the enic_set_vf_port() function in drivers/net/ethernet/cisco/enic/enic_main.c. A local user can perform a denial of service (DoS) attack.
723) Improper locking (CVE-ID: CVE-2024-38661)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hex2bitmap() function in drivers/s390/crypto/ap_bus.c. A local user can perform a denial of service (DoS) attack.
724) Buffer overflow (CVE-ID: CVE-2024-38663)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the spin_unlock_irq(), blkcg_reset_stats() and blkg_conf_exit() functions in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
725) Improper locking (CVE-ID: CVE-2024-38664)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the zynqmp_dpsub_probe() and zynqmp_dpsub_remove() functions in drivers/gpu/drm/xlnx/zynqmp_dpsub.c. A local user can perform a denial of service (DoS) attack.
726) Improper locking (CVE-ID: CVE-2024-38780)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sync_print_obj() function in drivers/dma-buf/sync_debug.c. A local user can perform a denial of service (DoS) attack.
727) Memory leak (CVE-ID: CVE-2024-39276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_xattr_block_cache_find() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
728) Out-of-bounds read (CVE-ID: CVE-2024-39277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_map_benchmark() function in kernel/dma/map_benchmark.c. A local user can perform a denial of service (DoS) attack.
729) Buffer overflow (CVE-ID: CVE-2024-39291)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the gfx_v9_4_3_init_microcode() function in drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c. A local user can escalate privileges on the system.
730) Resource management error (CVE-ID: CVE-2024-39296)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bonding_init() and bonding_exit() functions in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
731) Use of uninitialized resource (CVE-ID: CVE-2024-39301)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the p9_fcall_init() function in net/9p/client.c. A local user can perform a denial of service (DoS) attack.
732) Improper locking (CVE-ID: CVE-2024-39362)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the i2c_acpi_find_client_by_adev() and i2c_acpi_notify() functions in drivers/i2c/i2c-core-acpi.c. A local user can perform a denial of service (DoS) attack.
733) NULL pointer dereference (CVE-ID: CVE-2024-39371)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the io_ring_buffer_select() function in io_uring/kbuf.c. A local user can perform a denial of service (DoS) attack.
734) Use-after-free (CVE-ID: CVE-2024-39463)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the v9fs_cached_dentry_delete() function in fs/9p/vfs_dentry.c. A local user can escalate privileges on the system.
735) NULL pointer dereference (CVE-ID: CVE-2024-39466)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lmh_probe() function in drivers/thermal/qcom/lmh.c. A local user can perform a denial of service (DoS) attack.
736) Improper locking (CVE-ID: CVE-2024-39468)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smb2_find_smb_tcon() function in fs/smb/client/smb2transport.c. A local user can perform a denial of service (DoS) attack.
737) Improper error handling (CVE-ID: CVE-2024-39469)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nilfs_empty_dir() function in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
738) Out-of-bounds read (CVE-ID: CVE-2024-39471)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sdma_v4_0_process_trap_irq() function in drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c. A local user can perform a denial of service (DoS) attack.
739) Out-of-bounds read (CVE-ID: CVE-2024-39472)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the xlog_do_recovery_pass() function in fs/xfs/xfs_log_recover.c. A local user can perform a denial of service (DoS) attack.
740) NULL pointer dereference (CVE-ID: CVE-2024-39473)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sof_ipc4_get_input_pin_audio_fmt() function in sound/soc/sof/ipc4-topology.c. A local user can perform a denial of service (DoS) attack.
741) NULL pointer dereference (CVE-ID: CVE-2024-39474)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vm_area_alloc_pages() function in mm/vmalloc.c. A local user can perform a denial of service (DoS) attack.
742) Division by zero (CVE-ID: CVE-2024-39475)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the savagefb_probe() function in drivers/video/fbdev/savage/savagefb_driver.c. A local user can perform a denial of service (DoS) attack.
743) Use-after-free (CVE-ID: CVE-2024-39479)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the i915_hwmon_register() function in drivers/gpu/drm/i915/i915_hwmon.c. A local user can escalate privileges on the system.
744) Input validation error (CVE-ID: CVE-2024-39481)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the media_pipeline_explore_next_link() function in drivers/media/mc/mc-entity.c. A local user can perform a denial of service (DoS) attack.
745) Out-of-bounds read (CVE-ID: CVE-2024-39482)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bch_dirty_init_thread() and bch_sectors_dirty_init() functions in drivers/md/bcache/writeback.c, within the bch_root_usage() function in drivers/md/bcache/sysfs.c, within the bch_cache_set_alloc() function in drivers/md/bcache/super.c, within the btree_gc_mark_node(), btree_gc_rewrite_node(), btree_gc_recurse(), bch_btree_check_recurse(), bch_btree_check_thread(), bch_btree_check(), bch_btree_map_nodes_recurse() and bch_btree_map_keys_recurse() functions in drivers/md/bcache/btree.c, within the bch_dump_bucket(), __bch_check_keys(), bch_btree_insert_key(), bch_btree_iter_push(), bch_btree_sort_partial() and bch_btree_sort_into() functions in drivers/md/bcache/bset.c. A local user can perform a denial of service (DoS) attack.
746) Out-of-bounds read (CVE-ID: CVE-2024-39487)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bond_option_arp_ip_targets_set() function in drivers/net/bonding/bond_options.c. A local user can perform a denial of service (DoS) attack.
747) Memory leak (CVE-ID: CVE-2024-39490)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the seg6_input_core() function in net/ipv6/seg6_iptunnel.c. A local user can perform a denial of service (DoS) attack.
748) Use-after-free (CVE-ID: CVE-2024-39494)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ima_eventname_init_common() function in security/integrity/ima/ima_template_lib.c, within the ima_collect_measurement() and ima_d_path() functions in security/integrity/ima/ima_api.c. A local user can escalate privileges on the system.
749) Use-after-free (CVE-ID: CVE-2024-39496)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_load_zone_info() function in fs/btrfs/zoned.c. A local user can escalate privileges on the system.
750) NULL pointer dereference (CVE-ID: CVE-2024-39498)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nv50_msto_cleanup() function in drivers/gpu/drm/nouveau/dispnv50/disp.c, within the intel_mst_enable_dp() function in drivers/gpu/drm/i915/display/intel_dp_mst.c, within the EXPORT_SYMBOL() function in drivers/gpu/drm/display/drm_dp_mst_topology.c, within the dm_helpers_dp_mst_send_payload_allocation() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c. A local user can perform a denial of service (DoS) attack.
751) NULL pointer dereference (CVE-ID: CVE-2024-39502)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ionic_qcq_enable() function in drivers/net/ethernet/pensando/ionic/ionic_lif.c. A local user can perform a denial of service (DoS) attack.
752) NULL pointer dereference (CVE-ID: CVE-2024-39504)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nft_payload_inner_init() function in net/netfilter/nft_payload.c, within the nft_meta_inner_init() function in net/netfilter/nft_meta.c. A local user can perform a denial of service (DoS) attack.
753) Improper locking (CVE-ID: CVE-2024-39507)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hclge_push_link_status(), hclge_update_link_status(), hclge_uninit_need_wait() and hclge_uninit_client_instance() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.
754) Out-of-bounds read (CVE-ID: CVE-2024-40901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mpt3sas_base_attach() and _base_check_ioc_facts_changes() functions in drivers/scsi/mpt3sas/mpt3sas_base.c. A local user can perform a denial of service (DoS) attack.
755) Memory leak (CVE-ID: CVE-2024-40906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5_function_teardown() function in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.
756) Input validation error (CVE-ID: CVE-2024-40908)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __bpf_prog_test_run_raw_tp() function in net/bpf/test_run.c. A local user can perform a denial of service (DoS) attack.
757) NULL pointer dereference (CVE-ID: CVE-2024-40919)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __hwrm_send() function in drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c. A local user can perform a denial of service (DoS) attack.
758) Improper error handling (CVE-ID: CVE-2024-40923)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the vmxnet3_rq_destroy_all_rxdataring() function in drivers/net/vmxnet3/vmxnet3_drv.c. A local user can perform a denial of service (DoS) attack.
759) Improper Initialization (CVE-ID: CVE-2024-40925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the blk_flush_complete_seq() and flush_end_io() functions in block/blk-flush.c. A local user can perform a denial of service (DoS) attack.
760) NULL pointer dereference (CVE-ID: CVE-2024-40928)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ethtool_get_phy_stats_ethtool() function in net/ethtool/ioctl.c. A local user can perform a denial of service (DoS) attack.
761) Use of uninitialized resource (CVE-ID: CVE-2024-40931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
762) Use-after-free (CVE-ID: CVE-2024-40935)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cachefiles_daemon_open() function in fs/cachefiles/daemon.c. A local user can escalate privileges on the system.
763) Double free (CVE-ID: CVE-2024-40937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the gve_rx_skb_hash() and gve_rx_poll_dqo() functions in drivers/net/ethernet/google/gve/gve_rx_dqo.c. A local user can perform a denial of service (DoS) attack.
764) Input validation error (CVE-ID: CVE-2024-40940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5_lag_create_port_sel_table() function in drivers/net/ethernet/mellanox/mlx5/core/lag/port_sel.c. A local user can perform a denial of service (DoS) attack.
765) Use-after-free (CVE-ID: CVE-2024-40947)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smack_post_notification() function in security/smack/smack_lsm.c, within the selinux_audit_rule_free() and selinux_audit_rule_init() functions in security/selinux/ss/services.c, within the security_key_getsecurity() function in security/security.c, within the ima_free_rule(), ima_lsm_copy_rule(), ima_lsm_update_rule() and ima_lsm_rule_init() functions in security/integrity/ima/ima_policy.c, within the aa_audit_rule_free() and aa_audit_rule_init() functions in security/apparmor/audit.c, within the audit_data_to_entry() and audit_dupe_lsm_field() functions in kernel/auditfilter.c. A local user can escalate privileges on the system.
766) Input validation error (CVE-ID: CVE-2024-40948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the page_table_check_clear(), page_table_check_set() and __page_table_check_zero() functions in mm/page_table_check.c. A local user can perform a denial of service (DoS) attack.
767) Out-of-bounds read (CVE-ID: CVE-2024-40953)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the kvm_vcpu_on_spin() function in virt/kvm/kvm_main.c. A local user can perform a denial of service (DoS) attack.
768) NULL pointer dereference (CVE-ID: CVE-2024-40960)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt6_probe() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
769) NULL pointer dereference (CVE-ID: CVE-2024-40961)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fib6_nh_init() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
770) Improper locking (CVE-ID: CVE-2024-40966)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the con_cleanup() function in drivers/tty/vt/vt.c, within the tty_set_ldisc() function in drivers/tty/tty_ldisc.c. A local user can perform a denial of service (DoS) attack.
771) Resource management error (CVE-ID: CVE-2024-40970)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the axi_desc_alloc(), axi_desc_get() and axi_chan_block_xfer_complete() functions in drivers/dma/dw-axi-dmac/dw-axi-dmac-platform.c. A local user can perform a denial of service (DoS) attack.
772) Improper locking (CVE-ID: CVE-2024-40972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_xattr_set_entry(), iput(), ext4_xattr_block_set() and ext4_xattr_ibody_set() functions in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
773) Resource management error (CVE-ID: CVE-2024-40975)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the x86_android_tablet_remove() function in drivers/platform/x86/x86-android-tablets/core.c. A local user can perform a denial of service (DoS) attack.
774) Memory leak (CVE-ID: CVE-2024-40979)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath12k_qmi_free_target_mem_chunk(), ath12k_qmi_alloc_target_mem_chunk() and ath12k_qmi_m3_load() functions in drivers/net/wireless/ath/ath12k/qmi.c, within the ath12k_core_reset() function in drivers/net/wireless/ath/ath12k/core.c. A local user can perform a denial of service (DoS) attack.
775) Improper locking (CVE-ID: CVE-2024-40998)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __ext4_fill_super() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
776) Input validation error (CVE-ID: CVE-2024-40999)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ena_com_cdesc_rx_pkt_get() and ena_com_rx_pkt() functions in drivers/net/ethernet/amazon/ena/ena_eth_com.c. A local user can perform a denial of service (DoS) attack.
777) Memory leak (CVE-ID: CVE-2024-41006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nr_heartbeat_expiry() function in net/netrom/nr_timer.c. A local user can perform a denial of service (DoS) attack.
778) Input validation error (CVE-ID: CVE-2024-41011)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the kfd_ioctl_alloc_memory_of_gpu(), criu_restore_memory_of_gpu() and kfd_mmio_mmap() functions in drivers/gpu/drm/amd/amdkfd/kfd_chardev.c. A local user can perform a denial of service (DoS) attack.
779) Out-of-bounds read (CVE-ID: CVE-2024-41013)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __xfs_dir3_data_check() function in fs/xfs/libxfs/xfs_dir2_data.c. A local user can perform a denial of service (DoS) attack.
780) Out-of-bounds read (CVE-ID: CVE-2024-41014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the xlog_recover_process_data() function in fs/xfs/xfs_log_recover.c. A local user can perform a denial of service (DoS) attack.
781) Input validation error (CVE-ID: CVE-2024-41017)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __jfs_getxattr() and jfs_listxattr() functions in fs/jfs/xattr.c. A local user can perform a denial of service (DoS) attack.
782) Out-of-bounds read (CVE-ID: CVE-2024-41090)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tap_get_user_xdp() function in drivers/net/tap.c. A local user can perform a denial of service (DoS) attack.
783) Out-of-bounds read (CVE-ID: CVE-2024-41091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tun_xdp_one() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.