SB2024091144 - Ubuntu update for linux
Published: September 11, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 220 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2024-23848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. A local user can perform a denial of service (DoS) attack.
2) Buffer overflow (CVE-ID: CVE-2024-40902)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ea_get() function in fs/jfs/xattr.c. A local user can escalate privileges on the system.
3) NULL pointer dereference (CVE-ID: CVE-2024-40911)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cfg80211_get_station() function in net/wireless/util.c. A local user can perform a denial of service (DoS) attack.
4) Out-of-bounds read (CVE-ID: CVE-2024-37356)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the net/ipv4/tcp_dctcp.c. A local user can perform a denial of service (DoS) attack.
5) Use-after-free (CVE-ID: CVE-2024-40935)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cachefiles_daemon_open() function in fs/cachefiles/daemon.c. A local user can escalate privileges on the system.
6) Input validation error (CVE-ID: CVE-2024-40944)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the machine_kexec_cleanup() and machine_kexec() functions in arch/x86/kernel/machine_kexec_64.c. A local user can perform a denial of service (DoS) attack.
7) Resource management error (CVE-ID: CVE-2024-41003)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the check_cond_jmp_op() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
8) Input validation error (CVE-ID: CVE-2024-40990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5_ib_create_srq() function in drivers/infiniband/hw/mlx5/srq.c. A local user can perform a denial of service (DoS) attack.
9) NULL pointer dereference (CVE-ID: CVE-2024-40952)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ocfs2_journal_dirty() function in fs/ocfs2/journal.c. A local user can perform a denial of service (DoS) attack.
10) Input validation error (CVE-ID: CVE-2024-40940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5_lag_create_port_sel_table() function in drivers/net/ethernet/mellanox/mlx5/core/lag/port_sel.c. A local user can perform a denial of service (DoS) attack.
11) Input validation error (CVE-ID: CVE-2024-40930)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cfg80211_6ghz_power_type_valid() function in net/wireless/scan.c. A local user can perform a denial of service (DoS) attack.
12) Memory leak (CVE-ID: CVE-2024-40985)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tcp_ao_info_cmd() function in net/ipv4/tcp_ao.c. A local user can perform a denial of service (DoS) attack.
13) Buffer overflow (CVE-ID: CVE-2024-40941)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the iwl_mvm_mfu_assert_dump_notif() function in drivers/net/wireless/intel/iwlwifi/mvm/fw.c. A local user can perform a denial of service (DoS) attack.
14) Use-after-free (CVE-ID: CVE-2024-38630)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cpu5wdt_exit() function in drivers/watchdog/cpu5wdt.c. A local user can escalate privileges on the system.
15) NULL pointer dereference (CVE-ID: CVE-2024-39466)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lmh_probe() function in drivers/thermal/qcom/lmh.c. A local user can perform a denial of service (DoS) attack.
16) NULL pointer dereference (CVE-ID: CVE-2024-40933)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx90635_probe() function in drivers/iio/temperature/mlx90635.c. A local user can perform a denial of service (DoS) attack.
17) Integer overflow (CVE-ID: CVE-2024-38624)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the log_read_rst() function in fs/ntfs3/fslog.c. A local user can execute arbitrary code.
18) Buffer overflow (CVE-ID: CVE-2024-40924)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/gpu/drm/i915/gem/i915_gem_object.h. A local user can perform a denial of service (DoS) attack.
19) NULL pointer dereference (CVE-ID: CVE-2024-40945)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/iommu.h. A local user can perform a denial of service (DoS) attack.
20) Use-after-free (CVE-ID: CVE-2024-40899)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cachefiles_req_put(), cachefiles_ondemand_daemon_read() and cachefiles_ondemand_send_req() functions in fs/cachefiles/ondemand.c. A local user can escalate privileges on the system.
21) NULL pointer dereference (CVE-ID: CVE-2024-38622)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpu_core_irq_callback_handler() function in drivers/gpu/drm/msm/disp/dpu1/dpu_hw_interrupts.c. A local user can perform a denial of service (DoS) attack.
22) Memory leak (CVE-ID: CVE-2024-40979)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath12k_qmi_free_target_mem_chunk(), ath12k_qmi_alloc_target_mem_chunk() and ath12k_qmi_m3_load() functions in drivers/net/wireless/ath/ath12k/qmi.c, within the ath12k_core_reset() function in drivers/net/wireless/ath/ath12k/core.c. A local user can perform a denial of service (DoS) attack.
23) Reachable assertion (CVE-ID: CVE-2024-36484)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the __inet_accept() function in net/ipv4/af_inet.c. A local user can perform a denial of service (DoS) attack.
24) Improper locking (CVE-ID: CVE-2024-41004)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kernel/trace/Kconfig. A local user can perform a denial of service (DoS) attack.
25) NULL pointer dereference (CVE-ID: CVE-2024-39474)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vm_area_alloc_pages() function in mm/vmalloc.c. A local user can perform a denial of service (DoS) attack.
26) NULL pointer dereference (CVE-ID: CVE-2022-48772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lgdt3306a_probe() function in drivers/media/dvb-frontends/lgdt3306a.c. A local user can perform a denial of service (DoS) attack.
27) Resource management error (CVE-ID: CVE-2024-36244)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the parse_taprio_schedule() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
28) Improper locking (CVE-ID: CVE-2024-38664)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the zynqmp_dpsub_probe() and zynqmp_dpsub_remove() functions in drivers/gpu/drm/xlnx/zynqmp_dpsub.c. A local user can perform a denial of service (DoS) attack.
29) Improper Initialization (CVE-ID: CVE-2024-40925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the blk_flush_complete_seq() and flush_end_io() functions in block/blk-flush.c. A local user can perform a denial of service (DoS) attack.
30) Improper locking (CVE-ID: CVE-2024-40980)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reset_per_cpu_data(), trace_drop_common(), net_dm_hw_reset_per_cpu_data(), net_dm_hw_summary_probe() and __net_dm_cpu_data_init() functions in net/core/drop_monitor.c. A local user can perform a denial of service (DoS) attack.
31) Buffer overflow (CVE-ID: CVE-2024-39480)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kdb_printf() function in kernel/debug/kdb/kdb_io.c. A local user can escalate privileges on the system.
32) NULL pointer dereference (CVE-ID: CVE-2024-36270)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nf_tproxy_laddr4() function in net/ipv4/netfilter/nf_tproxy_ipv4.c. A local user can perform a denial of service (DoS) attack.
33) Memory leak (CVE-ID: CVE-2024-40936)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the devm_cxl_add_region() and __create_region() functions in drivers/cxl/core/region.c. A local user can perform a denial of service (DoS) attack.
34) Improper locking (CVE-ID: CVE-2024-40904)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the wdm_int_callback() function in drivers/usb/class/cdc-wdm.c. A local user can perform a denial of service (DoS) attack.
35) Out-of-bounds read (CVE-ID: CVE-2024-38635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sdw_cdns_alloc_pdi() function in drivers/soundwire/cadence_master.c. A local user can perform a denial of service (DoS) attack.
36) Use-after-free (CVE-ID: CVE-2024-40927)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xhci_invalidate_cancelled_tds() and xhci_handle_cmd_set_deq() functions in drivers/usb/host/xhci-ring.c. A local user can escalate privileges on the system.
37) Improper error handling (CVE-ID: CVE-2024-36481)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the parse_btf_field() function in kernel/trace/trace_probe.c. A local user can perform a denial of service (DoS) attack.
38) Out-of-bounds read (CVE-ID: CVE-2024-40929)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iwl_mvm_scan_umac_dwell() and iwl_mvm_scan_umac_dwell_v10() functions in drivers/net/wireless/intel/iwlwifi/mvm/scan.c. A local user can perform a denial of service (DoS) attack.
39) Use-after-free (CVE-ID: CVE-2024-40958)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL() function in net/core/net_namespace.c. A local user can escalate privileges on the system.
40) Out-of-bounds read (CVE-ID: CVE-2024-36978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the multiq_tune() function in net/sched/sch_multiq.c. A local user can perform a denial of service (DoS) attack.
41) Buffer overflow (CVE-ID: CVE-2024-40992)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rxe_resp_check_length() function in drivers/infiniband/sw/rxe/rxe_resp.c. A local user can perform a denial of service (DoS) attack.
42) Input validation error (CVE-ID: CVE-2024-40908)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __bpf_prog_test_run_raw_tp() function in net/bpf/test_run.c. A local user can perform a denial of service (DoS) attack.
43) NULL pointer dereference (CVE-ID: CVE-2024-39504)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nft_payload_inner_init() function in net/netfilter/nft_payload.c, within the nft_meta_inner_init() function in net/netfilter/nft_meta.c. A local user can perform a denial of service (DoS) attack.
44) Memory leak (CVE-ID: CVE-2024-41001)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the io_sq_thread() function in io_uring/sqpoll.c. A local user can perform a denial of service (DoS) attack.
45) Improper locking (CVE-ID: CVE-2024-40967)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the imx_uart_console_write() function in drivers/tty/serial/imx.c. A local user can perform a denial of service (DoS) attack.
46) Improper locking (CVE-ID: CVE-2023-52884)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cyapa_suspend() and cyapa_resume() functions in drivers/input/mouse/cyapa.c. A local user can perform a denial of service (DoS) attack.
47) Memory leak (CVE-ID: CVE-2024-40997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amd_pstate_epp_cpu_exit() function in drivers/cpufreq/amd-pstate.c. A local user can perform a denial of service (DoS) attack.
48) Use-after-free (CVE-ID: CVE-2024-40903)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcpm_register_sink_caps() function in drivers/usb/typec/tcpm/tcpm.c. A local user can escalate privileges on the system.
49) Use-after-free (CVE-ID: CVE-2024-40913)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cachefiles_req_put(), cachefiles_ondemand_restore(), cachefiles_ondemand_get_fd() and cachefiles_ondemand_daemon_read() functions in fs/cachefiles/ondemand.c. A local user can escalate privileges on the system.
50) NULL pointer dereference (CVE-ID: CVE-2024-34030)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the of_pci_prop_intr_map() function in drivers/pci/of_property.c. A local user can perform a denial of service (DoS) attack.
51) NULL pointer dereference (CVE-ID: CVE-2024-39473)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sof_ipc4_get_input_pin_audio_fmt() function in sound/soc/sof/ipc4-topology.c. A local user can perform a denial of service (DoS) attack.
52) Improper locking (CVE-ID: CVE-2024-40966)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the con_cleanup() function in drivers/tty/vt/vt.c, within the tty_set_ldisc() function in drivers/tty/tty_ldisc.c. A local user can perform a denial of service (DoS) attack.
53) NULL pointer dereference (CVE-ID: CVE-2024-40951)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ocfs2_fill_super() function in fs/ocfs2/super.c, within the to_ocfs2_trigger(), ocfs2_db_frozen_trigger() and __ocfs2_journal_access() functions in fs/ocfs2/journal.c. A local user can perform a denial of service (DoS) attack.
54) NULL pointer dereference (CVE-ID: CVE-2024-40982)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ssb_bus_match() function in drivers/ssb/main.c. A local user can perform a denial of service (DoS) attack.
55) Improper error handling (CVE-ID: CVE-2024-40923)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the vmxnet3_rq_destroy_all_rxdataring() function in drivers/net/vmxnet3/vmxnet3_drv.c. A local user can perform a denial of service (DoS) attack.
56) Out-of-bounds read (CVE-ID: CVE-2024-39467)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sanity_check_inode() function in fs/f2fs/inode.c. A local user can perform a denial of service (DoS) attack.
57) Memory leak (CVE-ID: CVE-2024-40910)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ax25_accept() function in net/ax25/af_ax25.c. A local user can perform a denial of service (DoS) attack.
58) Use-after-free (CVE-ID: CVE-2024-40909)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bpf_obj_get(), bpf_link_defer_dealloc_mult_rcu_gp() and bpf_link_free() functions in kernel/bpf/syscall.c. A local user can escalate privileges on the system.
59) Use-after-free (CVE-ID: CVE-2024-39463)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the v9fs_cached_dentry_delete() function in fs/9p/vfs_dentry.c. A local user can escalate privileges on the system.
60) Buffer overflow (CVE-ID: CVE-2024-40974)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the arch/powerpc/include/asm/hvcall.h. A local user can perform a denial of service (DoS) attack.
61) Memory leak (CVE-ID: CVE-2024-41002)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sec_alg_resource_free() function in drivers/crypto/hisilicon/sec2/sec_crypto.c. A local user can perform a denial of service (DoS) attack.
62) NULL pointer dereference (CVE-ID: CVE-2024-39464)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the v4l2_async_nf_init() and v4l2_async_subdev_nf_init() functions in drivers/media/v4l2-core/v4l2-async.c. A local user can perform a denial of service (DoS) attack.
63) Use-after-free (CVE-ID: CVE-2024-39496)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_load_zone_info() function in fs/btrfs/zoned.c. A local user can escalate privileges on the system.
64) Use-after-free (CVE-ID: CVE-2024-41040)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the net/sched/act_ct.c. A local user can escalate privileges on the system.
65) Improper error handling (CVE-ID: CVE-2024-39469)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nilfs_empty_dir() function in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
66) NULL pointer dereference (CVE-ID: CVE-2024-39500)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sock_map_close() function in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
67) Use-after-free (CVE-ID: CVE-2024-39510)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cachefiles_ondemand_daemon_read() function in fs/cachefiles/ondemand.c. A local user can escalate privileges on the system.
68) Double free (CVE-ID: CVE-2024-38627)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the stm_register_device() function in drivers/hwtracing/stm/core.c. A local user can perform a denial of service (DoS) attack.
69) Race condition (CVE-ID: CVE-2024-32936)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the ti_csi2rx_buffer_queue() function in drivers/media/platform/ti/j721e-csi2rx/j721e-csi2rx.c. A local user can escalate privileges on the system.
70) Resource management error (CVE-ID: CVE-2024-40975)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the x86_android_tablet_remove() function in drivers/platform/x86/x86-android-tablets/core.c. A local user can perform a denial of service (DoS) attack.
71) NULL pointer dereference (CVE-ID: CVE-2024-38390)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the a6xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a6xx_gpu.c. A local user can perform a denial of service (DoS) attack.
72) NULL pointer dereference (CVE-ID: CVE-2024-40959)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xfrm6_get_saddr() function in net/ipv6/xfrm6_policy.c. A local user can perform a denial of service (DoS) attack.
73) Memory leak (CVE-ID: CVE-2024-41006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nr_heartbeat_expiry() function in net/netrom/nr_timer.c. A local user can perform a denial of service (DoS) attack.
74) Improper locking (CVE-ID: CVE-2024-40986)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xdma_channel_isr() function in drivers/dma/xilinx/xdma.c. A local user can perform a denial of service (DoS) attack.
75) Resource management error (CVE-ID: CVE-2024-40987)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sumo_construct_vid_mapping_table() function in drivers/gpu/drm/amd/amdgpu/kv_dpm.c. A local user can perform a denial of service (DoS) attack.
76) Improper locking (CVE-ID: CVE-2024-40922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the io_rsrc_ref_quiesce() function in io_uring/rsrc.c. A local user can perform a denial of service (DoS) attack.
77) Resource management error (CVE-ID: CVE-2024-40983)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tipc_rcv() function in net/tipc/node.c. A local user can perform a denial of service (DoS) attack.
78) Race condition (CVE-ID: CVE-2024-37354)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the btrfs_log_prealloc_extents() function in fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.
79) NULL pointer dereference (CVE-ID: CVE-2024-38637)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __gb_lights_flash_brightness_set() and gb_lights_light_v4l2_register() functions in drivers/staging/greybus/light.c. A local user can perform a denial of service (DoS) attack.
80) Out-of-bounds read (CVE-ID: CVE-2024-39277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_map_benchmark() function in kernel/dma/map_benchmark.c. A local user can perform a denial of service (DoS) attack.
81) Improper locking (CVE-ID: CVE-2024-40943)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __ocfs2_change_file_space() function in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.
82) NULL pointer dereference (CVE-ID: CVE-2024-39371)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the io_ring_buffer_select() function in io_uring/kbuf.c. A local user can perform a denial of service (DoS) attack.
83) NULL pointer dereference (CVE-ID: CVE-2024-40921)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the br_mst_get_state(), br_mst_set_state() and br_mst_vlan_sync_state() functions in net/bridge/br_mst.c. A local user can perform a denial of service (DoS) attack.
84) Out-of-bounds read (CVE-ID: CVE-2024-40953)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the kvm_vcpu_on_spin() function in virt/kvm/kvm_main.c. A local user can perform a denial of service (DoS) attack.
85) Improper locking (CVE-ID: CVE-2024-38634)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the max3100_sr() and max3100_handlerx() functions in drivers/tty/serial/max3100.c. A local user can perform a denial of service (DoS) attack.
86) Out-of-bounds read (CVE-ID: CVE-2024-38659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the enic_set_vf_port() function in drivers/net/ethernet/cisco/enic/enic_main.c. A local user can perform a denial of service (DoS) attack.
87) Resource management error (CVE-ID: CVE-2024-39492)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cmdq_mbox_shutdown() function in drivers/mailbox/mtk-cmdq-mailbox.c. A local user can perform a denial of service (DoS) attack.
88) Race condition (CVE-ID: CVE-2024-40976)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the lima_sched_timedout_job() function in drivers/gpu/drm/lima/lima_sched.c. A local user can escalate privileges on the system.
89) Memory leak (CVE-ID: CVE-2024-40906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5_function_teardown() function in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.
90) Improper locking (CVE-ID: CVE-2024-40965)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpi2c_imx_config() and lpi2c_imx_probe() functions in drivers/i2c/busses/i2c-imx-lpi2c.c. A local user can perform a denial of service (DoS) attack.
91) Buffer overflow (CVE-ID: CVE-2024-38667)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the cpu_update_secondary_bootdata() function in arch/riscv/kernel/cpu_ops_spinwait.c, within the sbi_cpu_start() function in arch/riscv/kernel/cpu_ops_sbi.c. A local user can perform a denial of service (DoS) attack.
92) NULL pointer dereference (CVE-ID: CVE-2024-39498)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nv50_msto_cleanup() function in drivers/gpu/drm/nouveau/dispnv50/disp.c, within the intel_mst_enable_dp() function in drivers/gpu/drm/i915/display/intel_dp_mst.c, within the EXPORT_SYMBOL() function in drivers/gpu/drm/display/drm_dp_mst_topology.c, within the dm_helpers_dp_mst_send_payload_allocation() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c. A local user can perform a denial of service (DoS) attack.
93) Improper locking (CVE-ID: CVE-2024-38628)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the free_ep_fback(), u_audio_set_volume(), u_audio_set_mute() and g_audio_setup() functions in drivers/usb/gadget/function/u_audio.c. A local user can perform a denial of service (DoS) attack.
94) Improper locking (CVE-ID: CVE-2024-38661)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hex2bitmap() function in drivers/s390/crypto/ap_bus.c. A local user can perform a denial of service (DoS) attack.
95) Buffer overflow (CVE-ID: CVE-2024-38663)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the spin_unlock_irq(), blkcg_reset_stats() and blkg_conf_exit() functions in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
96) Improper locking (CVE-ID: CVE-2024-40998)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __ext4_fill_super() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
97) Input validation error (CVE-ID: CVE-2024-40948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the page_table_check_clear(), page_table_check_set() and __page_table_check_zero() functions in mm/page_table_check.c. A local user can perform a denial of service (DoS) attack.
98) NULL pointer dereference (CVE-ID: CVE-2024-38306)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the grab_extent_buffer(), check_eb_alignment(), filemap_add_folio(), __free_page(), alloc_extent_buffer() and folio_size() functions in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
99) NULL pointer dereference (CVE-ID: CVE-2024-40928)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ethtool_get_phy_stats_ethtool() function in net/ethtool/ioctl.c. A local user can perform a denial of service (DoS) attack.
100) Improper locking (CVE-ID: CVE-2024-39468)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smb2_find_smb_tcon() function in fs/smb/client/smb2transport.c. A local user can perform a denial of service (DoS) attack.
101) Use-after-free (CVE-ID: CVE-2024-39494)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ima_eventname_init_common() function in security/integrity/ima/ima_template_lib.c, within the ima_collect_measurement() and ima_d_path() functions in security/integrity/ima/ima_api.c. A local user can escalate privileges on the system.
102) NULL pointer dereference (CVE-ID: CVE-2024-39505)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the komeda_component_get_avail_scaler() function in drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c. A local user can perform a denial of service (DoS) attack.
103) Input validation error (CVE-ID: CVE-2024-40963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the bcm6358_quirks() function in arch/mips/bmips/setup.c. A local user can perform a denial of service (DoS) attack.
104) Memory leak (CVE-ID: CVE-2024-39499)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the event_deliver() function in drivers/misc/vmw_vmci/vmci_event.c. A local user can perform a denial of service (DoS) attack.
105) NULL pointer dereference (CVE-ID: CVE-2024-39506)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lio_vf_rep_copy_packet() function in drivers/net/ethernet/cavium/liquidio/lio_vf_rep.c. A local user can perform a denial of service (DoS) attack.
106) Improper locking (CVE-ID: CVE-2024-40995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tcf_idr_check_alloc() and rcu_read_unlock() functions in net/sched/act_api.c. A local user can perform a denial of service (DoS) attack.
107) Improper error handling (CVE-ID: CVE-2024-39491)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the cs35l56_hda_unbind(), cs35l56_hda_common_probe() and cs35l56_hda_remove() functions in sound/pci/hda/cs35l56_hda.c. A local user can perform a denial of service (DoS) attack.
108) Use-after-free (CVE-ID: CVE-2024-40900)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cachefiles_flush_reqs() function in fs/cachefiles/daemon.c. A local user can escalate privileges on the system.
109) Buffer overflow (CVE-ID: CVE-2024-39478)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the starfive_rsa_enc_core() function in drivers/crypto/starfive/jh7110-rsa.c. A local user can perform a denial of service (DoS) attack.
110) Memory leak (CVE-ID: CVE-2024-39490)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the seg6_input_core() function in net/ipv6/seg6_iptunnel.c. A local user can perform a denial of service (DoS) attack.
111) Buffer overflow (CVE-ID: CVE-2024-39291)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the gfx_v9_4_3_init_microcode() function in drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c. A local user can escalate privileges on the system.
112) Improper locking (CVE-ID: CVE-2024-40981)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the batadv_purge_orig_ref() function in net/batman-adv/originator.c. A local user can perform a denial of service (DoS) attack.
113) Use of uninitialized resource (CVE-ID: CVE-2024-40926)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nouveau_display_hpd_resume(), nouveau_display_fini() and nouveau_display_create() functions in drivers/gpu/drm/nouveau/nouveau_display.c, within the nv50_display_fini() function in drivers/gpu/drm/nouveau/dispnv50/disp.c, within the nv04_display_fini() function in drivers/gpu/drm/nouveau/dispnv04/disp.c. A local user can perform a denial of service (DoS) attack.
114) Input validation error (CVE-ID: CVE-2024-40939)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ipc_devlink_create_region() function in drivers/net/wwan/iosm/iosm_ipc_devlink.c. A local user can perform a denial of service (DoS) attack.
115) Use-after-free (CVE-ID: CVE-2024-38385)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the irq_find_free_area() function in kernel/irq/irqdesc.c. A local user can escalate privileges on the system.
116) Improper locking (CVE-ID: CVE-2024-39483)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the svm_enable_nmi_window() function in arch/x86/kvm/svm/svm.c. A local user can perform a denial of service (DoS) attack.
117) Input validation error (CVE-ID: CVE-2024-40989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vgic_v3_free_redist_region() and vgic_v3_set_redist_base() functions in arch/arm64/kvm/vgic/vgic-mmio-v3.c, within the kvm_vgic_dist_destroy() function in arch/arm64/kvm/vgic/vgic-init.c. A local user can perform a denial of service (DoS) attack.
118) Out-of-bounds read (CVE-ID: CVE-2024-40955)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the EXT4_ATTR_FUNC(), ext4_attr_show() and ext4_attr_store() functions in fs/ext4/sysfs.c, within the mb_avg_fragment_size_order() and ext4_mb_choose_next_group_best_avail() functions in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
119) Improper locking (CVE-ID: CVE-2024-39501)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the uevent_show() function in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.
120) Use of uninitialized resource (CVE-ID: CVE-2024-38381)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nci_core_ntf_packet() and nci_rx_work() functions in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.
121) Resource management error (CVE-ID: CVE-2024-33621)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ipvlan_process_v4_outbound() and ipvlan_process_v6_outbound() functions in drivers/net/ipvlan/ipvlan_core.c. A local user can perform a denial of service (DoS) attack.
122) NULL pointer dereference (CVE-ID: CVE-2024-40964)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cs35l41_hda_unbind() function in sound/pci/hda/cs35l41_hda.c. A local user can perform a denial of service (DoS) attack.
123) Out-of-bounds read (CVE-ID: CVE-2024-42148)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/ethernet/broadcom/bnx2x/bnx2x.h. A local user can perform a denial of service (DoS) attack.
124) Improper locking (CVE-ID: CVE-2024-36286)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the instance_destroy_rcu() function in net/netfilter/nfnetlink_queue.c. A local user can perform a denial of service (DoS) attack.
125) Use-after-free (CVE-ID: CVE-2024-38629)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the idxd_wq_del_cdev() function in drivers/dma/idxd/cdev.c. A local user can escalate privileges on the system.
126) Resource management error (CVE-ID: CVE-2024-39509)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the implement() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.
127) Resource management error (CVE-ID: CVE-2024-39298)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the me_huge_page() function in mm/memory-failure.c. A local user can perform a denial of service (DoS) attack.
128) NULL pointer dereference (CVE-ID: CVE-2024-36489)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tls_ctx_create() function in net/tls/tls_main.c. A local user can perform a denial of service (DoS) attack.
129) Input validation error (CVE-ID: CVE-2024-34777)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the map_benchmark_ioctl() function in kernel/dma/map_benchmark.c. A local user can perform a denial of service (DoS) attack.
130) NULL pointer dereference (CVE-ID: CVE-2024-40957)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the input_action_end_dx6() and input_action_end_dx4() functions in net/ipv6/seg6_local.c. A local user can perform a denial of service (DoS) attack.
131) NULL pointer dereference (CVE-ID: CVE-2024-40919)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __hwrm_send() function in drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c. A local user can perform a denial of service (DoS) attack.
132) Out-of-bounds read (CVE-ID: CVE-2024-39462)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the clk_dvp_probe() function in drivers/clk/bcm/clk-bcm2711-dvp.c. A local user can perform a denial of service (DoS) attack.
133) Use-after-free (CVE-ID: CVE-2024-39495)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gb_interface_release() function in drivers/greybus/interface.c. A local user can escalate privileges on the system.
134) Buffer overflow (CVE-ID: CVE-2024-39497)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drm_gem_shmem_mmap() function in drivers/gpu/drm/drm_gem_shmem_helper.c. A local user can perform a denial of service (DoS) attack.
135) Buffer overflow (CVE-ID: CVE-2024-38636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the f2fs_iomap_begin() function in fs/f2fs/data.c. A local user can perform a denial of service (DoS) attack.
136) Memory leak (CVE-ID: CVE-2024-36281)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_fs.c. A local user can perform a denial of service (DoS) attack.
137) Use-after-free (CVE-ID: CVE-2024-39479)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the i915_hwmon_register() function in drivers/gpu/drm/i915/i915_hwmon.c. A local user can escalate privileges on the system.
138) Memory leak (CVE-ID: CVE-2024-40932)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vidi_get_modes() function in drivers/gpu/drm/exynos/exynos_drm_vidi.c. A local user can perform a denial of service (DoS) attack.
139) Infinite loop (CVE-ID: CVE-2024-36288)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the gss_read_proxy_verf() function in net/sunrpc/auth_gss/svcauth_gss.c. A local user can perform a denial of service (DoS) attack.
140) Buffer overflow (CVE-ID: CVE-2024-38623)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the fs/ntfs3/ntfs.h. A local user can perform a denial of service (DoS) attack.
141) Improper locking (CVE-ID: CVE-2024-40969)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the f2fs_handle_critical_error() function in fs/f2fs/super.c. A local user can perform a denial of service (DoS) attack.
142) Use of uninitialized resource (CVE-ID: CVE-2024-40931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
143) Use-after-free (CVE-ID: CVE-2024-36971)
The vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to a use-after-free error within the xfrm_link_failure() function in net/xfrm/xfrm_policy.c, within the dst_entry ip6_dst_check() and ip6_dst_check() functions in net/ipv6/route.c, within the dst_entry ipv4_dst_check() and ip_do_redirect() functions in net/ipv4/route.c. A remote attacker can send specially crafted packets to the system and execute arbitrary code.
Note, the vulnerability is being actively exploited in the wild.
144) Memory leak (CVE-ID: CVE-2024-40934)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the logi_dj_recv_switch_to_dj_mode() function in drivers/hid/hid-logitech-dj.c. A local user can perform a denial of service (DoS) attack.
145) Unchecked Return Value (CVE-ID: CVE-2024-36015)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an unchecked return value within the register_device() function in drivers/char/ppdev.c. A local user can perform a denial of service (DoS) attack.
146) Use of uninitialized resource (CVE-ID: CVE-2024-39485)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the __v4l2_async_nf_unregister() function in drivers/media/v4l2-core/v4l2-async.c. A local user can perform a denial of service (DoS) attack.
147) Buffer overflow (CVE-ID: CVE-2024-40996)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the DEFINE_PER_CPU() function in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
148) Improper locking (CVE-ID: CVE-2024-39507)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hclge_push_link_status(), hclge_update_link_status(), hclge_uninit_need_wait() and hclge_uninit_client_instance() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.
149) Double free (CVE-ID: CVE-2024-36973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the gp_aux_bus_probe(), auxiliary_device_uninit() and kfree() functions in drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gp.c. A local user can perform a denial of service (DoS) attack.
150) NULL pointer dereference (CVE-ID: CVE-2024-38625)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ntfs_get_block_vbo() function in fs/ntfs3/inode.c. A local user can perform a denial of service (DoS) attack.
151) Use of uninitialized resource (CVE-ID: CVE-2024-39301)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the p9_fcall_init() function in net/9p/client.c. A local user can perform a denial of service (DoS) attack.
152) Improper locking (CVE-ID: CVE-2024-34027)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the f2fs_release_compress_blocks() and f2fs_reserve_compress_blocks() functions in fs/f2fs/file.c. A local user can perform a denial of service (DoS) attack.
153) Improper locking (CVE-ID: CVE-2024-37026)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xe_migrate_prepare_vm(), xe_migrate_usm_logical_mask() and xe_migrate_init() functions in drivers/gpu/drm/xe/xe_migrate.c. A local user can perform a denial of service (DoS) attack.
154) NULL pointer dereference (CVE-ID: CVE-2024-40960)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt6_probe() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
155) Improper locking (CVE-ID: CVE-2024-37078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_segctor_prepare_write() function in fs/nilfs2/segment.c. A local user can perform a denial of service (DoS) attack.
156) Improper locking (CVE-ID: CVE-2024-40912)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ieee80211_sta_ps_deliver_wakeup() function in net/mac80211/sta_info.c. A local user can perform a denial of service (DoS) attack.
157) Resource management error (CVE-ID: CVE-2024-40988)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sumo_construct_vid_mapping_table() function in drivers/gpu/drm/radeon/sumo_dpm.c. A local user can perform a denial of service (DoS) attack.
158) Improper locking (CVE-ID: CVE-2024-41005)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the netpoll_owner_active() function in net/core/netpoll.c. A local user can perform a denial of service (DoS) attack.
159) Memory leak (CVE-ID: CVE-2024-39276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_xattr_block_cache_find() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
160) Improper locking (CVE-ID: CVE-2024-38662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the may_update_sockmap() and check_map_func_compatibility() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
161) NULL pointer dereference (CVE-ID: CVE-2024-39502)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ionic_qcq_enable() function in drivers/net/ethernet/pensando/ionic/ionic_lif.c. A local user can perform a denial of service (DoS) attack.
162) NULL pointer dereference (CVE-ID: CVE-2024-36479)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fpga_bridge_disable(), of_fpga_bridge_get(), fpga_bridge_dev_match(), fpga_bridge_get(), fpga_bridge_put(), ATTRIBUTE_GROUPS(), fpga_bridge_register() and ERR_PTR() functions in drivers/fpga/fpga-bridge.c, within the fpga_bridge_register() function in Documentation/driver-api/fpga/fpga-bridge.rst. A local user can perform a denial of service (DoS) attack.
163) Use-after-free (CVE-ID: CVE-2024-40947)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smack_post_notification() function in security/smack/smack_lsm.c, within the selinux_audit_rule_free() and selinux_audit_rule_init() functions in security/selinux/ss/services.c, within the security_key_getsecurity() function in security/security.c, within the ima_free_rule(), ima_lsm_copy_rule(), ima_lsm_update_rule() and ima_lsm_rule_init() functions in security/integrity/ima/ima_policy.c, within the aa_audit_rule_free() and aa_audit_rule_init() functions in security/apparmor/audit.c, within the audit_data_to_entry() and audit_dupe_lsm_field() functions in kernel/auditfilter.c. A local user can escalate privileges on the system.
164) Improper locking (CVE-ID: CVE-2024-38780)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sync_print_obj() function in drivers/dma-buf/sync_debug.c. A local user can perform a denial of service (DoS) attack.
165) Memory leak (CVE-ID: CVE-2024-38388)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wmfw_convert_flags(), hda_cs_dsp_add_kcontrol(), hda_cs_dsp_control_add() and hda_cs_dsp_control_remove() functions in sound/pci/hda/hda_cs_dsp_ctl.c. A local user can perform a denial of service (DoS) attack.
166) NULL pointer dereference (CVE-ID: CVE-2024-40917)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the memblock_set_node() function in mm/memblock.c. A local user can perform a denial of service (DoS) attack.
167) Input validation error (CVE-ID: CVE-2024-36974)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the taprio_parse_mqprio_opt() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
168) Resource management error (CVE-ID: CVE-2024-40970)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the axi_desc_alloc(), axi_desc_get() and axi_chan_block_xfer_complete() functions in drivers/dma/dw-axi-dmac/dw-axi-dmac-platform.c. A local user can perform a denial of service (DoS) attack.
169) Out-of-bounds read (CVE-ID: CVE-2024-40901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mpt3sas_base_attach() and _base_check_ioc_facts_changes() functions in drivers/scsi/mpt3sas/mpt3sas_base.c. A local user can perform a denial of service (DoS) attack.
170) Infinite loop (CVE-ID: CVE-2024-38384)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the __blkcg_rstat_flush() function in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
171) Division by zero (CVE-ID: CVE-2024-39475)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the savagefb_probe() function in drivers/video/fbdev/savage/savagefb_driver.c. A local user can perform a denial of service (DoS) attack.
172) Improper locking (CVE-ID: CVE-2024-40949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the shmem_replace_folio() function in mm/shmem.c, within the __mem_cgroup_uncharge_folios() function in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.
173) NULL pointer dereference (CVE-ID: CVE-2024-37021)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ATTRIBUTE_GROUPS(), fpga_mgr_dev_match(), EXPORT_SYMBOL_GPL(), fpga_mgr_unlock(), fpga_mgr_register_full(), ERR_PTR(), fpga_mgr_register(), devm_fpga_mgr_unregister(), devm_fpga_mgr_register_full() and devm_fpga_mgr_register() functions in drivers/fpga/fpga-mgr.c, within the fpga_mgr_register() and fpga_mgr_register_full() functions in Documentation/driver-api/fpga/fpga-mgr.rst. A local user can perform a denial of service (DoS) attack.
174) NULL pointer dereference (CVE-ID: CVE-2024-38633)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the max3100_probe() and max3100_remove() functions in drivers/tty/serial/max3100.c. A local user can perform a denial of service (DoS) attack.
175) Use-after-free (CVE-ID: CVE-2024-39503)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the list_set_kadd(), list_set_kdel(), list_set_utest(), list_set_uadd(), list_set_udel() and list_set_destroy() functions in net/netfilter/ipset/ip_set_list_set.c, within the call_rcu(), ip_set_destroy() and ip_set_net_init() functions in net/netfilter/ipset/ip_set_core.c. A local user can escalate privileges on the system.
176) Integer overflow (CVE-ID: CVE-2024-41000)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the blkpg_do_ioctl() function in block/ioctl.c. A local user can execute arbitrary code.
177) Reachable assertion (CVE-ID: CVE-2024-33847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the f2fs_setattr() function in fs/f2fs/file.c. A local user can perform a denial of service (DoS) attack.
178) NULL pointer dereference (CVE-ID: CVE-2024-35247)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fpga_region_get(), fpga_region_put(), ATTRIBUTE_GROUPS(), fpga_region_register_full(), ERR_PTR() and EXPORT_SYMBOL_GPL() functions in drivers/fpga/fpga-region.c, within the fpga_region_register_full() function in Documentation/driver-api/fpga/fpga-region.rst. A local user can perform a denial of service (DoS) attack.
179) Input validation error (CVE-ID: CVE-2024-40968)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __cvmx_pcie_build_config_addr() function in arch/mips/pci/pcie-octeon.c. A local user can perform a denial of service (DoS) attack.
180) Use of uninitialized resource (CVE-ID: CVE-2024-33619)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the efi_free() function in drivers/firmware/efi/libstub/fdt.c. A local user can perform a denial of service (DoS) attack.
181) Use of uninitialized resource (CVE-ID: CVE-2024-38619)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the short_pack() and alauda_check_media() functions in drivers/usb/storage/alauda.c. A local user can perform a denial of service (DoS) attack.
182) NULL pointer dereference (CVE-ID: CVE-2024-40984)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the acpi_ex_system_memory_space_handler() function in drivers/acpi/acpica/exregion.c. A local user can perform a denial of service (DoS) attack.
183) NULL pointer dereference (CVE-ID: CVE-2024-36478)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nullb_update_nr_hw_queues(), nullb_device_power_store(), null_add_dev() and null_create_dev() functions in drivers/block/null_blk/main.c. A local user can perform a denial of service (DoS) attack.
184) Memory leak (CVE-ID: CVE-2024-39493)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the adf_device_reset_worker() and adf_dev_aer_schedule_reset() functions in drivers/crypto/qat/qat_common/adf_aer.c. A local user can perform a denial of service (DoS) attack.
185) Use of uninitialized resource (CVE-ID: CVE-2024-42078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nfsd_create_serv() function in fs/nfsd/nfssvc.c, within the nfsd_net_init() function in fs/nfsd/nfsctl.c. A local user can perform a denial of service (DoS) attack.
186) Use-after-free (CVE-ID: CVE-2024-40954)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sk_common_release() function in net/core/sock.c. A local user can escalate privileges on the system.
187) Resource management error (CVE-ID: CVE-2024-40978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qedi_dbg_do_not_recover_cmd_read() function in drivers/scsi/qedi/qedi_debugfs.c. A local user can perform a denial of service (DoS) attack.
188) Use-after-free (CVE-ID: CVE-2024-39508)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the WORKER_IDLE_TIMEOUT(), io_work_get_acct(), io_worker_exit(), io_wq_dec_running(), __io_worker_busy(), io_wq_worker(), io_wq_worker_running(), io_wq_worker_sleeping(), io_init_new_worker(), init_completion() and io_wq_work_match_item() functions in io_uring/io-wq.c. A local user can escalate privileges on the system.
189) Use-after-free (CVE-ID: CVE-2024-40915)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the set_direct_map_default_noflush() function in arch/riscv/mm/pageattr.c. A local user can escalate privileges on the system.
190) Memory leak (CVE-ID: CVE-2024-39489)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the seg6_hmac_init_algo() and seg6_hmac_net_init() functions in net/ipv6/seg6_hmac.c. A local user can perform a denial of service (DoS) attack.
191) Use-after-free (CVE-ID: CVE-2024-40920)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the br_mst_set_state() function in net/bridge/br_mst.c. A local user can escalate privileges on the system.
192) Input validation error (CVE-ID: CVE-2024-38618)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the snd_timer_start1() function in sound/core/timer.c. A local user can perform a denial of service (DoS) attack.
193) Input validation error (CVE-ID: CVE-2024-40938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the current_check_refer_path() function in security/landlock/fs.c. A local user can perform a denial of service (DoS) attack.
194) Resource management error (CVE-ID: CVE-2024-39296)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bonding_init() and bonding_exit() functions in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
195) NULL pointer dereference (CVE-ID: CVE-2024-40962)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_submit_chunk() function in fs/btrfs/bio.c. A local user can perform a denial of service (DoS) attack.
196) NULL pointer dereference (CVE-ID: CVE-2024-39470)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the eventfs_find_events() function in fs/tracefs/event_inode.c. A local user can perform a denial of service (DoS) attack.
197) Input validation error (CVE-ID: CVE-2024-39481)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the media_pipeline_explore_next_link() function in drivers/media/mc/mc-entity.c. A local user can perform a denial of service (DoS) attack.
198) Improper locking (CVE-ID: CVE-2024-40977)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mt76s_tx_status_data() function in drivers/net/wireless/mediatek/mt76/sdio.c, within the mt7921s_mac_reset() function in drivers/net/wireless/mediatek/mt76/mt7921/sdio_mac.c, within the mt7921e_mac_reset() function in drivers/net/wireless/mediatek/mt76/mt7921/pci_mac.c, within the mt7921_mac_reset_work() function in drivers/net/wireless/mediatek/mt76/mt7921/mac.c. A local user can perform a denial of service (DoS) attack.
199) Out-of-bounds read (CVE-ID: CVE-2024-38621)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the stk1160_buffer_done() and stk1160_copy_video() functions in drivers/media/usb/stk1160/stk1160-video.c. A local user can perform a denial of service (DoS) attack.
200) Input validation error (CVE-ID: CVE-2024-40971)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the default_options() function in fs/f2fs/super.c. A local user can perform a denial of service (DoS) attack.
201) Memory leak (CVE-ID: CVE-2024-31076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the migrate_one_irq() function in kernel/irq/cpuhotplug.c, within the __send_cleanup_vector(), irq_complete_move() and irq_force_complete_move() functions in arch/x86/kernel/apic/vector.c. A local user can perform a denial of service (DoS) attack.
202) Out-of-bounds read (CVE-ID: CVE-2024-36972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the queue_oob(), unix_stream_recv_urg() and manage_oob() functions in net/unix/af_unix.c. A local user can perform a denial of service (DoS) attack.
203) Out-of-bounds read (CVE-ID: CVE-2024-39471)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sdma_v4_0_process_trap_irq() function in drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c. A local user can perform a denial of service (DoS) attack.
204) Integer overflow (CVE-ID: CVE-2024-40994)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the max_vclocks_store() function in drivers/ptp/ptp_sysfs.c. A local user can execute arbitrary code.
205) NULL pointer dereference (CVE-ID: CVE-2024-40973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_vcodec_fw_scp_init() function in drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c. A local user can perform a denial of service (DoS) attack.
206) Improper locking (CVE-ID: CVE-2024-40916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hdmi_get_modes() function in drivers/gpu/drm/exynos/exynos_hdmi.c. A local user can perform a denial of service (DoS) attack.
207) Memory leak (CVE-ID: CVE-2024-40942)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mesh_path_discard_frame() function in net/mac80211/mesh_pathtbl.c. A local user can perform a denial of service (DoS) attack.
208) Use-after-free (CVE-ID: CVE-2024-40956)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the irq_process_work_list() function in drivers/dma/idxd/irq.c. A local user can escalate privileges on the system.
209) Resource management error (CVE-ID: CVE-2024-39465)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mgb4_remove() function in drivers/media/pci/mgb4/mgb4_core.c. A local user can perform a denial of service (DoS) attack.
210) Improper error handling (CVE-ID: CVE-2024-40914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the unpoison_memory() function in mm/memory-failure.c. A local user can perform a denial of service (DoS) attack.
211) Double free (CVE-ID: CVE-2024-40937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the gve_rx_skb_hash() and gve_rx_poll_dqo() functions in drivers/net/ethernet/google/gve/gve_rx_dqo.c. A local user can perform a denial of service (DoS) attack.
212) Improper locking (CVE-ID: CVE-2024-40918)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the PTR_PAGE_ALIGN_DOWN(), __flush_cache_page(), flush_icache_pages(), pte_needs_flush(), flush_dcache_folio(), purge_kernel_dcache_page_asm(), copy_user_highpage(), __flush_tlb_range(), flush_cache_range(), flush_anon_page() and invalidate_kernel_vmap_range() functions in arch/parisc/kernel/cache.c. A local user can perform a denial of service (DoS) attack.
213) NULL pointer dereference (CVE-ID: CVE-2024-40905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt6_get_pcpu_route() function in net/ipv6/route.c, within the __fib6_drop_pcpu_from() function in net/ipv6/ip6_fib.c. A local user can perform a denial of service (DoS) attack.
214) Improper error handling (CVE-ID: CVE-2024-39488)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/arm64/include/asm/asm-bug.h. A local user can perform a denial of service (DoS) attack.
215) Memory leak (CVE-ID: CVE-2024-38632)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vfio_intx_enable() function in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
216) Out-of-bounds read (CVE-ID: CVE-2024-39461)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the raspberrypi_discover_clocks() function in drivers/clk/bcm/clk-raspberrypi.c. A local user can perform a denial of service (DoS) attack.
217) Input validation error (CVE-ID: CVE-2024-40999)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ena_com_cdesc_rx_pkt_get() and ena_com_rx_pkt() functions in drivers/net/ethernet/amazon/ena/ena_eth_com.c. A local user can perform a denial of service (DoS) attack.
218) Improper locking (CVE-ID: CVE-2024-40972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_xattr_set_entry(), iput(), ext4_xattr_block_set() and ext4_xattr_ibody_set() functions in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
219) Out-of-bounds read (CVE-ID: CVE-2024-36477)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tpm_tis_spi_write_bytes() function in drivers/char/tpm/tpm_tis_spi_main.c. A local user can perform a denial of service (DoS) attack.
220) NULL pointer dereference (CVE-ID: CVE-2024-40961)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fib6_nh_init() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.