SB202502197152 - Ubuntu update for linux-aws
Published: February 19, 2025 Updated: January 4, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 757 secuirty vulnerabilities.
1) Improper locking (CVE-ID: CVE-2024-50030)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the wait_event_timeout() function in drivers/gpu/drm/xe/xe_guc_ct.c. A local user can perform a denial of service (DoS) attack.
2) Improper locking (CVE-ID: CVE-2024-47689)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the f2fs_handle_critical_error() function in fs/f2fs/super.c. A local user can perform a denial of service (DoS) attack.
3) NULL pointer dereference (CVE-ID: CVE-2024-50088)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the add_inode_ref() function in fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.
4) Use-after-free (CVE-ID: CVE-2024-50154)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the reqsk_queue_unlink() and reqsk_timer_handler() functions in net/ipv4/inet_connection_sock.c. A local user can escalate privileges on the system.
5) Integer overflow (CVE-ID: CVE-2024-49994)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the blk_ioctl_discard() and blk_ioctl_secure_erase() functions in block/ioctl.c. A local user can execute arbitrary code.
6) Input validation error (CVE-ID: CVE-2024-50243)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ni_find_attr() function in fs/ntfs3/inode.c. A local user can perform a denial of service (DoS) attack.
7) Improper error handling (CVE-ID: CVE-2024-50284)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the __rpc_method() and ksmbd_session_rpc_open() functions in fs/smb/server/mgmt/user_session.c. A local user can perform a denial of service (DoS) attack.
8) Improper locking (CVE-ID: CVE-2024-50207)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ring_buffer_subbuf_order_set() function in kernel/trace/ring_buffer.c. A local user can perform a denial of service (DoS) attack.
9) NULL pointer dereference (CVE-ID: CVE-2024-53200)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hwss_setup_dpp() function in drivers/gpu/drm/amd/display/dc/core/dc_hw_sequencer.c. A local user can perform a denial of service (DoS) attack.
10) Use of uninitialized resource (CVE-ID: CVE-2024-53155)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ocfs2_file_write_iter() and ocfs2_file_read_iter() functions in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.
11) Input validation error (CVE-ID: CVE-2024-50179)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ceph_set_page_dirty() function in fs/ceph/addr.c. A local user can perform a denial of service (DoS) attack.
12) Memory leak (CVE-ID: CVE-2024-50171)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm_sysport_xmit() function in drivers/net/ethernet/broadcom/bcmsysport.c. A local user can perform a denial of service (DoS) attack.
13) NULL pointer dereference (CVE-ID: CVE-2024-53167)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bl_unregister_scsi() and bl_unregister_dev() functions in fs/nfs/blocklayout/dev.c. A local user can perform a denial of service (DoS) attack.
14) Buffer overflow (CVE-ID: CVE-2024-49885)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the slab_update_freelist(), print_slab_info(), inc_slabs_node() and slab_free_hook() functions in mm/slub.c. A local user can perform a denial of service (DoS) attack.
15) Buffer overflow (CVE-ID: CVE-2024-49869)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the __counted_by(), kmalloc() and fs_path_len() functions in fs/btrfs/send.c. A local user can escalate privileges on the system.
16) Use-after-free (CVE-ID: CVE-2024-49934)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dump_mapping() function in fs/inode.c. A local user can escalate privileges on the system.
17) Improper locking (CVE-ID: CVE-2024-53089)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kvm_arch_vcpu_create() function in arch/loongarch/kvm/vcpu.c, within the _kvm_save_timer() function in arch/loongarch/kvm/timer.c. A local user can perform a denial of service (DoS) attack.
18) Infinite loop (CVE-ID: CVE-2024-50196)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the ocelot_irq_handler() function in drivers/pinctrl/pinctrl-ocelot.c. A local user can perform a denial of service (DoS) attack.
19) Improper locking (CVE-ID: CVE-2024-53090)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the afs_deferred_free_worker(), afs_alloc_call(), afs_put_call(), afs_wake_up_call_waiter() and afs_wake_up_async_call() functions in fs/afs/rxrpc.c. A local user can perform a denial of service (DoS) attack.
20) Memory leak (CVE-ID: CVE-2024-47675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bpf_uprobe_multi_link_attach() function in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.
21) Improper error handling (CVE-ID: CVE-2024-47690)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the f2fs_get_parent() and f2fs_lookup() functions in fs/f2fs/namei.c. A local user can perform a denial of service (DoS) attack.
22) Improper error handling (CVE-ID: CVE-2024-56674)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the virtnet_enable_queue_pair() and remove_vq_common() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
23) Improper locking (CVE-ID: CVE-2024-50082)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rq_qos_wake_function() function in block/blk-rq-qos.c. A local user can perform a denial of service (DoS) attack.
24) Incorrect calculation (CVE-ID: CVE-2024-47742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the fw_abort_batch_reqs() and _request_firmware() functions in drivers/base/firmware_loader/main.c. A local user can perform a denial of service (DoS) attack.
25) Improper locking (CVE-ID: CVE-2024-53220)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fs/f2fs/segment.h. A local user can perform a denial of service (DoS) attack.
26) Memory leak (CVE-ID: CVE-2024-50172)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bnxt_re_setup_chip_ctx() function in drivers/infiniband/hw/bnxt_re/main.c. A local user can perform a denial of service (DoS) attack.
27) NULL pointer dereference (CVE-ID: CVE-2024-50009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amd_pstate_adjust_perf() and amd_pstate_init_prefcore() functions in drivers/cpufreq/amd-pstate.c. A local user can perform a denial of service (DoS) attack.
28) Memory leak (CVE-ID: CVE-2024-49881)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the get_ext_path() function in fs/ext4/move_extent.c, within the ext4_find_extent() and ext4_split_extent_at() functions in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
29) Improper locking (CVE-ID: CVE-2024-50249)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the acpi_cppc_processor_probe() and cpc_write() functions in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.
30) Input validation error (CVE-ID: CVE-2024-47752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vdec_h264_slice_decode() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_h264_req_if.c. A local user can perform a denial of service (DoS) attack.
31) Input validation error (CVE-ID: CVE-2024-56707)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the otx2_dmacflt_do_add() and otx2_dmacflt_update() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_dmac_flt.c. A local user can perform a denial of service (DoS) attack.
32) Double free (CVE-ID: CVE-2024-53105)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the __page_cache_release() function in mm/swap.c, within the free_pages_prepare() function in mm/page_alloc.c. A local user can perform a denial of service (DoS) attack.
33) Improper Initialization (CVE-ID: CVE-2024-53048)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the ARRAY_SIZE() and ice_cgu_get_pin_desc() functions in drivers/net/ethernet/intel/ice/ice_ptp_hw.c, within the ice_dpll_init_worker() and ice_dpll_init_info_direct_pins() functions in drivers/net/ethernet/intel/ice/ice_dpll.c. A local user can perform a denial of service (DoS) attack.
34) Resource management error (CVE-ID: CVE-2024-50148)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bnep_init() function in net/bluetooth/bnep/core.c. A local user can perform a denial of service (DoS) attack.
35) Incorrect calculation (CVE-ID: CVE-2024-50036)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the dst_destroy() and dst_dev_put() functions in net/core/dst.c. A local user can perform a denial of service (DoS) attack.
36) Input validation error (CVE-ID: CVE-2024-53141)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the bitmap_ip_uadt() function in net/netfilter/ipset/ip_set_bitmap_ip.c. A local user can perform a denial of service (DoS) attack.
37) Memory leak (CVE-ID: CVE-2024-50213)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drm_test_check_broadcast_rgb_auto_cea_mode_vic_1(), drm_test_check_broadcast_rgb_full_cea_mode_vic_1(), drm_test_check_broadcast_rgb_limited_cea_mode_vic_1() and drm_test_check_output_bpc_format_vic_1() functions in drivers/gpu/drm/tests/drm_hdmi_state_helper_test.c. A local user can perform a denial of service (DoS) attack.
38) NULL pointer dereference (CVE-ID: CVE-2024-49911)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn20_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.
39) Input validation error (CVE-ID: CVE-2024-50285)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the smb1_negotiate() and init_smb1_server() functions in fs/smb/server/smb_common.c, within the handle_ksmbd_work() and queue_ksmbd_work() functions in fs/smb/server/server.c, within the ksmbd_conn_alloc() function in fs/smb/server/connection.c. A local user can perform a denial of service (DoS) attack.
40) NULL pointer dereference (CVE-ID: CVE-2024-56535)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btc_fw_set_monreg() function in drivers/net/wireless/realtek/rtw89/coex.c. A local user can perform a denial of service (DoS) attack.
41) Improper error handling (CVE-ID: CVE-2024-49882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ext4_ext_try_to_merge_up() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
42) NULL pointer dereference (CVE-ID: CVE-2024-50225)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_bio_init() and __btrfs_bio_end_io() functions in fs/btrfs/bio.c. A local user can perform a denial of service (DoS) attack.
43) Reachable assertion (CVE-ID: CVE-2024-50090)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the __xe_bb_create_job() function in drivers/gpu/drm/xe/xe_bb.c. A local user can perform a denial of service (DoS) attack.
44) Resource management error (CVE-ID: CVE-2024-53063)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the DECLARE_RWSEM() and dvb_register_device() functions in drivers/media/dvb-core/dvbdev.c. A local user can perform a denial of service (DoS) attack.
45) Improper locking (CVE-ID: CVE-2024-56703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the |() function in tools/testing/selftests/net/ipv6_route_update_soft_lockup.sh, within the fib6_select_path(), ip6_route_mpath_notify(), rt6_nlmsg_size(), rt6_fill_node() and inet6_rt_notify() functions in net/ipv6/route.c, within the fib6_del_route() function in net/ipv6/ip6_fib.c. A local user can perform a denial of service (DoS) attack.
46) NULL pointer dereference (CVE-ID: CVE-2024-47687)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_vdpa_show_mr_leaks() function in drivers/vdpa/mlx5/core/mr.c. A local user can perform a denial of service (DoS) attack.
47) Improper locking (CVE-ID: CVE-2024-53079)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the destroy_large_folio() function in mm/page_alloc.c, within the mem_cgroup_move_account(), mem_cgroup_move_charge_pte_range(), uncharge_folio() and mem_cgroup_swapout() functions in mm/memcontrol.c, within the __folio_undo_large_rmappable() and deferred_split_folio() functions in mm/huge_memory.c. A local user can perform a denial of service (DoS) attack.
48) Improper locking (CVE-ID: CVE-2024-47744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the EXPORT_SYMBOL_GPL(), kvm_online_cpu(), hardware_disable_nolock(), hardware_disable_all_nolock(), hardware_enable_all() and kvm_suspend() functions in virt/kvm/kvm_main.c, within the cpus_read_lock() function in Documentation/virt/kvm/locking.rst. A local user can perform a denial of service (DoS) attack.
49) Improper error handling (CVE-ID: CVE-2024-50020)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ice_sriov_set_msix_vec_count() and ice_sriov_get_irqs() functions in drivers/net/ethernet/intel/ice/ice_sriov.c. A local user can perform a denial of service (DoS) attack.
50) NULL pointer dereference (CVE-ID: CVE-2024-53078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the host1x_drm_probe() function in drivers/gpu/drm/tegra/drm.c. A local user can perform a denial of service (DoS) attack.
51) Improper locking (CVE-ID: CVE-2024-53176)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cifs_dentry_needs_reval() function in fs/smb/client/inode.c, within the init_cifs() and cifs_destroy_netfs() functions in fs/smb/client/cifsfs.c, within the free_cached_dir(), close_all_cached_dirs(), invalidate_all_cached_dirs(), cached_dir_lease_break(), init_cached_dir(), cfids_laundromat_worker(), init_cached_dirs() and free_cached_dirs() functions in fs/smb/client/cached_dir.c. A local user can perform a denial of service (DoS) attack.
52) Resource management error (CVE-ID: CVE-2024-53183)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the net_device_release() function in arch/um/drivers/net_kern.c. A local user can perform a denial of service (DoS) attack.
53) Input validation error (CVE-ID: CVE-2024-50248)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to boundary error within the mi_enum_attr() function in fs/ntfs3/record.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
54) Use-after-free (CVE-ID: CVE-2024-50283)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __handle_ksmbd_work() function in fs/smb/server/server.c. A local user can escalate privileges on the system.
55) NULL pointer dereference (CVE-ID: CVE-2024-49907)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_allow_idle_optimizations() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
56) Memory leak (CVE-ID: CVE-2024-50084)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vcap_api_encode_rule_test() function in drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c. A local user can perform a denial of service (DoS) attack.
57) Use-after-free (CVE-ID: CVE-2024-56541)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath12k_dp_cc_cleanup() function in drivers/net/wireless/ath/ath12k/dp.c. A local user can escalate privileges on the system.
58) NULL pointer dereference (CVE-ID: CVE-2024-49979)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tcp6_gso_segment() function in net/ipv6/tcpv6_offload.c, within the tcp4_gso_segment() function in net/ipv4/tcp_offload.c. A local user can perform a denial of service (DoS) attack.
59) Memory leak (CVE-ID: CVE-2024-53175)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the create_ipc_ns() function in ipc/namespace.c. A local user can perform a denial of service (DoS) attack.
60) NULL pointer dereference (CVE-ID: CVE-2024-49871)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the adp5589_keypad_add() and adp5589_probe() functions in drivers/input/keyboard/adp5589-keys.c. A local user can perform a denial of service (DoS) attack.
61) Improper locking (CVE-ID: CVE-2024-47678)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the icmpv6_mask_allow(), icmpv6_global_allow(), icmpv6_xrlim_allow(), icmp6_send() and icmpv6_echo_reply() functions in net/ipv6/icmp.c, within the __SPIN_LOCK_UNLOCKED(), icmpv4_mask_allow(), icmpv4_global_allow(), icmpv4_xrlim_allow(), icmp_reply() and __icmp_send() functions in net/ipv4/icmp.c. A local user can perform a denial of service (DoS) attack.
62) NULL pointer dereference (CVE-ID: CVE-2024-47720)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn30_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/dcn30/dcn30_hwseq.c. A local user can perform a denial of service (DoS) attack.
63) Input validation error (CVE-ID: CVE-2024-53059)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the iwl_mvm_disconnect_iterator() and iwl_mvm_send_recovery_cmd() functions in drivers/net/wireless/intel/iwlwifi/mvm/fw.c. A local user can perform a denial of service (DoS) attack.
64) NULL pointer dereference (CVE-ID: CVE-2024-56685)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mt8195_mt6359_soc_card_probe() function in sound/soc/mediatek/mt8195/mt8195-mt6359.c, within the mt8192_mt6359_legacy_probe() and mt8192_mt6359_soc_card_probe() functions in sound/soc/mediatek/mt8192/mt8192-mt6359-rt1015-rt5682.c, within the mt8188_mt6359_soc_card_probe() function in sound/soc/mediatek/mt8188/mt8188-mt6359.c. A local user can perform a denial of service (DoS) attack.
65) NULL pointer dereference (CVE-ID: CVE-2024-56702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the SEC() function in tools/testing/selftests/bpf/progs/test_tp_btf_nullable.c, within the reg_btf_record(), check_ptr_to_btf_access(), check_mem_access(), check_func_arg(), btf_check_func_arg_match(), check_kfunc_args(), sanitize_check_bounds(), adjust_ptr_min_max_vals() and convert_ctx_accesses() functions in kernel/bpf/verifier.c, within the btf_ctx_access() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
66) Double free (CVE-ID: CVE-2024-50071)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ma35_pinctrl_dt_node_to_map_func() function in drivers/pinctrl/nuvoton/pinctrl-ma35.c. A local user can perform a denial of service (DoS) attack.
67) Memory leak (CVE-ID: CVE-2024-56534)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the brelse() and isofs_get_tree() functions in fs/isofs/inode.c. A local user can perform a denial of service (DoS) attack.
68) Memory leak (CVE-ID: CVE-2024-56745)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the reset_method_store() function in drivers/pci/pci.c. A local user can perform a denial of service (DoS) attack.
69) NULL pointer dereference (CVE-ID: CVE-2024-53154)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the applnco_probe() function in drivers/clk/clk-apple-nco.c. A local user can perform a denial of service (DoS) attack.
70) Improper locking (CVE-ID: CVE-2024-47736)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the z_erofs_fill_bio_vec(), folio_lock(), folio_put() and z_erofs_submit_queue() functions in fs/erofs/zdata.c. A local user can perform a denial of service (DoS) attack.
71) Improper locking (CVE-ID: CVE-2024-49965)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ocfs2_read_blocks() function in fs/ocfs2/buffer_head_io.c. A local user can perform a denial of service (DoS) attack.
72) Use-after-free (CVE-ID: CVE-2024-47701)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_find_inline_entry() function in fs/ext4/inline.c. A local user can escalate privileges on the system.
73) Use-after-free (CVE-ID: CVE-2024-50159)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the scmi_debugfs_common_setup() function in drivers/firmware/arm_scmi/driver.c. A local user can escalate privileges on the system.
74) Improper error handling (CVE-ID: CVE-2024-50040)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the igb_io_resume() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
75) Improper locking (CVE-ID: CVE-2024-50274)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the idpf_handle_event_link() function in drivers/net/ethernet/intel/idpf/idpf_virtchnl.c, within the idpf_initiate_soft_reset() function in drivers/net/ethernet/intel/idpf/idpf_lib.c, within the idpf_set_msglevel() function in drivers/net/ethernet/intel/idpf/idpf_ethtool.c. A local user can perform a denial of service (DoS) attack.
76) Use-after-free (CVE-ID: CVE-2024-49876)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the get_submit_wq(), xe_guc_submit_init(), __release_guc_id() and __guc_exec_queue_fini_async() functions in drivers/gpu/drm/xe/xe_guc_submit.c, within the xe_device_destroy() and xe_device_create() functions in drivers/gpu/drm/xe/xe_device.c. A local user can escalate privileges on the system.
77) Out-of-bounds read (CVE-ID: CVE-2024-49895)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm3_helper_translate_curve_to_degamma_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn30/dcn30_cm_common.c. A local user can perform a denial of service (DoS) attack.
78) Buffer overflow (CVE-ID: CVE-2024-50189)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the amd_sfh_hid_client_init() and amd_sfh_hid_client_deinit() functions in drivers/hid/amd-sfh-hid/amd_sfh_client.c. A local user can perform a denial of service (DoS) attack.
79) Double free (CVE-ID: CVE-2024-56704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the xen_9pfs_front_free() function in net/9p/trans_xen.c. A local user can perform a denial of service (DoS) attack.
80) NULL pointer dereference (CVE-ID: CVE-2024-47681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mt7996_mcu_sta_bfer_he() function in drivers/net/wireless/mediatek/mt76/mt7996/mcu.c. A local user can perform a denial of service (DoS) attack.
81) Buffer overflow (CVE-ID: CVE-2024-53106)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ima_eventdigest_init_common() function in security/integrity/ima/ima_template_lib.c. A local user can perform a denial of service (DoS) attack.
82) Improper locking (CVE-ID: CVE-2024-56744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the system_going_down() and f2fs_handle_critical_error() functions in fs/f2fs/super.c, within the f2fs_stop_checkpoint() function in fs/f2fs/checkpoint.c. A local user can perform a denial of service (DoS) attack.
83) Out-of-bounds write (CVE-ID: CVE-2024-53197)
The vulnerability allows a local user to compromise the affected system.
The vulnerability exists due to an out-of-bounds write error within the snd_usb_create_quirk(), snd_usb_extigy_boot_quirk(), mbox2_setup_48_24_magic() and snd_usb_mbox2_boot_quirk() functions in sound/usb/quirks.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
Note, the vulnerability is being actively exploited against Android devices.
84) Improper error handling (CVE-ID: CVE-2024-50120)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the smb3_reconfigure() function in fs/smb/client/fs_context.c. A local user can perform a denial of service (DoS) attack.
85) Input validation error (CVE-ID: CVE-2024-50204)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the copy_mnt_ns() function in fs/namespace.c. A local user can perform a denial of service (DoS) attack.
86) Resource management error (CVE-ID: CVE-2024-50184)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the virtio_pmem_flush() function in drivers/nvdimm/nd_virtio.c. A local user can perform a denial of service (DoS) attack.
87) Use-after-free (CVE-ID: CVE-2024-53095)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the clean_demultiplex_info(), cifs_put_tcp_session() and generic_ip_connect() functions in fs/smb/client/connect.c. A local user can escalate privileges on the system.
88) Input validation error (CVE-ID: CVE-2024-50101)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the domain_context_clear_one_cb() function in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.
89) Integer overflow (CVE-ID: CVE-2024-53146)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the decode_cb_compound4res() function in fs/nfsd/nfs4callback.c. A local user can execute arbitrary code.
90) Improper error handling (CVE-ID: CVE-2024-50256)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nf_reject6_fill_skb_dst() and nf_send_reset6() functions in net/ipv6/netfilter/nf_reject_ipv6.c. A local user can perform a denial of service (DoS) attack.
91) NULL pointer dereference (CVE-ID: CVE-2024-53226)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hns_roce_set_page() and hns_roce_map_mr_sg() functions in drivers/infiniband/hw/hns/hns_roce_mr.c. A local user can perform a denial of service (DoS) attack.
92) Use-after-free (CVE-ID: CVE-2024-47712)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wilc_parse_join_bss_param() function in drivers/net/wireless/microchip/wilc1000/hif.c. A local user can escalate privileges on the system.
93) Reachable assertion (CVE-ID: CVE-2024-50137)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the jh71x0_reset_status() function in drivers/reset/starfive/reset-starfive-jh71x0.c. A local user can perform a denial of service (DoS) attack.
94) NULL pointer dereference (CVE-ID: CVE-2024-53131)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __nilfs_get_page_block() function in fs/nilfs2/page.c. A local user can perform a denial of service (DoS) attack.
95) Improper error handling (CVE-ID: CVE-2024-49888)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the do_misc_fixups() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
96) Double free (CVE-ID: CVE-2024-50235)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the _cfg80211_unregister_wdev() function in net/wireless/core.c. A local user can perform a denial of service (DoS) attack.
97) Improper locking (CVE-ID: CVE-2024-50047)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the SMB2_negotiate() function in fs/smb/client/smb2pdu.c, within the smb2_get_enc_key(), crypt_message(), smb3_init_transform_rq() and decrypt_raw_data() functions in fs/smb/client/smb2ops.c. A local user can perform a denial of service (DoS) attack.
98) NULL pointer dereference (CVE-ID: CVE-2024-50224)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dspi_setup() function in drivers/spi/spi-fsl-dspi.c. A local user can perform a denial of service (DoS) attack.
99) Input validation error (CVE-ID: CVE-2024-50142)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the verify_newsa_info() function in net/xfrm/xfrm_user.c. A local user can perform a denial of service (DoS) attack.
100) Reachable assertion (CVE-ID: CVE-2024-50200)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the mte_node_or_none(), mas_wr_walk(), mas_wr_walk_index() and mas_wr_spanning_store() functions in lib/maple_tree.c. A local user can perform a denial of service (DoS) attack.
101) Improper locking (CVE-ID: CVE-2024-53085)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tpm_pm_suspend() and tpm_get_random() functions in drivers/char/tpm/tpm-interface.c, within the tpm_hwrng_read() function in drivers/char/tpm/tpm-chip.c. A local user can perform a denial of service (DoS) attack.
102) Input validation error (CVE-ID: CVE-2024-49892)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the calculate_ttu_cursor() function in drivers/gpu/drm/amd/display/dc/dml/dcn21/display_rq_dlg_calc_21.c, within the calculate_ttu_cursor() function in drivers/gpu/drm/amd/display/dc/dml/dcn20/display_rq_dlg_calc_20v2.c. A local user can perform a denial of service (DoS) attack.
103) Improper error handling (CVE-ID: CVE-2024-50263)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dup_mmap() and vma_iter_free() functions in kernel/fork.c. A local user can perform a denial of service (DoS) attack.
104) Out-of-bounds read (CVE-ID: CVE-2024-53150)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the DESC_LENGTH_CHECK(), validate_clock_source() and validate_clock_selector() functions in sound/usb/clock.c. A local user can perform a denial of service (DoS) attack.
105) Memory leak (CVE-ID: CVE-2024-53121)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lookup_fte_locked() function in drivers/net/ethernet/mellanox/mlx5/core/fs_core.c. A local user can perform a denial of service (DoS) attack.
106) Input validation error (CVE-ID: CVE-2024-49977)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tc_setup_cbs() function in drivers/net/ethernet/stmicro/stmmac/stmmac_tc.c. A local user can perform a denial of service (DoS) attack.
107) Resource management error (CVE-ID: CVE-2024-50144)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the xe_vm_invalidate_vma() function in drivers/gpu/drm/xe/xe_vm.c, within the tlb_timeout_jiffies(), send_tlb_invalidation(), xe_gt_tlb_invalidation_ggtt() and xe_gt_tlb_invalidation_fence_init() functions in drivers/gpu/drm/xe/xe_gt_tlb_invalidation.c. A local user can perform a denial of service (DoS) attack.
108) Use-after-free (CVE-ID: CVE-2024-50127)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the taprio_change() function in net/sched/sch_taprio.c. A local user can escalate privileges on the system.
109) NULL pointer dereference (CVE-ID: CVE-2024-53092)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vp_avq_index() and vp_modern_avq_cleanup() functions in drivers/virtio/virtio_pci_modern.c, within the MODULE_PARM_DESC(), vp_del_vq(), vp_del_vqs() and vp_find_one_vq_msix() functions in drivers/virtio/virtio_pci_common.c. A local user can perform a denial of service (DoS) attack.
110) Memory leak (CVE-ID: CVE-2024-50265)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ocfs2_xa_remove() function in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.
111) Resource management error (CVE-ID: CVE-2024-56691)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the wcove_typec_probe() function in drivers/usb/typec/tcpm/wcove.c, within the ARRAY_SIZE(), bxtwc_add_chained_irq_chip() and bxtwc_probe() functions in drivers/mfd/intel_soc_pmic_bxtwc.c. A local user can perform a denial of service (DoS) attack.
112) NULL pointer dereference (CVE-ID: CVE-2024-53069)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the DEFINE_SPINLOCK() function in drivers/firmware/qcom/qcom_scm.c. A local user can perform a denial of service (DoS) attack.
113) Out-of-bounds read (CVE-ID: CVE-2024-49902)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAdjTree() and dbFindLeaf() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
114) Race condition (CVE-ID: CVE-2024-47715)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the EXPORT_SYMBOL_GPL() function in drivers/net/wireless/mediatek/mt76/mac80211.c. A local user can escalate privileges on the system.
115) Input validation error (CVE-ID: CVE-2024-56720)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sk_msg_shift_left() and BPF_CALL_4() functions in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
116) Buffer overflow (CVE-ID: CVE-2024-53127)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dw_mci_init_slot() function in drivers/mmc/host/dw_mmc.c. A local user can perform a denial of service (DoS) attack.
117) Use of uninitialized resource (CVE-ID: CVE-2024-53142)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the do_name() and do_copy() functions in init/initramfs.c. A local user can perform a denial of service (DoS) attack.
118) Off-by-one (CVE-ID: CVE-2024-49862)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the get_rpi() function in drivers/powercap/intel_rapl_common.c. A local user can perform a denial of service (DoS) attack.
119) NULL pointer dereference (CVE-ID: CVE-2024-49918)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn32_acquire_idle_pipe_for_head_pipe_in_layer() function in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c. A local user can perform a denial of service (DoS) attack.
120) Buffer overflow (CVE-ID: CVE-2024-56684)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the cmdq_get_clocks() function in drivers/mailbox/mtk-cmdq-mailbox.c. A local user can perform a denial of service (DoS) attack.
121) Buffer overflow (CVE-ID: CVE-2024-50208)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the bnxt_qplib_alloc_init_hwq() function in drivers/infiniband/hw/bnxt_re/qplib_res.c. A local user can escalate privileges on the system.
122) Resource management error (CVE-ID: CVE-2024-53189)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nl80211_parse_sched_scan() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
123) NULL pointer dereference (CVE-ID: CVE-2024-50103)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the asoc_qcom_lpass_cpu_platform_probe() function in sound/soc/qcom/lpass-cpu.c. A local user can perform a denial of service (DoS) attack.
124) Use-after-free (CVE-ID: CVE-2024-56756)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_free_host_mem(), __nvme_alloc_host_mem() and kfree() functions in drivers/nvme/host/pci.c. A local user can escalate privileges on the system.
125) NULL pointer dereference (CVE-ID: CVE-2024-50273)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the insert_delayed_ref() function in fs/btrfs/delayed-ref.c. A local user can perform a denial of service (DoS) attack.
126) NULL pointer dereference (CVE-ID: CVE-2024-56536)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cw1200_spi_suspend() function in drivers/net/wireless/st/cw1200/cw1200_spi.c. A local user can perform a denial of service (DoS) attack.
127) Use-after-free (CVE-ID: CVE-2024-53068)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL(), __scmi_device_destroy() and __scmi_device_create() functions in drivers/firmware/arm_scmi/bus.c. A local user can escalate privileges on the system.
128) Resource management error (CVE-ID: CVE-2024-49878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the EXPORT_SYMBOL_GPL() function in kernel/resource.c. A local user can perform a denial of service (DoS) attack.
129) NULL pointer dereference (CVE-ID: CVE-2024-47705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blk_add_partition() function in block/partitions/core.c. A local user can perform a denial of service (DoS) attack.
130) NULL pointer dereference (CVE-ID: CVE-2024-53113)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the alloc_pages_bulk_noprof() function in mm/page_alloc.c. A local user can perform a denial of service (DoS) attack.
131) Out-of-bounds read (CVE-ID: CVE-2024-50129)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the pse_release_pis() and of_pse_match_pi() functions in drivers/net/pse-pd/pse_core.c. A local user can perform a denial of service (DoS) attack.
132) NULL pointer dereference (CVE-ID: CVE-2024-49942)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xe_bo_move() function in drivers/gpu/drm/xe/xe_bo.c. A local user can perform a denial of service (DoS) attack.
133) Resource management error (CVE-ID: CVE-2024-50100)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dummy_urb_enqueue(), dummy_urb_dequeue(), dummy_timer(), dummy_bus_resume() and dummy_stop() functions in drivers/usb/gadget/udc/dummy_hcd.c. A local user can perform a denial of service (DoS) attack.
134) Out-of-bounds read (CVE-ID: CVE-2024-49930)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can perform a denial of service (DoS) attack.
135) Improper locking (CVE-ID: CVE-2024-50043)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfsd4_free_stateid() function in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.
136) Memory leak (CVE-ID: CVE-2024-53198)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xenbus_dev_probe() function in drivers/xen/xenbus/xenbus_probe.c. A local user can perform a denial of service (DoS) attack.
137) Use of uninitialized resource (CVE-ID: CVE-2024-49861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the sizeof() function in net/core/filter.c, within the sizeof() function in kernel/trace/bpf_trace.c, within the arg_type_is_dynptr() function in kernel/bpf/verifier.c, within the sizeof() function in kernel/bpf/syscall.c, within the sizeof() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
138) Use-after-free (CVE-ID: CVE-2024-50124)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ISO_CONN_TIMEOUT(), iso_sock_timeout() and iso_conn_del() functions in net/bluetooth/iso.c. A local user can escalate privileges on the system.
139) Buffer overflow (CVE-ID: CVE-2024-50209)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bnxt_qplib_alloc_init_hwq() function in drivers/infiniband/hw/bnxt_re/qplib_res.c. A local user can perform a denial of service (DoS) attack.
140) Buffer overflow (CVE-ID: CVE-2024-53187)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the io_pin_pages() function in io_uring/memmap.c. A local user can escalate privileges on the system.
141) Race condition (CVE-ID: CVE-2024-49864)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rxrpc_open_socket() function in net/rxrpc/local_object.c, within the rxrpc_encap_rcv() and rxrpc_io_thread() functions in net/rxrpc/io_thread.c. A local user can escalate privileges on the system.
142) NULL pointer dereference (CVE-ID: CVE-2024-56689)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pci_epf_mhi_bind() function in drivers/pci/endpoint/functions/pci-epf-mhi.c. A local user can perform a denial of service (DoS) attack.
143) Improper locking (CVE-ID: CVE-2024-50294)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rxrpc_connect_client_calls() and rxrpc_disconnect_client_call() functions in net/rxrpc/conn_client.c. A local user can perform a denial of service (DoS) attack.
144) Use-after-free (CVE-ID: CVE-2024-47706)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_init_rq() function in block/bfq-iosched.c. A local user can escalate privileges on the system.
145) NULL pointer dereference (CVE-ID: CVE-2024-50186)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __sock_create() function in net/socket.c. A local user can perform a denial of service (DoS) attack.
146) Improper locking (CVE-ID: CVE-2024-53086)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xe_sync_in_fence_get() function in drivers/gpu/drm/xe/xe_exec.c. A local user can perform a denial of service (DoS) attack.
147) Resource management error (CVE-ID: CVE-2024-49954)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the static_call_module_notify() function in kernel/static_call_inline.c. A local user can perform a denial of service (DoS) attack.
148) Input validation error (CVE-ID: CVE-2024-56692)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the truncate_node() function in fs/f2fs/node.c. A local user can perform a denial of service (DoS) attack.
149) Improper locking (CVE-ID: CVE-2024-47679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the spin_lock() function in fs/inode.c. A local user can perform a denial of service (DoS) attack.
150) Resource management error (CVE-ID: CVE-2024-53109)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the delete_vma_from_mm() function in mm/nommu.c. A local user can perform a denial of service (DoS) attack.
151) Buffer overflow (CVE-ID: CVE-2024-50001)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mlx5e_sq_xmit_mpwqe() function in drivers/net/ethernet/mellanox/mlx5/core/en_tx.c. A local user can perform a denial of service (DoS) attack.
152) Use-after-free (CVE-ID: CVE-2024-49983)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_ext_replay_update_ex() function in fs/ext4/extents.c. A local user can escalate privileges on the system.
153) Input validation error (CVE-ID: CVE-2024-56679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the otx2_get_max_mtu() function in drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.c. A local user can perform a denial of service (DoS) attack.
154) Improper error handling (CVE-ID: CVE-2024-50034)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the smc_sync_mss() function in net/smc/smc_inet.c. A local user can perform a denial of service (DoS) attack.
155) Double free (CVE-ID: CVE-2024-50276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mse102x_tx_frame_spi() function in drivers/net/ethernet/vertexcom/mse102x.c. A local user can perform a denial of service (DoS) attack.
156) Resource management error (CVE-ID: CVE-2024-56680)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ipu6_pci_reset_done() function in drivers/media/pci/intel/ipu6/ipu6.c, within the ipu6_buttress_isr() function in drivers/media/pci/intel/ipu6/ipu6-buttress.c. A local user can perform a denial of service (DoS) attack.
157) Incorrect calculation (CVE-ID: CVE-2024-49988)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the session_fd_check() and ksmbd_reopen_durable_fd() functions in fs/smb/server/vfs_cache.c, within the alloc_opinfo(), free_opinfo(), opinfo_get_list(), smb_send_parent_lease_break_noti(), smb_lazy_parent_lease_break_close(), smb_grant_oplock(), smb_break_all_write_oplock() and smb_break_all_levII_oplock() functions in fs/smb/server/oplock.c, within the ksmbd_conn_free() and ksmbd_conn_alloc() functions in fs/smb/server/connection.c. A local user can perform a denial of service (DoS) attack.
158) Out-of-bounds read (CVE-ID: CVE-2024-53099)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bpf_link_show_fdinfo() function in kernel/bpf/syscall.c. A local user can perform a denial of service (DoS) attack.
159) Incorrect calculation (CVE-ID: CVE-2024-50021)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the ice_dpll_init_rclk_pins() function in drivers/net/ethernet/intel/ice/ice_dpll.c. A local user can perform a denial of service (DoS) attack.
160) Buffer overflow (CVE-ID: CVE-2024-50022)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dax_set_mapping() function in drivers/dax/device.c. A local user can perform a denial of service (DoS) attack.
161) Resource management error (CVE-ID: CVE-2024-50136)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mlx5_eswitch_enable_locked() function in drivers/net/ethernet/mellanox/mlx5/core/eswitch.c. A local user can perform a denial of service (DoS) attack.
162) Improper locking (CVE-ID: CVE-2024-53193)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/clk/clk-loongson2.c. A local user can perform a denial of service (DoS) attack.
163) Memory leak (CVE-ID: CVE-2024-50220)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mmap_write_unlock() function in kernel/fork.c, within the dup_userfaultfd_complete() function in fs/userfaultfd.c. A local user can perform a denial of service (DoS) attack.
164) Buffer overflow (CVE-ID: CVE-2024-49858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the efi_retrieve_tpm2_eventlog() function in drivers/firmware/efi/libstub/tpm.c. A local user can perform a denial of service (DoS) attack.
165) Improper locking (CVE-ID: CVE-2024-50229)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_symlink() function in fs/nilfs2/namei.c. A local user can perform a denial of service (DoS) attack.
166) Out-of-bounds read (CVE-ID: CVE-2024-50074)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_active_device(), do_autoprobe(), do_hardware_base_addr(), do_hardware_irq(), do_hardware_dma() and do_hardware_modes() functions in drivers/parport/procfs.c. A local user can perform a denial of service (DoS) attack.
167) NULL pointer dereference (CVE-ID: CVE-2024-50002)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the static_call_del_module() function in kernel/static_call_inline.c. A local user can perform a denial of service (DoS) attack.
168) Memory leak (CVE-ID: CVE-2024-53117)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the virtio_transport_send_pkt_info() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.
169) Improper error handling (CVE-ID: CVE-2024-50176)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dev_err() and rproc_del() functions in drivers/remoteproc/ti_k3_r5_remoteproc.c. A local user can perform a denial of service (DoS) attack.
170) Input validation error (CVE-ID: CVE-2024-50075)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tegra_xusb_enter_elpg() function in drivers/usb/host/xhci-tegra.c. A local user can perform a denial of service (DoS) attack.
171) Input validation error (CVE-ID: CVE-2024-50045)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the br_nf_dev_queue_xmit() function in net/bridge/br_netfilter_hooks.c. A local user can perform a denial of service (DoS) attack.
172) Use-after-free (CVE-ID: CVE-2024-49924)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pxafb_remove() function in drivers/video/fbdev/pxafb.c. A local user can escalate privileges on the system.
173) Out-of-bounds read (CVE-ID: CVE-2024-47686)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ep93xx_div_recalc_rate() function in arch/arm/mach-ep93xx/clock.c. A local user can perform a denial of service (DoS) attack.
174) NULL pointer dereference (CVE-ID: CVE-2024-50104)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sdm845_snd_startup() and sdm845_snd_shutdown() functions in sound/soc/qcom/sdm845.c. A local user can perform a denial of service (DoS) attack.
175) Out-of-bounds read (CVE-ID: CVE-2024-47714)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mt7996_mcu_sta_bfer_tlv() function in drivers/net/wireless/mediatek/mt76/mt7996/mcu.c. A local user can perform a denial of service (DoS) attack.
176) Buffer overflow (CVE-ID: CVE-2024-50291)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dvb_vb2_querybuf() function in drivers/media/dvb-core/dvb_vb2.c. A local user can perform a denial of service (DoS) attack.
177) NULL pointer dereference (CVE-ID: CVE-2024-49929)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iwl_mvm_tx_mpdu() and iwl_mvm_tx_skb_sta() functions in drivers/net/wireless/intel/iwlwifi/mvm/tx.c. A local user can perform a denial of service (DoS) attack.
178) Improper error handling (CVE-ID: CVE-2024-53215)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the svc_rdma_proc_init() function in net/sunrpc/xprtrdma/svc_rdma.c. A local user can perform a denial of service (DoS) attack.
179) Improper locking (CVE-ID: CVE-2024-50157)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the is_dbr_fifo_full() and __wait_for_fifo_occupancy_below_th() functions in drivers/infiniband/hw/bnxt_re/main.c. A local user can perform a denial of service (DoS) attack.
180) NULL pointer dereference (CVE-ID: CVE-2024-50147)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_cmd_comp_handler(), mlx5_cmd_trigger_completions() and mlx5_cmd_enable() functions in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.
181) NULL pointer dereference (CVE-ID: CVE-2024-49898)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the subvp_drr_schedulable() and subvp_vblank_schedulable() functions in drivers/gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c. A local user can perform a denial of service (DoS) attack.
182) Use of uninitialized resource (CVE-ID: CVE-2024-50164)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the check_helper_mem_access(), check_mem_size_reg(), check_mem_reg(), check_kfunc_mem_size_reg() and verbose() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
183) Use-after-free (CVE-ID: CVE-2024-47711)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the TEST_F() function in tools/testing/selftests/net/af_unix/msg_oob.c, within the manage_oob() and unix_ioctl() functions in net/unix/af_unix.c. A local user can escalate privileges on the system.
184) Input validation error (CVE-ID: CVE-2024-53082)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the virtnet_probe() function in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
185) Input validation error (CVE-ID: CVE-2024-50230)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nilfs_clear_dirty_page() function in fs/nilfs2/page.c. A local user can perform a denial of service (DoS) attack.
186) Use-after-free (CVE-ID: CVE-2024-50152)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_set_ea() function in fs/smb/client/smb2ops.c. A local user can escalate privileges on the system.
187) Use-after-free (CVE-ID: CVE-2024-53218)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the f2fs_do_shutdown() function in fs/f2fs/file.c. A local user can escalate privileges on the system.
188) NULL pointer dereference (CVE-ID: CVE-2024-53199)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the imx_audmix_probe() function in sound/soc/fsl/imx-audmix.c. A local user can perform a denial of service (DoS) attack.
189) Integer overflow (CVE-ID: CVE-2024-50253)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the __aligned() and bpf_iter_bits_new() functions in kernel/bpf/helpers.c. A local user can execute arbitrary code.
190) Input validation error (CVE-ID: CVE-2024-47754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vdec_h264_slice_single_decode() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_h264_req_multi_if.c. A local user can perform a denial of service (DoS) attack.
191) NULL pointer dereference (CVE-ID: CVE-2024-49910)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn401_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/hwss/dcn401/dcn401_hwseq.c. A local user can perform a denial of service (DoS) attack.
192) Input validation error (CVE-ID: CVE-2024-53137)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the bad_syscall() and __do_cache_op() functions in arch/arm/kernel/traps.c. A local user can perform a denial of service (DoS) attack.
193) Out-of-bounds read (CVE-ID: CVE-2024-50128)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wwan/wwan_core.c. A local user can perform a denial of service (DoS) attack.
194) Improper locking (CVE-ID: CVE-2024-50044)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rfcomm_sock_ioctl() function in net/bluetooth/rfcomm/sock.c. A local user can perform a denial of service (DoS) attack.
195) Memory leak (CVE-ID: CVE-2024-47719)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iopt_alloc_iova() function in drivers/iommu/iommufd/io_pagetable.c. A local user can perform a denial of service (DoS) attack.
196) NULL pointer dereference (CVE-ID: CVE-2024-53188)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath12k_dp_cc_cleanup() function in drivers/net/wireless/ath/ath12k/dp.c. A local user can perform a denial of service (DoS) attack.
197) Buffer overflow (CVE-ID: CVE-2024-53061)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the exynos4_jpeg_parse_decode_h_tbl(), get_word_be() and s5p_jpeg_parse_hdr() functions in drivers/media/platform/s5p-jpeg/jpeg-core.c. A local user can escalate privileges on the system.
198) NULL pointer dereference (CVE-ID: CVE-2024-49944)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sctp_listen_start() function in net/sctp/socket.c. A local user can perform a denial of service (DoS) attack.
199) Input validation error (CVE-ID: CVE-2024-50091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the process_update_result(), process_query_result() and timeout_index_operations_callback() functions in drivers/md/dm-vdo/dedupe.c. A local user can perform a denial of service (DoS) attack.
200) Use-after-free (CVE-ID: CVE-2024-49945)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ncsi_unregister_dev() function in net/ncsi/ncsi-manage.c. A local user can escalate privileges on the system.
201) Resource management error (CVE-ID: CVE-2024-50119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cifs_init_netfs() function in fs/smb/client/cifsfs.c. A local user can perform a denial of service (DoS) attack.
202) NULL pointer dereference (CVE-ID: CVE-2024-50133)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the stack_top() function in arch/loongarch/kernel/process.c. A local user can perform a denial of service (DoS) attack.
203) Use of uninitialized resource (CVE-ID: CVE-2024-50033)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the slhc_remember() function in drivers/net/slip/slhc.c. A local user can perform a denial of service (DoS) attack.
204) Use of uninitialized resource (CVE-ID: CVE-2024-53083)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the qcom_pmic_typec_pdphy_pd_transmit_payload() function in drivers/usb/typec/tcpm/qcom/qcom_pmic_typec_pdphy.c. A local user can perform a denial of service (DoS) attack.
205) Improper locking (CVE-ID: CVE-2024-50138)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the bpf_ringbuf_alloc() and __bpf_ringbuf_reserve() functions in kernel/bpf/ringbuf.c. A local user can perform a denial of service (DoS) attack.
206) Infinite loop (CVE-ID: CVE-2024-49872)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the memfd_pin_folios() function in mm/gup.c. A local user can perform a denial of service (DoS) attack.
207) Improper locking (CVE-ID: CVE-2024-50140)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the task_work_add() function in kernel/task_work.c, within the task_tick_mm_cid() function in kernel/sched/core.c. A local user can perform a denial of service (DoS) attack.
208) Input validation error (CVE-ID: CVE-2024-56727)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the otx2_alloc_mcam_entries() and otx2_mcam_entry_init() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_flows.c. A local user can perform a denial of service (DoS) attack.
209) Input validation error (CVE-ID: CVE-2024-50003)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dmub_hpd_callback() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
210) Buffer overflow (CVE-ID: CVE-2024-50015)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ext4_handle_inode_extension(), ext4_dio_write_iter() and ext4_dax_write_iter() functions in fs/ext4/file.c. A local user can escalate privileges on the system.
211) Use-after-free (CVE-ID: CVE-2024-50303)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the walk_system_ram_res_rev() function in kernel/resource.c. A local user can escalate privileges on the system.
212) Input validation error (CVE-ID: CVE-2024-50258)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the NLA_POLICY_MIN() function in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.
213) Use-after-free (CVE-ID: CVE-2024-49867)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the close_ctree() function in fs/btrfs/disk-io.c. A local user can escalate privileges on the system.
214) Improper error handling (CVE-ID: CVE-2024-50116)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nilfs_forget_buffer() and nilfs_clear_dirty_page() functions in fs/nilfs2/page.c. A local user can perform a denial of service (DoS) attack.
215) Improper error handling (CVE-ID: CVE-2024-47716)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/arm/vfp/vfpinstr.h. A local user can perform a denial of service (DoS) attack.
216) NULL pointer dereference (CVE-ID: CVE-2024-50132)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __trace_uprobe_create() function in kernel/trace/trace_uprobe.c, within the __trace_kprobe_create() function in kernel/trace/trace_kprobe.c, within the __trace_fprobe_create() function in kernel/trace/trace_fprobe.c, within the __trace_eprobe_create() function in kernel/trace/trace_eprobe.c. A local user can perform a denial of service (DoS) attack.
217) Double free (CVE-ID: CVE-2024-50055)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the bus_remove_file() function in drivers/base/bus.c. A local user can perform a denial of service (DoS) attack.
218) Use-after-free (CVE-ID: CVE-2024-49950)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_connect_req() function in net/bluetooth/l2cap_core.c, within the hci_remote_features_evt() function in net/bluetooth/hci_event.c, within the hci_acldata_packet() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
219) Buffer overflow (CVE-ID: CVE-2024-50203)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the prepare_trampoline() function in arch/arm64/net/bpf_jit_comp.c. A local user can escalate privileges on the system.
220) Out-of-bounds read (CVE-ID: CVE-2024-47695)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the init_conns() function in drivers/infiniband/ulp/rtrs/rtrs-clt.c. A local user can perform a denial of service (DoS) attack.
221) Buffer overflow (CVE-ID: CVE-2024-50250)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the dax_unshare_iter() function in fs/dax.c. A local user can escalate privileges on the system.
222) Memory leak (CVE-ID: CVE-2024-50165)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bpf_parse_param() function in kernel/bpf/inode.c. A local user can perform a denial of service (DoS) attack.
223) NULL pointer dereference (CVE-ID: CVE-2024-50156)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_disp_state_dump_regs() and msm_disp_state_print() functions in drivers/gpu/drm/msm/disp/msm_disp_snapshot_util.c. A local user can perform a denial of service (DoS) attack.
224) NULL pointer dereference (CVE-ID: CVE-2024-56700)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fmc_send_cmd() function in drivers/media/radio/wl128x/fmdrv_common.c. A local user can perform a denial of service (DoS) attack.
225) NULL pointer dereference (CVE-ID: CVE-2024-49913)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the commit_planes_for_stream() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
226) NULL pointer dereference (CVE-ID: CVE-2024-50281)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the do_aead_crypto() function in security/keys/trusted-keys/trusted_dcp.c. A local user can perform a denial of service (DoS) attack.
227) Resource management error (CVE-ID: CVE-2024-53045)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dapm_widget_list_create() function in sound/soc/soc-dapm.c. A local user can perform a denial of service (DoS) attack.
228) NULL pointer dereference (CVE-ID: CVE-2024-49998)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() and dsa_switch_shutdown() functions in net/dsa/dsa.c. A local user can perform a denial of service (DoS) attack.
229) Improper Initialization (CVE-ID: CVE-2024-53180)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the snd_pcm_mmap_data_fault() function in sound/core/pcm_native.c. A local user can perform a denial of service (DoS) attack.
230) Improper locking (CVE-ID: CVE-2024-50271)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dec_rlimit_put_ucounts() and inc_rlimit_get_ucounts() functions in kernel/ucount.c, within the __sigqueue_alloc() function in kernel/signal.c. A local user can perform a denial of service (DoS) attack.
231) Use-after-free (CVE-ID: CVE-2024-50286)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ksmbd_expire_session() and ksmbd_sessions_deregister() functions in fs/smb/server/mgmt/user_session.c. A local user can escalate privileges on the system.
232) Improper error handling (CVE-ID: CVE-2024-49887)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the MAIN_SECS() and spin_unlock() functions in fs/f2fs/segment.c. A local user can perform a denial of service (DoS) attack.
233) Use-after-free (CVE-ID: CVE-2024-53168)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xs_create_sock() function in net/sunrpc/xprtsock.c, within the svc_create_socket() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.
234) Use-after-free (CVE-ID: CVE-2024-47676)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vmf_anon_prepare(), hugetlb_no_page() and hugetlb_vma_unlock_read() functions in mm/hugetlb.c. A local user can escalate privileges on the system.
235) Improper locking (CVE-ID: CVE-2024-47726)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the f2fs_setattr() and f2fs_fallocate() functions in fs/f2fs/file.c. A local user can perform a denial of service (DoS) attack.
236) Use-after-free (CVE-ID: CVE-2024-47732)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the remove_device_compression_modes() function in drivers/crypto/intel/iaa/iaa_crypto_main.c. A local user can escalate privileges on the system.
237) NULL pointer dereference (CVE-ID: CVE-2024-47704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the set_hpo_dp_throttled_vcp_size() and disable_hpo_dp_link_output() functions in drivers/gpu/drm/amd/display/dc/link/hwss/link_hwss_hpo_dp.c. A local user can perform a denial of service (DoS) attack.
238) Improper locking (CVE-ID: CVE-2024-49980)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vrf_finish_direct() function in drivers/net/vrf.c. A local user can perform a denial of service (DoS) attack.
239) Out-of-bounds read (CVE-ID: CVE-2024-49931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wireless/ath/ath12k/dp_rx.c. A local user can perform a denial of service (DoS) attack.
240) Infinite loop (CVE-ID: CVE-2024-53229)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the rxe_requester() function in drivers/infiniband/sw/rxe/rxe_req.c. A local user can perform a denial of service (DoS) attack.
241) Improper locking (CVE-ID: CVE-2024-50141)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the efi_pa_va_lookup(), acpi_parse_prmt() and acpi_platformrt_space_handler() functions in drivers/acpi/prmt.c. A local user can perform a denial of service (DoS) attack.
242) Buffer overflow (CVE-ID: CVE-2024-50282)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the amdgpu_debugfs_regs_smc_read() function in drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c. A local user can escalate privileges on the system.
243) Division by zero (CVE-ID: CVE-2024-50233)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ad9832_calc_freqreg() function in drivers/staging/iio/frequency/ad9832.c. A local user can perform a denial of service (DoS) attack.
244) Input validation error (CVE-ID: CVE-2024-56725)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the otx2_config_priority_flow_ctrl() function in drivers/net/ethernet/marvell/octeontx2/nic/otx2_dcbnl.c. A local user can perform a denial of service (DoS) attack.
245) NULL pointer dereference (CVE-ID: CVE-2024-50239)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qmp_usb_legacy_probe() function in drivers/phy/qualcomm/phy-qcom-qmp-usb-legacy.c. A local user can perform a denial of service (DoS) attack.
246) Input validation error (CVE-ID: CVE-2024-50299)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sctp_sf_ootb() function in net/sctp/sm_statefuns.c. A local user can perform a denial of service (DoS) attack.
247) Input validation error (CVE-ID: CVE-2024-50218)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ocfs2_remove_inode_range() function in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.
248) Resource management error (CVE-ID: CVE-2024-53072)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amd_pmc_s2d_init() function in drivers/platform/x86/amd/pmc.c. A local user can perform a denial of service (DoS) attack.
249) Use-after-free (CVE-ID: CVE-2024-49903)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the jfs_issue_discard() and jfs_ioc_trim() functions in fs/jfs/jfs_discard.c. A local user can escalate privileges on the system.
250) Input validation error (CVE-ID: CVE-2024-50163)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the BPF_CALL_3() function in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
251) Improper locking (CVE-ID: CVE-2024-53100)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_tcp_get_address() function in drivers/nvme/host/tcp.c. A local user can perform a denial of service (DoS) attack.
252) NULL pointer dereference (CVE-ID: CVE-2024-50146)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the _mlx5e_remove() function in drivers/net/ethernet/mellanox/mlx5/core/en_main.c. A local user can perform a denial of service (DoS) attack.
253) Input validation error (CVE-ID: CVE-2024-49859)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the f2fs_defragment_range(), f2fs_move_file_range() and f2fs_ioc_set_pin_file() functions in fs/f2fs/file.c. A local user can perform a denial of service (DoS) attack.
254) Out-of-bounds read (CVE-ID: CVE-2024-50227)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tb_retimer_scan() function in drivers/thunderbolt/retimer.c. A local user can perform a denial of service (DoS) attack.
255) Buffer overflow (CVE-ID: CVE-2024-50188)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the dp83869_configure_fiber() function in drivers/net/phy/dp83869.c. A local user can escalate privileges on the system.
256) Improper locking (CVE-ID: CVE-2024-56739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtc_timer_do_work() function in drivers/rtc/interface.c. A local user can perform a denial of service (DoS) attack.
257) NULL pointer dereference (CVE-ID: CVE-2024-53217)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfsd4_process_cb_update() function in fs/nfsd/nfs4callback.c. A local user can perform a denial of service (DoS) attack.
258) Memory leak (CVE-ID: CVE-2024-53118)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vsock_sk_destruct() function in net/vmw_vsock/af_vsock.c. A local user can perform a denial of service (DoS) attack.
259) Improper locking (CVE-ID: CVE-2024-49946)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ppp_channel_bridge_input() function in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.
260) Improper locking (CVE-ID: CVE-2024-53212)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the netlink_ack_tlv_len(), netlink_ack_tlv_fill(), netlink_dump_done() and netlink_ack() functions in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
261) Resource management error (CVE-ID: CVE-2024-49926)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kernel/rcu/tasks.h. A local user can perform a denial of service (DoS) attack.
262) Use-after-free (CVE-ID: CVE-2024-53177)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the SMB2_query_info_free(), invalidate_all_cached_dirs(), smb2_cached_lease_break(), cached_dir_lease_break() and cfids_laundromat_worker() functions in fs/smb/client/cached_dir.c. A local user can escalate privileges on the system.
263) Memory leak (CVE-ID: CVE-2024-56741)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the policy_unpack_test_unpack_strdup_with_null_name(), policy_unpack_test_unpack_strdup_with_name() and policy_unpack_test_unpack_strdup_out_of_bounds() functions in security/apparmor/policy_unpack_test.c. A local user can perform a denial of service (DoS) attack.
264) Resource management error (CVE-ID: CVE-2024-53234)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the z_erofs_load_compact_lcluster() and z_erofs_get_extent_decompressedlen() functions in fs/erofs/zmap.c. A local user can perform a denial of service (DoS) attack.
265) Reachable assertion (CVE-ID: CVE-2024-49932)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the relocate_one_folio() function in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.
266) Improper locking (CVE-ID: CVE-2024-50095)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the retry_send() and timeout_sends() functions in drivers/infiniband/core/mad.c. A local user can perform a denial of service (DoS) attack.
267) Memory leak (CVE-ID: CVE-2024-50190)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ice_init_tx_topology() function in drivers/net/ethernet/intel/ice/ice_main.c, within the ice_verify_pkg(), ice_chk_pkg_version(), ice_find_buf_table(), ice_update_pkg(), ice_find_seg_in_pkg(), ice_get_set_tx_topo() and ice_cfg_tx_topo() functions in drivers/net/ethernet/intel/ice/ice_ddp.c. A local user can perform a denial of service (DoS) attack.
268) Buffer overflow (CVE-ID: CVE-2024-49995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bearer_name_validate() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.
269) Improper locking (CVE-ID: CVE-2024-49976)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the stop_kthread() and stop_per_cpu_kthreads() functions in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.
270) NULL pointer dereference (CVE-ID: CVE-2024-49906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn20_program_pipe() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.
271) Buffer overflow (CVE-ID: CVE-2024-49996)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the parse_reparse_posix() and cifs_reparse_point_to_fattr() functions in fs/smb/client/reparse.c. A local user can escalate privileges on the system.
272) Resource management error (CVE-ID: CVE-2024-53049)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the test_kmalloc_redzone_access() function in lib/slub_kunit.c. A local user can perform a denial of service (DoS) attack.
273) Out-of-bounds read (CVE-ID: CVE-2024-47751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the kirin_pcie_parse_port() function in drivers/pci/controller/dwc/pcie-kirin.c. A local user can perform a denial of service (DoS) attack.
274) Use-after-free (CVE-ID: CVE-2024-56677)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the setup_arch() function in arch/powerpc/kernel/setup-common.c, within the fadump_cma_init() and fadump_reserve_mem() functions in arch/powerpc/kernel/fadump.c. A local user can escalate privileges on the system.
275) Resource management error (CVE-ID: CVE-2024-56724)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bxt_wcove_tmu_irq_handler() and bxt_wcove_tmu_probe() functions in drivers/platform/x86/intel/bxtwc_tmu.c, within the ARRAY_SIZE() and bxtwc_probe() functions in drivers/mfd/intel_soc_pmic_bxtwc.c. A local user can perform a denial of service (DoS) attack.
276) Improper locking (CVE-ID: CVE-2024-47746)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fuse_dio_wr_exclusive_lock() function in fs/fuse/file.c. A local user can perform a denial of service (DoS) attack.
277) Improper locking (CVE-ID: CVE-2024-50245)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ntfs_lookup() function in fs/ntfs3/namei.c. A local user can perform a denial of service (DoS) attack.
278) Memory leak (CVE-ID: CVE-2024-53236)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xsk_build_skb() function in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.
279) Double free (CVE-ID: CVE-2024-53191)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ath12k_dp_free() function in drivers/net/wireless/ath/ath12k/dp.c. A local user can perform a denial of service (DoS) attack.
280) Processor optimization removal or modification of security-critical code (CVE-ID: CVE-2024-50112)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to speculative execution within the arch/x86/Kconfig. A local user can gain access to sensitive information.
281) Improper error handling (CVE-ID: CVE-2024-49937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nl80211_start_radar_detection() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
282) Improper locking (CVE-ID: CVE-2024-50234)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the il_pci_resume() function in drivers/net/wireless/intel/iwlegacy/common.c. A local user can perform a denial of service (DoS) attack.
283) Use-after-free (CVE-ID: CVE-2024-50067)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uprobe_buffer_init(), prepare_uprobe_buffer() and __uprobe_trace_func() functions in kernel/trace/trace_uprobe.c. A local user can escalate privileges on the system.
284) Improper locking (CVE-ID: CVE-2024-53112)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ocfs2_commit_trans() function in fs/ocfs2/resize.c. A local user can perform a denial of service (DoS) attack.
285) Input validation error (CVE-ID: CVE-2024-50017)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ident_pud_init() function in arch/x86/mm/ident_map.c. A local user can perform a denial of service (DoS) attack.
286) Resource management error (CVE-ID: CVE-2024-50008)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mwifiex_ret_802_11_scan_ext() function in drivers/net/wireless/marvell/mwifiex/scan.c. A local user can perform a denial of service (DoS) attack.
287) Buffer overflow (CVE-ID: CVE-2024-50194)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the arch_uprobe_analyze_insn() and arch_uprobe_skip_sstep() functions in arch/arm64/kernel/probes/uprobes.c. A local user can perform a denial of service (DoS) attack.
288) Buffer overflow (CVE-ID: CVE-2024-50076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the con_font_get() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.
289) Out-of-bounds read (CVE-ID: CVE-2024-47697)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rtl2830_pid_filter() function in drivers/media/dvb-frontends/rtl2830.c. A local user can perform a denial of service (DoS) attack.
290) Use-after-free (CVE-ID: CVE-2024-56693)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __setup(), brd_alloc(), brd_cleanup() and brd_init() functions in drivers/block/brd.c. A local user can escalate privileges on the system.
291) Use-after-free (CVE-ID: CVE-2024-50280)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the check_migrations(), destroy(), cache_create() and cache_ctr() functions in drivers/md/dm-cache-target.c. A local user can escalate privileges on the system.
292) Buffer overflow (CVE-ID: CVE-2024-50182)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYSCALL_DEFINE1() and secretmem_init() functions in mm/secretmem.c. A local user can perform a denial of service (DoS) attack.
293) Use-after-free (CVE-ID: CVE-2024-53237)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __match_tty() and hci_conn_del_sysfs() functions in net/bluetooth/hci_sysfs.c. A local user can escalate privileges on the system.
294) Infinite loop (CVE-ID: CVE-2024-50011)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the ARRAY_SIZE() function in sound/soc/intel/common/soc-acpi-intel-rpl-match.c. A local user can perform a denial of service (DoS) attack.
295) NULL pointer dereference (CVE-ID: CVE-2024-49912)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the planes_changed_for_existing_stream() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
296) Use-after-free (CVE-ID: CVE-2024-50217)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_close_one_device() function in fs/btrfs/volumes.c. A local user can escalate privileges on the system.
297) Improper locking (CVE-ID: CVE-2024-56532)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_us122l_disconnect() function in sound/usb/usx2y/us122l.c. A local user can perform a denial of service (DoS) attack.
298) NULL pointer dereference (CVE-ID: CVE-2024-53221)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_f2fs_fs(), f2fs_destroy_post_read_processing() and exit_f2fs_fs() functions in fs/f2fs/super.c. A local user can perform a denial of service (DoS) attack.
299) Buffer overflow (CVE-ID: CVE-2024-50206)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the mtk_init_fq_dma() function in drivers/net/ethernet/mediatek/mtk_eth_soc.c. A local user can escalate privileges on the system.
300) Division by zero (CVE-ID: CVE-2024-47700)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ext4_block_group_meta_init(), __ext4_fill_super() and __ext4_remount() functions in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
301) Input validation error (CVE-ID: CVE-2024-56537)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the zynqmp_disp_layer_release_dma() function in drivers/gpu/drm/xlnx/zynqmp_disp.c. A local user can perform a denial of service (DoS) attack.
302) Improper locking (CVE-ID: CVE-2024-49959)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __releases() function in fs/jbd2/checkpoint.c. A local user can perform a denial of service (DoS) attack.
303) Improper error handling (CVE-ID: CVE-2024-56681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ahash_hmac_setkey() and ahash_hmac_init() functions in drivers/crypto/bcm/cipher.c. A local user can perform a denial of service (DoS) attack.
304) Use-after-free (CVE-ID: CVE-2024-49936)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xenvif_new_hash() and xenvif_flush_hash() functions in drivers/net/xen-netback/hash.c. A local user can escalate privileges on the system.
305) Use of uninitialized resource (CVE-ID: CVE-2024-49900)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ea_get() function in fs/jfs/xattr.c. A local user can perform a denial of service (DoS) attack.
306) Improper resource shutdown or release (CVE-ID: CVE-2024-53077)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the rpcrdma_remove_one() function in net/sunrpc/xprtrdma/ib_client.c. A local user can perform a denial of service (DoS) attack.
307) Reachable assertion (CVE-ID: CVE-2024-56705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the ia_css_3a_statistics_allocate() function in drivers/staging/media/atomisp/pci/sh_css_params.c. A local user can perform a denial of service (DoS) attack.
308) Resource management error (CVE-ID: CVE-2024-53125)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the find_equal_scalars() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
309) Input validation error (CVE-ID: CVE-2024-49968)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ext4_feature_set_ok() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
310) Out-of-bounds read (CVE-ID: CVE-2024-49969)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm3_helper_translate_curve_to_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn30/dcn30_cm_common.c. A local user can perform a denial of service (DoS) attack.
311) Resource management error (CVE-ID: CVE-2024-56545)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mousevsc_hid_raw_request(), HID_DEVICE(), mousevsc_probe() and mousevsc_init() functions in drivers/hid/hid-hyperv.c. A local user can perform a denial of service (DoS) attack.
312) Use-after-free (CVE-ID: CVE-2024-50106)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the destroy_delegation(), nfsd4_revoke_states(), nfs4_laundromat(), nfsd4_free_stateid() and nfsd4_delegreturn() functions in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.
313) Race condition within a thread (CVE-ID: CVE-2024-53160)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the krc_count(), schedule_delayed_monitor_work() and kvfree_call_rcu() functions in kernel/rcu/tree.c. A local user can corrupt data.
314) Memory leak (CVE-ID: CVE-2024-50013)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the exfat_load_bitmap() function in fs/exfat/balloc.c. A local user can perform a denial of service (DoS) attack.
315) Improper error handling (CVE-ID: CVE-2024-49880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the alloc_flex_gd() function in fs/ext4/resize.c. A local user can perform a denial of service (DoS) attack.
316) Out-of-bounds read (CVE-ID: CVE-2024-53228)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the kvm_riscv_vcpu_sbi_init() function in arch/riscv/kvm/vcpu_sbi.c. A local user can perform a denial of service (DoS) attack.
317) Out-of-bounds read (CVE-ID: CVE-2024-50177)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dml_core_mode_support() and dml_core_mode_programming() functions in drivers/gpu/drm/amd/display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c. A local user can perform a denial of service (DoS) attack.
318) NULL pointer dereference (CVE-ID: CVE-2024-47684)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/net/tcp.h. A local user can perform a denial of service (DoS) attack.
319) Improper locking (CVE-ID: CVE-2024-47739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the padata_do_serial() function in kernel/padata.c. A local user can perform a denial of service (DoS) attack.
320) Double free (CVE-ID: CVE-2024-50029)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the hci_enhanced_setup_sync() function in net/bluetooth/hci_conn.c. A local user can perform a denial of service (DoS) attack.
321) Use-after-free (CVE-ID: CVE-2024-53194)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pci_slot_release(), pci_bus_get() and make_slot_name() functions in drivers/pci/slot.c. A local user can escalate privileges on the system.
322) Use of uninitialized resource (CVE-ID: CVE-2024-50237)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ieee80211_get_tx_power() function in net/mac80211/cfg.c. A local user can perform a denial of service (DoS) attack.
323) Use of uninitialized resource (CVE-ID: CVE-2024-50035)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ppp_async_encode() function in drivers/net/ppp/ppp_async.c. A local user can perform a denial of service (DoS) attack.
324) NULL pointer dereference (CVE-ID: CVE-2024-49941)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gpiod_get_label() function in drivers/gpio/gpiolib.c. A local user can perform a denial of service (DoS) attack.
325) Resource management error (CVE-ID: CVE-2024-49947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/linux/virtio_net.h. A local user can perform a denial of service (DoS) attack.
326) Input validation error (CVE-ID: CVE-2024-50289)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the CI_handle() and dvb_ca_ioctl() functions in drivers/staging/media/av7110/av7110_ca.c. A local user can perform a denial of service (DoS) attack.
327) NULL pointer dereference (CVE-ID: CVE-2024-49949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qdisc_pkt_len_init() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
328) Input validation error (CVE-ID: CVE-2024-50023)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the phy_led_hw_is_supported() function in drivers/net/phy/phy_device.c. A local user can perform a denial of service (DoS) attack.
329) Out-of-bounds read (CVE-ID: CVE-2024-50139)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the reset_clidr() function in arch/arm64/kvm/sys_regs.c. A local user can perform a denial of service (DoS) attack.
330) Out-of-bounds read (CVE-ID: CVE-2024-49886)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the _isst_if_get_pci_dev() function in drivers/platform/x86/intel/speed_select_if/isst_if_common.c. A local user can perform a denial of service (DoS) attack.
331) Improper Initialization (CVE-ID: CVE-2024-50026)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the wd33c93_intr() function in drivers/scsi/wd33c93.c. A local user can perform a denial of service (DoS) attack.
332) Memory leak (CVE-ID: CVE-2024-56748)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qedf_alloc_and_init_sb() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.
333) Improper locking (CVE-ID: CVE-2024-53080)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the panthor_vm_pool_get_vm() function in drivers/gpu/drm/panthor/panthor_mmu.c. A local user can perform a denial of service (DoS) attack.
334) Input validation error (CVE-ID: CVE-2024-56754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the caam_qi_init() function in drivers/crypto/caam/qi.c. A local user can perform a denial of service (DoS) attack.
335) Improper error handling (CVE-ID: CVE-2024-49999)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the afs_wait_for_operation() function in fs/afs/fs_operation.c. A local user can perform a denial of service (DoS) attack.
336) Resource management error (CVE-ID: CVE-2024-49963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bcm2835_mbox_probe() function in drivers/mailbox/bcm2835-mailbox.c. A local user can perform a denial of service (DoS) attack.
337) Use-after-free (CVE-ID: CVE-2024-49855)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nbd_requeue_cmd() and nbd_xmit_timeout() functions in drivers/block/nbd.c. A local user can escalate privileges on the system.
338) Memory leak (CVE-ID: CVE-2024-50252)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlxsw_sp_ipip_ol_netdev_change_gre6() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_ipip.c. A local user can perform a denial of service (DoS) attack.
339) Memory leak (CVE-ID: CVE-2024-49975)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __create_xol_area() function in kernel/events/uprobes.c. A local user can perform a denial of service (DoS) attack.
340) Improper locking (CVE-ID: CVE-2024-50107)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pmc_core_ssram_get_pmc() function in drivers/platform/x86/intel/pmc/core_ssram.c. A local user can perform a denial of service (DoS) attack.
341) Incorrect calculation (CVE-ID: CVE-2024-56749)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the ls_recover() function in fs/dlm/recoverd.c. A local user can perform a denial of service (DoS) attack.
342) Out-of-bounds read (CVE-ID: CVE-2024-49928)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wireless/realtek/rtw89/core.h. A local user can perform a denial of service (DoS) attack.
343) Use-after-free (CVE-ID: CVE-2024-49865)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xe_vm_create_ioctl() function in drivers/gpu/drm/xe/xe_vm.c. A local user can escalate privileges on the system.
344) Use-after-free (CVE-ID: CVE-2024-50125)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the SCO_CONN_TIMEOUT(), sco_sock_timeout() and sco_conn_del() functions in net/bluetooth/sco.c, within the bt_sock_unlink() function in net/bluetooth/af_bluetooth.c. A local user can escalate privileges on the system.
345) Input validation error (CVE-ID: CVE-2024-49899)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the CalculateVMGroupAndRequestTimes() function in drivers/gpu/drm/amd/display/dc/dml2/dml21/src/dml2_core/dml2_core_shared.c, within the get_bytes_per_element() function in drivers/gpu/drm/amd/display/dc/dml/dml1_display_rq_dlg_calc.c, within the calculate_ttu_cursor() function in drivers/gpu/drm/amd/display/dc/dml/dcn20/display_rq_dlg_calc_20.c. A local user can perform a denial of service (DoS) attack.
346) Use-after-free (CVE-ID: CVE-2024-47750)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hns_roce_v2_exit() and __hns_roce_hw_v2_uninit_instance() functions in drivers/infiniband/hw/hns/hns_roce_hw_v2.c. A local user can escalate privileges on the system.
347) Reachable assertion (CVE-ID: CVE-2024-53152)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the pex_ep_event_pex_rst_assert() and pex_ep_event_pex_rst_deassert() functions in drivers/pci/controller/dwc/pcie-tegra194.c. A local user can perform a denial of service (DoS) attack.
348) Improper Initialization (CVE-ID: CVE-2024-50081)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the blk_mq_init_allocated_queue() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
349) NULL pointer dereference (CVE-ID: CVE-2024-49891)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_sli_flush_io_rings() function in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_abort_handler() function in drivers/scsi/lpfc/lpfc_scsi.c, within the lpfc_dev_loss_tmo_callbk() function in drivers/scsi/lpfc/lpfc_hbadisc.c. A local user can perform a denial of service (DoS) attack.
350) Resource management error (CVE-ID: CVE-2024-49927)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ioapic_mask_entry(), __remove_pin_from_irq(), alloc_isa_irq_from_domain() and mp_irqdomain_alloc() functions in arch/x86/kernel/apic/io_apic.c. A local user can perform a denial of service (DoS) attack.
351) Use-after-free (CVE-ID: CVE-2024-49852)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efc_nport_vport_del() function in drivers/scsi/elx/libefc/efc_nport.c. A local user can escalate privileges on the system.
352) Use-after-free (CVE-ID: CVE-2024-50085)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mptcp_pm_nl_rm_addr_or_subflow() function in net/mptcp/pm_netlink.c. A local user can escalate privileges on the system.
353) Reachable assertion (CVE-ID: CVE-2024-50185)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the skb_is_fully_mapped() function in net/mptcp/subflow.c, within the mptcp_check_data_fin() and __mptcp_move_skbs_from_subflow() functions in net/mptcp/protocol.c, within the SNMP_MIB_ITEM() function in net/mptcp/mib.c. A local user can perform a denial of service (DoS) attack.
354) Use of uninitialized resource (CVE-ID: CVE-2024-50205)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the apply_constraint_to_size() function in sound/firewire/amdtp-stream.c. A local user can perform a denial of service (DoS) attack.
355) NULL pointer dereference (CVE-ID: CVE-2024-49896)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the are_stream_backends_same() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
356) Out-of-bounds read (CVE-ID: CVE-2024-50278)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_cache_dev_size() and cache_preresume() functions in drivers/md/dm-cache-target.c. A local user can perform a denial of service (DoS) attack.
357) Resource management error (CVE-ID: CVE-2024-49866)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the osnoise_hotplug_workfn() function in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.
358) Improper locking (CVE-ID: CVE-2024-53190)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the efuse_write_1byte() and read_efuse_byte() functions in drivers/net/wireless/realtek/rtlwifi/efuse.c. A local user can perform a denial of service (DoS) attack.
359) Incorrect calculation (CVE-ID: CVE-2024-50251)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the nft_payload_set_eval() function in net/netfilter/nft_payload.c. A local user can perform a denial of service (DoS) attack.
360) Improper resource shutdown or release (CVE-ID: CVE-2024-50269)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the sunxi_musb_exit() function in drivers/usb/musb/sunxi.c. A local user can perform a denial of service (DoS) attack.
361) Use-after-free (CVE-ID: CVE-2024-49889)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_split_extents(), ext4_split_extent() and ext4_ext_handle_unwritten_extents() functions in fs/ext4/extents.c. A local user can escalate privileges on the system.
362) Infinite loop (CVE-ID: CVE-2024-50037)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the drm_fbdev_dma_fb_destroy() function in drivers/gpu/drm/drm_fbdev_dma.c. A local user can perform a denial of service (DoS) attack.
363) Input validation error (CVE-ID: CVE-2024-53144)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_user_confirm_request_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
364) Incorrect calculation (CVE-ID: CVE-2024-53138)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the tx_sync_info_get(), mlx5e_ktls_tx_handle_resync_dump_comp() and mlx5e_ktls_tx_handle_ooo() functions in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_tx.c. A local user can perform a denial of service (DoS) attack.
365) Use of uninitialized resource (CVE-ID: CVE-2024-50087)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the replay_one_name() and check_item_in_log() functions in fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.
366) Use-after-free (CVE-ID: CVE-2024-56678)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ___do_page_fault() function in arch/powerpc/mm/fault.c. A local user can escalate privileges on the system.
367) Memory leak (CVE-ID: CVE-2024-53087)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xe_exec_ioctl() function in drivers/gpu/drm/xe/xe_exec.c. A local user can perform a denial of service (DoS) attack.
368) Buffer overflow (CVE-ID: CVE-2024-50180)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the sisfb_search_mode() function in drivers/video/fbdev/sis/sis_main.c. A local user can escalate privileges on the system.
369) NULL pointer dereference (CVE-ID: CVE-2024-49940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pppol2tp_session_setsockopt() function in net/l2tp/l2tp_ppp.c, within the l2tp_nl_cmd_session_modify() function in net/l2tp/l2tp_netlink.c, within the l2tp_v3_session_get(), l2tp_session_register(), l2tp_recv_common(), EXPORT_SYMBOL_GPL(), l2tp_session_set_header_len() and l2tp_session_create() functions in net/l2tp/l2tp_core.c. A local user can perform a denial of service (DoS) attack.
370) Resource management error (CVE-ID: CVE-2024-50019)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kthread_unpark() function in kernel/kthread.c. A local user can perform a denial of service (DoS) attack.
371) Off-by-one (CVE-ID: CVE-2024-53149)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the pmic_glink_ucsi_connector_status() function in drivers/usb/typec/ucsi/ucsi_glink.c. A local user can perform a denial of service (DoS) attack.
372) NULL pointer dereference (CVE-ID: CVE-2024-50122)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pci_host_probe() function in drivers/pci/probe.c. A local user can perform a denial of service (DoS) attack.
373) Resource management error (CVE-ID: CVE-2024-50038)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mark_mt() and mark_mt_init() functions in net/netfilter/xt_mark.c, within the sizeof() function in net/netfilter/xt_connmark.c, within the connlimit_mt_destroy() function in net/netfilter/xt_connlimit.c, within the connbytes_mt_check() function in net/netfilter/xt_connbytes.c, within the xt_cluster_mt_destroy() function in net/netfilter/xt_cluster.c, within the sizeof() function in net/netfilter/xt_addrtype.c, within the trace_tg() function in net/netfilter/xt_TRACE.c, within the offsetof() function in net/netfilter/xt_SECMARK.c, within the xt_rateest_tg_destroy() and xt_rateest_tg_init() functions in net/netfilter/xt_RATEEST.c, within the nflog_tg_destroy() function in net/netfilter/xt_NFLOG.c, within the led_tg_destroy() function in net/netfilter/xt_LED.c, within the idletimer_tg_destroy_v1() function in net/netfilter/xt_IDLETIMER.c, within the xt_ct_tg_destroy_v1() and sizeof() functions in net/netfilter/xt_CT.c, within the connsecmark_tg_destroy() function in net/netfilter/xt_CONNSECMARK.c, within the sizeof() function in net/netfilter/xt_CLASSIFY.c, within the checksum_tg_check() function in net/netfilter/xt_CHECKSUM.c. A local user can perform a denial of service (DoS) attack.
374) Out-of-bounds read (CVE-ID: CVE-2024-53156)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the htc_connect_service() function in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
375) Use-after-free (CVE-ID: CVE-2024-49943)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the guc_submit_wedged_fini() function in drivers/gpu/drm/xe/xe_guc_submit.c. A local user can escalate privileges on the system.
376) Input validation error (CVE-ID: CVE-2024-50113)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the build_tree() function in drivers/firewire/core-topology.c. A local user can perform a denial of service (DoS) attack.
377) Out-of-bounds read (CVE-ID: CVE-2024-47721)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wireless/realtek/rtw89/mac.h. A local user can perform a denial of service (DoS) attack.
378) Memory leak (CVE-ID: CVE-2024-53076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iio_gts_build_avail_scale_table() function in drivers/iio/industrialio-gts-helper.c. A local user can perform a denial of service (DoS) attack.
379) Out-of-bounds read (CVE-ID: CVE-2024-50115)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nested_svm_get_tdp_pdptr() function in arch/x86/kvm/svm/nested.c. A local user can perform a denial of service (DoS) attack.
380) Input validation error (CVE-ID: CVE-2024-50178)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the DEFINE_PER_CPU() function in drivers/cpufreq/loongson3_cpufreq.c. A local user can perform a denial of service (DoS) attack.
381) Out-of-bounds read (CVE-ID: CVE-2024-50268)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ucsi_ccg_update_set_new_cam_cmd() function in drivers/usb/typec/ucsi/ucsi_ccg.c. A local user can perform a denial of service (DoS) attack.
382) Out-of-bounds read (CVE-ID: CVE-2024-50279)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the can_resize() function in drivers/md/dm-cache-target.c. A local user can perform a denial of service (DoS) attack.
383) Input validation error (CVE-ID: CVE-2024-53134)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the imx93_blk_ctrl_remove() function in drivers/pmdomain/imx/imx93-blk-ctrl.c. A local user can perform a denial of service (DoS) attack.
384) Use-after-free (CVE-ID: CVE-2024-50199)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the unuse_mm() function in mm/swapfile.c. A local user can escalate privileges on the system.
385) Double free (CVE-ID: CVE-2024-49989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the link_destruct() function in drivers/gpu/drm/amd/display/dc/link/link_factory.c. A local user can perform a denial of service (DoS) attack.
386) Memory leak (CVE-ID: CVE-2024-47671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the usbtmc_create_urb() function in drivers/usb/class/usbtmc.c. A local user can perform a denial of service (DoS) attack.
387) NULL pointer dereference (CVE-ID: CVE-2024-49909)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn32_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/hwss/dcn32/dcn32_hwseq.c. A local user can perform a denial of service (DoS) attack.
388) Use-after-free (CVE-ID: CVE-2024-53173)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfs4_open_release() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
389) Improper locking (CVE-ID: CVE-2024-53053)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ufshcd_update_rtc() function in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
390) Memory leak (CVE-ID: CVE-2024-53088)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the i40e_count_filters(), i40e_correct_mac_vlan_filters(), i40e_correct_vf_mac_vlan_filters(), i40e_aqc_broadcast_filter() and i40e_sync_vsi_filters() functions in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
391) Improper error handling (CVE-ID: CVE-2024-50078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bt_exit() function in net/bluetooth/af_bluetooth.c. A local user can perform a denial of service (DoS) attack.
392) NULL pointer dereference (CVE-ID: CVE-2024-50105)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sc7280_snd_shutdown() and sc7280_snd_startup() functions in sound/soc/qcom/sc7280.c. A local user can perform a denial of service (DoS) attack.
393) NULL pointer dereference (CVE-ID: CVE-2024-50223)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vma_next() function in kernel/sched/fair.c. A local user can perform a denial of service (DoS) attack.
394) Use-after-free (CVE-ID: CVE-2024-50126)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the taprio_dump() function in net/sched/sch_taprio.c. A local user can escalate privileges on the system.
395) NULL pointer dereference (CVE-ID: CVE-2024-47680)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __submit_discard_cmd() function in fs/f2fs/segment.c. A local user can perform a denial of service (DoS) attack.
396) Improper locking (CVE-ID: CVE-2024-47724)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ath11k_bcn_tx_status_event() function in drivers/net/wireless/ath/ath11k/wmi.c, within the ath11k_mac_vdev_delete(), ath11k_mac_op_add_interface() and ath11k_mac_op_remove_interface() functions in drivers/net/wireless/ath/ath11k/mac.c. A local user can perform a denial of service (DoS) attack.
397) Improper locking (CVE-ID: CVE-2024-53047)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mptcp_init_sock() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
398) Improper locking (CVE-ID: CVE-2024-50060)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __io_cqring_overflow_flush() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
399) NULL pointer dereference (CVE-ID: CVE-2024-53056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_crtc_destroy() function in drivers/gpu/drm/mediatek/mtk_crtc.c. A local user can perform a denial of service (DoS) attack.
400) NULL pointer dereference (CVE-ID: CVE-2024-49987)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the show_link_netfilter() function in tools/bpf/bpftool/net.c. A local user can perform a denial of service (DoS) attack.
401) NULL pointer dereference (CVE-ID: CVE-2024-49879)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the omapdrm_init() and omap_gem_deinit() functions in drivers/gpu/drm/omapdrm/omap_drv.c. A local user can perform a denial of service (DoS) attack.
402) Improper locking (CVE-ID: CVE-2024-53128)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/linux/sched/task_stack.h. A local user can perform a denial of service (DoS) attack.
403) Division by zero (CVE-ID: CVE-2024-53123)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the mptcp_recvmsg() and pr_debug() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
404) Use-after-free (CVE-ID: CVE-2024-49981)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the venus_remove() function in drivers/media/platform/qcom/venus/core.c. A local user can escalate privileges on the system.
405) Buffer overflow (CVE-ID: CVE-2024-50277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the alloc_dev() function in drivers/md/dm.c. A local user can perform a denial of service (DoS) attack.
406) Memory leak (CVE-ID: CVE-2024-50166)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mac_probe() and mac_remove() functions in drivers/net/ethernet/freescale/fman/mac.c. A local user can perform a denial of service (DoS) attack.
407) Improper locking (CVE-ID: CVE-2024-53067)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ufshcd_add_lus() and ufshcd_device_init() functions in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
408) Memory leak (CVE-ID: CVE-2024-49964)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the memfd_pin_folios() function in mm/gup.c. A local user can perform a denial of service (DoS) attack.
409) Input validation error (CVE-ID: CVE-2024-56728)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the otx2_get_pauseparam() and otx2_set_fecparam() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c. A local user can perform a denial of service (DoS) attack.
410) Double free (CVE-ID: CVE-2024-49853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the scmi_optee_chan_free() function in drivers/firmware/arm_scmi/optee.c. A local user can perform a denial of service (DoS) attack.
411) NULL pointer dereference (CVE-ID: CVE-2024-53064)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the idpf_init_hard_reset() function in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can perform a denial of service (DoS) attack.
412) Improper locking (CVE-ID: CVE-2024-56531)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_usb_caiaq_input_free() function in sound/usb/caiaq/input.c, within the setup_card(), init_card() and snd_disconnect() functions in sound/usb/caiaq/device.c, within the snd_usb_caiaq_audio_init() function in sound/usb/caiaq/audio.c. A local user can perform a denial of service (DoS) attack.
413) Double free (CVE-ID: CVE-2024-53213)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the lan78xx_probe() function in drivers/net/usb/lan78xx.c. A local user can perform a denial of service (DoS) attack.
414) Buffer overflow (CVE-ID: CVE-2024-50246)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mi_enum_attr() function in fs/ntfs3/record.c. A local user can perform a denial of service (DoS) attack.
415) Resource management error (CVE-ID: CVE-2024-50192)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the its_build_vmapp_cmd(), its_vpe_set_affinity() and its_vpe_init() functions in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.
416) Resource management error (CVE-ID: CVE-2024-53184)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ubd_open_dev() function in arch/um/drivers/ubd_kern.c. A local user can perform a denial of service (DoS) attack.
417) NULL pointer dereference (CVE-ID: CVE-2024-56697)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_discovery_get_nps_info() function in drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c. A local user can perform a denial of service (DoS) attack.
418) Improper locking (CVE-ID: CVE-2024-47710)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sock_hash_free() function in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
419) Improper locking (CVE-ID: CVE-2024-53052)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the io_write_prep() and io_write() functions in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
420) Use-after-free (CVE-ID: CVE-2024-47718)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rtw_wait_firmware_completion() function in drivers/net/wireless/realtek/rtw88/main.c. A local user can escalate privileges on the system.
421) Input validation error (CVE-ID: CVE-2024-49938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ath9k_hif_usb_rx_cb() and ath9k_hif_usb_reg_in_cb() functions in drivers/net/wireless/ath/ath9k/hif_usb.c. A local user can perform a denial of service (DoS) attack.
422) Improper error handling (CVE-ID: CVE-2024-49893)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the commit_planes_for_stream_fast() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
423) Use-after-free (CVE-ID: CVE-2024-53133)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dc_state_create_copy() function in drivers/gpu/drm/amd/display/dc/core/dc_state.c. A local user can escalate privileges on the system.
424) Buffer overflow (CVE-ID: CVE-2024-50096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nouveau_dmem_fault_copy_one() function in drivers/gpu/drm/nouveau/nouveau_dmem.c. A local user can perform a denial of service (DoS) attack.
425) NULL pointer dereference (CVE-ID: CVE-2024-53129)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vop_plane_atomic_async_check() function in drivers/gpu/drm/rockchip/rockchip_drm_vop.c. A local user can perform a denial of service (DoS) attack.
426) Resource management error (CVE-ID: CVE-2024-49951)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cmd_status_rsp(), mgmt_index_added(), mgmt_power_on() and __mgmt_power_off() functions in net/bluetooth/mgmt.c. A local user can perform a denial of service (DoS) attack.
427) Resource management error (CVE-ID: CVE-2024-53181)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vector_device_release() function in arch/um/drivers/vector_kern.c. A local user can perform a denial of service (DoS) attack.
428) Race condition (CVE-ID: CVE-2024-50059)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the switchtec_ntb_remove() function in drivers/ntb/hw/mscc/ntb_hw_switchtec.c. A local user can escalate privileges on the system.
429) Resource management error (CVE-ID: CVE-2024-50193)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the SYM_CODE_START() function in arch/x86/entry/entry_32.S. A local user can perform a denial of service (DoS) attack.
430) NULL pointer dereference (CVE-ID: CVE-2024-53120)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_tc_ct_entry_add_rule() function in drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c. A local user can perform a denial of service (DoS) attack.
431) Use-after-free (CVE-ID: CVE-2024-50114)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __kvm_vgic_vcpu_destroy() function in arch/arm64/kvm/vgic/vgic-init.c. A local user can escalate privileges on the system.
432) NULL pointer dereference (CVE-ID: CVE-2024-49962)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the acpi_db_convert_to_package() function in drivers/acpi/acpica/dbconvert.c. A local user can perform a denial of service (DoS) attack.
433) NULL pointer dereference (CVE-ID: CVE-2024-49921)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dp_verify_link_cap_with_retries() function in drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_capability.c, within the dcn35_init_hw() and dcn35_calc_blocks_to_gate() functions in drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c, within the dcn31_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn31/dcn31_hwseq.c, within the dcn10_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c, within the dce110_edp_backlight_control() function in drivers/gpu/drm/amd/display/dc/hwss/dce110/dce110_hwseq.c, within the hubp2_is_flip_pending() function in drivers/gpu/drm/amd/display/dc/hubp/dcn20/dcn20_hubp.c, within the hubp1_is_flip_pending() function in drivers/gpu/drm/amd/display/dc/hubp/dcn10/dcn10_hubp.c, within the dce11_pplib_apply_display_requirements() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c. A local user can perform a denial of service (DoS) attack.
434) NULL pointer dereference (CVE-ID: CVE-2024-50298)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the enetc_sriov_configure(), enetc_pf_probe(), free_netdev() and enetc_pf_remove() functions in drivers/net/ethernet/freescale/enetc/enetc_pf.c. A local user can perform a denial of service (DoS) attack.
435) NULL pointer dereference (CVE-ID: CVE-2024-50255)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __hci_cmd_sync_sk() and __hci_cmd_sync_status_sk() functions in net/bluetooth/hci_sync.c. A local user can perform a denial of service (DoS) attack.
436) NULL pointer dereference (CVE-ID: CVE-2024-53219)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the virtio_fs_get_tree() function in fs/fuse/virtio_fs.c, within the fuse_read_args_fill(), fuse_release_user_pages(), fuse_aio_complete_req(), fuse_get_frag_size(), fuse_get_user_pages() and fuse_direct_io() functions in fs/fuse/file.c. A local user can perform a denial of service (DoS) attack.
437) NULL pointer dereference (CVE-ID: CVE-2024-49905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the handle_cursor_update() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_plane.c. A local user can perform a denial of service (DoS) attack.
438) Improper error handling (CVE-ID: CVE-2024-50211)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the udf_truncate_extents() function in fs/udf/truncate.c, within the udf_try_read_meta() function in fs/udf/partition.c, within the udf_map_block(), udf_extend_file(), udf_delete_aext() and inode_bmap() functions in fs/udf/inode.c, within the udf_fiiter_init() and udf_fiiter_append_blk() functions in fs/udf/directory.c. A local user can perform a denial of service (DoS) attack.
439) Buffer overflow (CVE-ID: CVE-2024-49860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the acpi_device_setup_files() function in drivers/acpi/device_sysfs.c. A local user can perform a denial of service (DoS) attack.
440) Input validation error (CVE-ID: CVE-2024-47727)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the handle_mmio() function in arch/x86/coco/tdx/tdx.c. A local user can perform a denial of service (DoS) attack.
441) Incorrect calculation (CVE-ID: CVE-2024-50028)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the thermal_genl_cmd_tz_get_trip(), thermal_genl_cmd_tz_get_temp() and thermal_genl_cmd_tz_get_gov() functions in drivers/thermal/thermal_netlink.c, within the thermal_zone_get_by_id() function in drivers/thermal/thermal_core.c. A local user can perform a denial of service (DoS) attack.
442) Out-of-bounds read (CVE-ID: CVE-2024-47723)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the diAlloc() function in fs/jfs/jfs_imap.c, within the dbMount() and dbNextAG() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
443) Integer overflow (CVE-ID: CVE-2024-53081)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the calc_pll() function in drivers/media/i2c/ar0521.c. A local user can execute arbitrary code.
444) Input validation error (CVE-ID: CVE-2024-56683)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vc4_hdmi_debugfs_regs() function in drivers/gpu/drm/vc4/vc4_hdmi.c. A local user can perform a denial of service (DoS) attack.
445) Improper error handling (CVE-ID: CVE-2024-49897)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dcn32_add_phantom_pipes() function in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c. A local user can perform a denial of service (DoS) attack.
446) Improper locking (CVE-ID: CVE-2024-50065)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ntfs_d_hash() function in fs/ntfs3/namei.c. A local user can perform a denial of service (DoS) attack.
447) Buffer overflow (CVE-ID: CVE-2024-56708)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the igen6_register_mci() and igen6_unregister_mcis() functions in drivers/edac/igen6_edac.c. A local user can perform a denial of service (DoS) attack.
448) Out-of-bounds read (CVE-ID: CVE-2024-50151)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the SMB2_ioctl_init() function in fs/cifs/smb2pdu.c. A local user can perform a denial of service (DoS) attack.
449) NULL pointer dereference (CVE-ID: CVE-2023-52917)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ndev_init_debugfs() function in drivers/ntb/hw/intel/ntb_hw_gen1.c. A local user can perform a denial of service (DoS) attack.
450) Use-after-free (CVE-ID: CVE-2024-56538)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zynqmp_dpsub_drm_cleanup() function in drivers/gpu/drm/xlnx/zynqmp_kms.c. A local user can escalate privileges on the system.
451) Use-after-free (CVE-ID: CVE-2024-47691)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the f2fs_shutdown() function in fs/f2fs/super.c, within the f2fs_ioc_abort_atomic_write(), f2fs_do_shutdown() and f2fs_ioc_shutdown() functions in fs/f2fs/file.c. A local user can escalate privileges on the system.
452) Improper error handling (CVE-ID: CVE-2024-53196)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the kvm_mmio_read_buf() and kvm_handle_mmio_return() functions in arch/arm64/kvm/mmio.c. A local user can perform a denial of service (DoS) attack.
453) Use-after-free (CVE-ID: CVE-2024-50150)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the typec_altmode_release() and typec_register_altmode() functions in drivers/usb/typec/class.c. A local user can escalate privileges on the system.
454) NULL pointer dereference (CVE-ID: CVE-2024-50069)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the apple_gpio_pinctrl_probe() function in drivers/pinctrl/pinctrl-apple-gpio.c. A local user can perform a denial of service (DoS) attack.
455) Out-of-bounds read (CVE-ID: CVE-2024-50301)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the security/keys/keyring.c. A local user can perform a denial of service (DoS) attack.
456) Improper error handling (CVE-ID: CVE-2024-50131)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the traceprobe_parse_event_name() function in kernel/trace/trace_probe.c. A local user can perform a denial of service (DoS) attack.
457) Buffer overflow (CVE-ID: CVE-2024-53110)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vp_vdpa_probe() function in drivers/vdpa/virtio_pci/vp_vdpa.c. A local user can perform a denial of service (DoS) attack.
458) Improper locking (CVE-ID: CVE-2024-56701)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dtl_worker_enable() and dtl_worker_disable() functions in arch/powerpc/platforms/pseries/lpar.c, within the dtl_enable() and dtl_disable() functions in arch/powerpc/platforms/pseries/dtl.c. A local user can perform a denial of service (DoS) attack.
459) NULL pointer dereference (CVE-ID: CVE-2024-53115)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vmw_framebuffer_surface_create_handle() function in drivers/gpu/drm/vmwgfx/vmwgfx_kms.c. A local user can perform a denial of service (DoS) attack.
460) Input validation error (CVE-ID: CVE-2024-53062)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mgb4_cmt_set_vin_freq_range() function in drivers/media/pci/mgb4/mgb4_cmt.c. A local user can perform a denial of service (DoS) attack.
461) Input validation error (CVE-ID: CVE-2024-50058)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the uart_shutdown() function in drivers/tty/serial/serial_core.c. A local user can perform a denial of service (DoS) attack.
462) Buffer overflow (CVE-ID: CVE-2024-53148)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the comedi_mmap() function in drivers/comedi/comedi_fops.c. A local user can perform a denial of service (DoS) attack.
463) Out-of-bounds read (CVE-ID: CVE-2024-53147)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the exfat_find() function in fs/exfat/namei.c. A local user can perform a denial of service (DoS) attack.
464) Use-after-free (CVE-ID: CVE-2024-50226)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mock_decoder_commit() function in tools/testing/cxl/test/cxl.c, within the cxl_region_invalidate_memregion(), cxl_region_decode_reset(), commit_store() and cxl_region_detach() functions in drivers/cxl/core/region.c, within the cxl_decoder_commit() and cxl_decoder_reset() functions in drivers/cxl/core/hdm.c, within the device_for_each_child_reverse() function in drivers/base/core.c. A local user can escalate privileges on the system.
465) NULL pointer dereference (CVE-ID: CVE-2024-56540)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ivpu_jsm_pwr_d0i3_enter(), ivpu_jsm_hws_setup_priority_bands(), ivpu_jsm_dct_enable() and ivpu_jsm_dct_disable() functions in drivers/accel/ivpu/ivpu_jsm_msg.c, within the ivpu_ipc_receive() and ivpu_ipc_send_receive_active() functions in drivers/accel/ivpu/ivpu_ipc.c. A local user can perform a denial of service (DoS) attack.
466) Race condition within a thread (CVE-ID: CVE-2024-53124)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the tcp_v6_do_rcv() function in net/ipv6/tcp_ipv6.c, within the dccp_v6_do_rcv() function in net/dccp/ipv6.c. A local user can corrupt data.
467) Memory leak (CVE-ID: CVE-2024-50170)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcmasp_xmit() function in drivers/net/ethernet/broadcom/asp2/bcmasp_intf.c. A local user can perform a denial of service (DoS) attack.
468) Resource management error (CVE-ID: CVE-2024-50266)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the drivers/clk/qcom/videocc-sm8350.c. A local user can perform a denial of service (DoS) attack.
469) NULL pointer dereference (CVE-ID: CVE-2024-50296)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hnae3_unregister_ae_algo_prepare() function in drivers/net/ethernet/hisilicon/hns3/hnae3.c. A local user can perform a denial of service (DoS) attack.
470) Input validation error (CVE-ID: CVE-2024-49953)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5e_ipsec_handle_tx_limit() function in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c. A local user can perform a denial of service (DoS) attack.
471) NULL pointer dereference (CVE-ID: CVE-2024-47692)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __cld_pipe_inprogress_downcall() function in fs/nfsd/nfs4recover.c. A local user can perform a denial of service (DoS) attack.
472) NULL pointer dereference (CVE-ID: CVE-2024-49916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn401_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn401/dcn401_hwseq.c. A local user can perform a denial of service (DoS) attack.
473) Use-after-free (CVE-ID: CVE-2024-53239)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the usb6fire_chip_abort(), usb6fire_chip_destroy(), usb6fire_chip_probe() and usb6fire_chip_disconnect() functions in sound/usb/6fire/chip.c. A local user can escalate privileges on the system.
474) Use of uninitialized resource (CVE-ID: CVE-2024-50173)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the tick_ctx_cleanup() function in drivers/gpu/drm/panthor/panthor_sched.c. A local user can perform a denial of service (DoS) attack.
475) NULL pointer dereference (CVE-ID: CVE-2024-49868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_update_reloc_root() function in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.
476) Memory leak (CVE-ID: CVE-2024-47677)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the exfat_create_upcase_table() function in fs/exfat/nls.c. A local user can perform a denial of service (DoS) attack.
477) Use of uninitialized resource (CVE-ID: CVE-2024-49972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the dc_state_create() function in drivers/gpu/drm/amd/display/dc/core/dc_state.c. A local user can perform a denial of service (DoS) attack.
478) Use-after-free (CVE-ID: CVE-2024-50130)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_hook_run_bpf(), bpf_nf_link_release() and bpf_nf_link_attach() functions in net/netfilter/nf_bpf_link.c. A local user can escalate privileges on the system.
479) NULL pointer dereference (CVE-ID: CVE-2024-56698)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dwc3_prepare_trbs_sg() function in drivers/usb/dwc3/gadget.c. A local user can perform a denial of service (DoS) attack.
480) Memory leak (CVE-ID: CVE-2024-50231)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iio_gts_build_avail_scale_table() function in drivers/iio/industrialio-gts-helper.c. A local user can perform a denial of service (DoS) attack.
481) Infinite loop (CVE-ID: CVE-2024-50272)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the filemap_read() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.
482) Reachable assertion (CVE-ID: CVE-2024-53153)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the qcom_pcie_perst_deassert() and qcom_pcie_perst_assert() functions in drivers/pci/controller/dwc/pcie-qcom-ep.c. A local user can perform a denial of service (DoS) attack.
483) Out-of-bounds read (CVE-ID: CVE-2024-50158)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bnxt_re_ib_get_hw_stats() function in drivers/infiniband/hw/bnxt_re/hw_counters.c. A local user can perform a denial of service (DoS) attack.
484) Resource management error (CVE-ID: CVE-2024-53046)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the arch/arm64/boot/dts/freescale/imx8ulp.dtsi. A local user can perform a denial of service (DoS) attack.
485) NULL pointer dereference (CVE-ID: CVE-2024-49908)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_update_cursor() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
486) Resource management error (CVE-ID: CVE-2024-47709)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bcm_notify() function in net/can/bcm.c. A local user can perform a denial of service (DoS) attack.
487) Improper error handling (CVE-ID: CVE-2024-53058)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the stmmac_tso_xmit() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.
488) Improper locking (CVE-ID: CVE-2024-50006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_ind_migrate() function in fs/ext4/migrate.c. A local user can perform a denial of service (DoS) attack.
489) Input validation error (CVE-ID: CVE-2024-49948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qdisc_pkt_len_init() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
490) Use of uninitialized resource (CVE-ID: CVE-2024-47685)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nf_reject_ip6_tcphdr_put() function in net/ipv6/netfilter/nf_reject_ipv6.c. A local user can perform a denial of service (DoS) attack.
491) Resource management error (CVE-ID: CVE-2024-47693)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ib_cache_setup_one() function in drivers/infiniband/core/cache.c. A local user can perform a denial of service (DoS) attack.
492) NULL pointer dereference (CVE-ID: CVE-2024-50260)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sock_map_link_update_prog() function in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
493) Improper locking (CVE-ID: CVE-2024-50079)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the io_uring/io_uring.h. A local user can perform a denial of service (DoS) attack.
494) Use-after-free (CVE-ID: CVE-2024-50149)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the guc_exec_queue_timedout_job() function in drivers/gpu/drm/xe/xe_guc_submit.c. A local user can escalate privileges on the system.
495) Integer overflow (CVE-ID: CVE-2024-53151)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the xdr_check_write_chunk() function in net/sunrpc/xprtrdma/svc_rdma_recvfrom.c. A local user can execute arbitrary code.
496) Out-of-bounds read (CVE-ID: CVE-2024-47757)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nilfs_btree_check_delete() function in fs/nilfs2/btree.c. A local user can perform a denial of service (DoS) attack.
497) NULL pointer dereference (CVE-ID: CVE-2024-49917)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn30_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn30/dcn30_hwseq.c. A local user can perform a denial of service (DoS) attack.
498) Out-of-bounds read (CVE-ID: CVE-2024-50288)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vid_cap_start_streaming() function in drivers/media/test-drivers/vivid/vivid-vid-cap.c, within the vivid_vid_cap_s_ctrl() function in drivers/media/test-drivers/vivid/vivid-ctrls.c, within the vivid_create_queue() function in drivers/media/test-drivers/vivid/vivid-core.c. A local user can perform a denial of service (DoS) attack.
499) NULL pointer dereference (CVE-ID: CVE-2024-50117)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_atif_call() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c. A local user can perform a denial of service (DoS) attack.
500) Resource management error (CVE-ID: CVE-2024-50039)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qdisc_skb_cb() function in net/sched/sch_api.c. A local user can perform a denial of service (DoS) attack.
501) Input validation error (CVE-ID: CVE-2024-56690)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pcrypt_aead_encrypt() and pcrypt_aead_decrypt() functions in crypto/pcrypt.c. A local user can perform a denial of service (DoS) attack.
502) Resource management error (CVE-ID: CVE-2024-50293)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __smc_create() function in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.
503) NULL pointer dereference (CVE-ID: CVE-2024-50145)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the octep_oq_next_pkt() and __octep_oq_process_rx() functions in drivers/net/ethernet/marvell/octeon_ep/octep_rx.c. A local user can perform a denial of service (DoS) attack.
504) Use-after-free (CVE-ID: CVE-2024-53166)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_choose_req(), bfqq_request_over_limit() and bfq_limit_depth() functions in block/bfq-iosched.c. A local user can escalate privileges on the system.
505) Improper locking (CVE-ID: CVE-2024-47713)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ieee80211_do_stop() function in net/mac80211/iface.c. A local user can perform a denial of service (DoS) attack.
506) Integer underflow (CVE-ID: CVE-2024-53158)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the geni_se_clk_tbl_get() function in drivers/soc/qcom/qcom-geni-se.c. A local user can execute arbitrary code.
507) Memory leak (CVE-ID: CVE-2024-50068)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mm/damon/sysfs-test.h. A local user can perform a denial of service (DoS) attack.
508) Memory leak (CVE-ID: CVE-2024-53074)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iwl_mvm_mac_remove_interface() function in drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c. A local user can perform a denial of service (DoS) attack.
509) NULL pointer dereference (CVE-ID: CVE-2024-49914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn20_program_pipe() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.
510) Memory leak (CVE-ID: CVE-2024-49870)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cachefiles_open_file(), fput() and cachefiles_look_up_object() functions in fs/cachefiles/namei.c. A local user can perform a denial of service (DoS) attack.
511) Resource management error (CVE-ID: CVE-2024-50031)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the v3d_perfmon_open_file() and v3d_perfmon_idr_del() functions in drivers/gpu/drm/v3d/v3d_perfmon.c. A local user can perform a denial of service (DoS) attack.
512) Improper locking (CVE-ID: CVE-2024-47735)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hns_roce_lock_cqs() and hns_roce_unlock_cqs() functions in drivers/infiniband/hw/hns/hns_roce_qp.c. A local user can perform a denial of service (DoS) attack.
513) Out-of-bounds read (CVE-ID: CVE-2024-50007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the HPIMSGX__init() function in sound/pci/asihpi/hpimsgx.c. A local user can perform a denial of service (DoS) attack.
514) NULL pointer dereference (CVE-ID: CVE-2024-49915)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn32_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn32/dcn32_hwseq.c. A local user can perform a denial of service (DoS) attack.
515) NULL pointer dereference (CVE-ID: CVE-2024-47699)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nilfs_btree_root_broken() function in fs/nilfs2/btree.c. A local user can perform a denial of service (DoS) attack.
516) Use of uninitialized resource (CVE-ID: CVE-2024-50244)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ni_clear() function in fs/ntfs3/frecord.c. A local user can perform a denial of service (DoS) attack.
517) Use of uninitialized resource (CVE-ID: CVE-2024-50216)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the xfs_filestream_pick_ag() and !() functions in fs/xfs/xfs_filestream.c. A local user can perform a denial of service (DoS) attack.
518) Input validation error (CVE-ID: CVE-2024-53114)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the init_amd_zen4() function in arch/x86/kernel/cpu/amd.c. A local user can perform a denial of service (DoS) attack.
519) Input validation error (CVE-ID: CVE-2024-53043)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mctp_i2c_header_create() function in drivers/net/mctp/mctp-i2c.c. A local user can perform a denial of service (DoS) attack.
520) NULL pointer dereference (CVE-ID: CVE-2024-47688)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the module_add_driver() function in drivers/base/module.c. A local user can perform a denial of service (DoS) attack.
521) Resource management error (CVE-ID: CVE-2024-47734)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bond_xdp_get_xmit_slave() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
522) NULL pointer dereference (CVE-ID: CVE-2024-53230)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cppc_get_cpu_cost() function in drivers/cpufreq/cppc_cpufreq.c. A local user can perform a denial of service (DoS) attack.
523) Division by zero (CVE-ID: CVE-2024-53122)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the mptcp_rcv_space_adjust() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
524) Out-of-bounds read (CVE-ID: CVE-2024-50123)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tools/include/uapi/linux/bpf.h, include/uapi/linux/bpf.h, include/linux/bpf_types.h. A local user can perform a denial of service (DoS) attack.
525) Resource management error (CVE-ID: CVE-2024-53116)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the panthor_vm_map_pages() function in drivers/gpu/drm/panthor/panthor_mmu.c. A local user can perform a denial of service (DoS) attack.
526) Input validation error (CVE-ID: CVE-2024-56726)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cn10k_alloc_leaf_profile() function in drivers/net/ethernet/marvell/octeontx2/nic/cn10k.c. A local user can perform a denial of service (DoS) attack.
527) Memory leak (CVE-ID: CVE-2024-56747)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qedi_alloc_and_init_sb() function in drivers/scsi/qedi/qedi_main.c. A local user can perform a denial of service (DoS) attack.
528) Use-after-free (CVE-ID: CVE-2024-56548)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hfsplus_read_wrapper() function in fs/hfsplus/wrapper.c. A local user can escalate privileges on the system.
529) Improper locking (CVE-ID: CVE-2024-50174)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the panthor_group_destroy(), panthor_group_get_state() and panthor_job_create() functions in drivers/gpu/drm/panthor/panthor_sched.c. A local user can perform a denial of service (DoS) attack.
530) Improper locking (CVE-ID: CVE-2024-53042)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/net/ip_tunnels.h. A local user can perform a denial of service (DoS) attack.
531) Improper locking (CVE-ID: CVE-2024-53135)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the module_param() function in arch/x86/kvm/vmx/vmx.c. A local user can perform a denial of service (DoS) attack.
532) Memory leak (CVE-ID: CVE-2024-50080)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ublk_ctrl_add_dev() function in drivers/block/ublk_drv.c. A local user can perform a denial of service (DoS) attack.
533) Buffer overflow (CVE-ID: CVE-2024-49997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ltq_etop_tx() function in drivers/net/ethernet/lantiq_etop.c. A local user can perform a denial of service (DoS) attack.
534) Input validation error (CVE-ID: CVE-2024-49974)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nfs4_state_create_net() function in fs/nfsd/nfs4state.c, within the nfs4_put_copy() and nfsd4_copy() functions in fs/nfsd/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
535) Integer overflow (CVE-ID: CVE-2024-53145)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the setup_physmem() function in arch/um/kernel/physmem.c. A local user can execute arbitrary code.
536) Incorrect calculation (CVE-ID: CVE-2024-53075)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the populate_cache_leaves() function in arch/riscv/kernel/cacheinfo.c. A local user can perform a denial of service (DoS) attack.
537) Input validation error (CVE-ID: CVE-2024-47730)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qm_set_vf_mse(), qm_controller_reset_prepare(), qm_master_ooo_check() and qm_soft_reset_prepare() functions in drivers/crypto/hisilicon/qm.c. A local user can perform a denial of service (DoS) attack.
538) Improper locking (CVE-ID: CVE-2024-50304)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ip_tunnel_find() function in net/ipv4/ip_tunnel.c. A local user can perform a denial of service (DoS) attack.
539) Out-of-bounds read (CVE-ID: CVE-2024-50161)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the btf_repeat_fields(), btf_find_nested_struct() and btf_find_field_one() functions in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
540) Use-after-free (CVE-ID: CVE-2024-49883)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fs/ext4/extents.c. A local user can escalate privileges on the system.
541) Integer overflow (CVE-ID: CVE-2024-53111)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the mm/mremap.c. A local user can execute arbitrary code.
542) Improper error handling (CVE-ID: CVE-2024-53233)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the utf8_load() function in fs/unicode/utf8-core.c. A local user can perform a denial of service (DoS) attack.
543) Out-of-bounds read (CVE-ID: CVE-2024-47698)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rtl2832_pid_filter() function in drivers/media/dvb-frontends/rtl2832.c. A local user can perform a denial of service (DoS) attack.
544) Incorrect calculation (CVE-ID: CVE-2024-50012)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the include/linux/cpufreq.h. A local user can perform a denial of service (DoS) attack.
545) NULL pointer dereference (CVE-ID: CVE-2024-50240)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qmp_usb_probe() function in drivers/phy/qualcomm/phy-qcom-qmp-usb.c. A local user can perform a denial of service (DoS) attack.
546) Off-by-one (CVE-ID: CVE-2024-53163)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the uof_get_name() function in drivers/crypto/intel/qat/qat_420xx/adf_420xx_hw_data.c. A local user can perform a denial of service (DoS) attack.
547) Memory leak (CVE-ID: CVE-2024-53071)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the panthor_device_mmap_io() function in drivers/gpu/drm/panthor/panthor_device.c. A local user can perform a denial of service (DoS) attack.
548) Memory leak (CVE-ID: CVE-2024-50168)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sun3_82586_send_packet() function in drivers/net/ethernet/i825xx/sun3_82586.c. A local user can perform a denial of service (DoS) attack.
549) Input validation error (CVE-ID: CVE-2024-47740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the f2fs_ioc_start_atomic_write(), f2fs_ioc_commit_atomic_write(), f2fs_ioc_start_volatile_write(), f2fs_ioc_release_volatile_write() and f2fs_ioc_abort_volatile_write() functions in fs/f2fs/file.c. A local user can perform a denial of service (DoS) attack.
550) Resource management error (CVE-ID: CVE-2024-50275)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sve_init_regs() function in arch/arm64/kernel/fpsimd.c. A local user can perform a denial of service (DoS) attack.
551) Resource management error (CVE-ID: CVE-2024-49961)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ar0521_power_off() and ar0521_power_on() functions in drivers/media/i2c/ar0521.c. A local user can perform a denial of service (DoS) attack.
552) Improper locking (CVE-ID: CVE-2024-50183)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_vport_delete() function in drivers/scsi/lpfc/lpfc_vport.c, within the lpfc_cmpl_ct() function in drivers/scsi/lpfc/lpfc_ct.c. A local user can perform a denial of service (DoS) attack.
553) Integer underflow (CVE-ID: CVE-2024-53203)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the ucsi_ccg_sync_control() function in drivers/usb/typec/ucsi/ucsi_ccg.c. A local user can execute arbitrary code.
554) Resource management error (CVE-ID: CVE-2024-47738)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ieee80211_tx_h_rate_ctrl() function in net/mac80211/tx.c, within the ieee80211_send_scan_probe_req() function in net/mac80211/scan.c, within the ieee80211_get_tx_rates() function in net/mac80211/rate.c, within the ieee80211_mgmt_tx() function in net/mac80211/offchannel.c. A local user can perform a denial of service (DoS) attack.
555) Improper locking (CVE-ID: CVE-2024-49856)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sgx_alloc_epc_page() function in arch/x86/kernel/cpu/sgx/main.c. A local user can perform a denial of service (DoS) attack.
556) Improper locking (CVE-ID: CVE-2024-50014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __ext4_fill_super() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
557) Improper locking (CVE-ID: CVE-2024-50191)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_handle_error() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
558) Buffer overflow (CVE-ID: CVE-2024-46869)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the btintel_pcie_setup_hdev() function in drivers/bluetooth/btintel_pcie.c. A local user can perform a denial of service (DoS) attack.
559) Incorrect calculation (CVE-ID: CVE-2024-56721)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the init_amd_bd() function in arch/x86/kernel/cpu/amd.c. A local user can perform a denial of service (DoS) attack.
560) Input validation error (CVE-ID: CVE-2024-50056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the find_format_by_pix(), uvc_v4l2_try_format() and uvc_v4l2_enum_format() functions in drivers/usb/gadget/function/uvc_v4l2.c. A local user can perform a denial of service (DoS) attack.
561) Memory leak (CVE-ID: CVE-2024-53210)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iucv_sock_recvmsg() function in net/iucv/af_iucv.c. A local user can perform a denial of service (DoS) attack.
562) NULL pointer dereference (CVE-ID: CVE-2024-49978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __udp_gso_segment() function in net/ipv4/udp_offload.c. A local user can perform a denial of service (DoS) attack.
563) Integer overflow (CVE-ID: CVE-2024-53161)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the bluefield_edac_check() function in drivers/edac/bluefield_edac.c. A local user can execute arbitrary code.
564) Improper locking (CVE-ID: CVE-2024-50155)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nsim_dev_trap_report_work() and nsim_dev_traps_init() functions in drivers/net/netdevsim/dev.c. A local user can perform a denial of service (DoS) attack.
565) Buffer overflow (CVE-ID: CVE-2024-50270)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the damon_feed_loop_next_input() function in mm/damon/core.c. A local user can perform a denial of service (DoS) attack.
566) Improper locking (CVE-ID: CVE-2024-50169)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the virtio_transport_read_skb() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.
567) Buffer overflow (CVE-ID: CVE-2024-49952)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nf_dup_ipv6_route() and nf_dup_ipv6() functions in net/ipv6/netfilter/nf_dup_ipv6.c, within the nf_dup_ipv4() function in net/ipv4/netfilter/nf_dup_ipv4.c. A local user can perform a denial of service (DoS) attack.
568) Memory leak (CVE-ID: CVE-2024-50236)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wmi_process_mgmt_tx_comp() and ath10k_wmi_mgmt_tx_clean_up_pending() functions in drivers/net/wireless/ath/ath10k/wmi.c, within the ath10k_wmi_tlv_op_cleanup_mgmt_tx_send() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can perform a denial of service (DoS) attack.
569) NULL pointer dereference (CVE-ID: CVE-2024-49863)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vhost_scsi_get_req() function in drivers/vhost/scsi.c. A local user can perform a denial of service (DoS) attack.
570) NULL pointer dereference (CVE-ID: CVE-2024-49857)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iwl_mvm_ftm_set_secured_ranging() function in drivers/net/wireless/intel/iwlwifi/mvm/ftm-initiator.c. A local user can perform a denial of service (DoS) attack.
571) Double free (CVE-ID: CVE-2024-53140)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the netlink_skb_set_owner_r(), netlink_sock_destruct(), deferred_put_nlk_sk() and netlink_release() functions in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
572) Integer overflow (CVE-ID: CVE-2024-53107)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the pagemap_scan_get_args() function in fs/proc/task_mmu.c. A local user can execute arbitrary code.
573) Out-of-bounds read (CVE-ID: CVE-2024-50247)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the decompress_chunk() function in fs/ntfs3/lznt.c. A local user can perform a denial of service (DoS) attack.
574) Memory leak (CVE-ID: CVE-2024-53084)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pvr_vm_context_release() function in drivers/gpu/drm/imagination/pvr_vm.c, within the pvr_context_destroy() function in drivers/gpu/drm/imagination/pvr_context.c. A local user can perform a denial of service (DoS) attack.
575) Improper error handling (CVE-ID: CVE-2024-50077)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the iso_init() function in net/bluetooth/iso.c. A local user can perform a denial of service (DoS) attack.
576) Use-after-free (CVE-ID: CVE-2024-50121)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfs4_state_shutdown_net() function in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.
577) Input validation error (CVE-ID: CVE-2024-53091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the include/net/tls.h. A local user can perform a denial of service (DoS) attack.
578) Use-after-free (CVE-ID: CVE-2024-49925)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efifb_probe(), pm_runtime_put() and efifb_remove() functions in drivers/video/fbdev/efifb.c. A local user can escalate privileges on the system.
579) Input validation error (CVE-ID: CVE-2024-47745)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the SYSCALL_DEFINE5() function in mm/mmap.c. A local user can perform a denial of service (DoS) attack.
580) Use-after-free (CVE-ID: CVE-2024-50086)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_check_user_session(), smb2_sess_setup() and smb2_session_logoff() functions in fs/smb/server/smb2pdu.c, within the __handle_ksmbd_work() function in fs/smb/server/server.c, within the ksmbd_expire_session(), ksmbd_session_lookup_slowpath(), ksmbd_session_lookup_all() and __session_create() functions in fs/smb/server/mgmt/user_session.c. A local user can escalate privileges on the system.
581) Use of uninitialized resource (CVE-ID: CVE-2024-53101)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ocfs2_setattr() function in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.
582) Memory leak (CVE-ID: CVE-2024-56729)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the spin_lock() function in fs/smb/client/cached_dir.c. A local user can perform a denial of service (DoS) attack.
583) Improper locking (CVE-ID: CVE-2024-56751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ip6_dst_ifdown(), DEFINE_SPINLOCK() and rt6_remove_exception() functions in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
584) Integer overflow (CVE-ID: CVE-2024-50016)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the dp_set_test_pattern() function in drivers/gpu/drm/amd/display/dc/link/accessories/link_dp_cts.c. A local user can execute arbitrary code.
585) NULL pointer dereference (CVE-ID: CVE-2024-49901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_gpu_init() function in drivers/gpu/drm/msm/msm_gpu.c, within the adreno_gpu_init() function in drivers/gpu/drm/msm/adreno/adreno_gpu.c. A local user can perform a denial of service (DoS) attack.
586) NULL pointer dereference (CVE-ID: CVE-2024-47694)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5r_umr_init() function in drivers/infiniband/hw/mlx5/umr.c. A local user can perform a denial of service (DoS) attack.
587) Buffer overflow (CVE-ID: CVE-2024-53098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the user_fence_create() function in drivers/gpu/drm/xe/xe_sync.c. A local user can perform a denial of service (DoS) attack.
588) Use-after-free (CVE-ID: CVE-2024-53232)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the calc_rtx(), s390_domain_free(), s390_iommu_attach_device(), s390_iommu_probe_device(), s390_iommu_unmap_pages() and s390_iommu_init() functions in drivers/iommu/s390-iommu.c, within the pci_fmb_show() function in arch/s390/pci/pci_debug.c, within the zpci_fmb_enable_device() function in arch/s390/pci/pci.c. A local user can escalate privileges on the system.
589) Resource management error (CVE-ID: CVE-2024-50108)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the is_psr_su_specific_panel() function in drivers/gpu/drm/amd/display/modules/power/power_helpers.c. A local user can perform a denial of service (DoS) attack.
590) Memory leak (CVE-ID: CVE-2024-50197)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the intel_platform_pinctrl_prepare_community() function in drivers/pinctrl/intel/pinctrl-intel-platform.c. A local user can perform a denial of service (DoS) attack.
591) Input validation error (CVE-ID: CVE-2024-50242)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ntfs_file_release() function in fs/ntfs3/file.c. A local user can perform a denial of service (DoS) attack.
592) Resource management error (CVE-ID: CVE-2024-50222)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the copy_page_from_iter_atomic() function in lib/iov_iter.c. A local user can perform a denial of service (DoS) attack.
593) Resource management error (CVE-ID: CVE-2024-53132)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the xe_oa_release() function in drivers/gpu/drm/xe/xe_oa.c. A local user can perform a denial of service (DoS) attack.
594) Memory leak (CVE-ID: CVE-2024-50212)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the codetag_unload_module() function in lib/codetag.c. A local user can perform a denial of service (DoS) attack.
595) Out-of-bounds read (CVE-ID: CVE-2024-49933)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ioc_forgive_debts() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.
596) Race condition (CVE-ID: CVE-2024-53169)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the EXPORT_SYMBOL_GPL() function in drivers/nvme/host/core.c. A local user can escalate privileges on the system.
597) NULL pointer dereference (CVE-ID: CVE-2024-49957)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ocfs2_journal_shutdown() function in fs/ocfs2/journal.c. A local user can perform a denial of service (DoS) attack.
598) Improper locking (CVE-ID: CVE-2024-56533)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_usx2y_disconnect() function in sound/usb/usx2y/usbusx2y.c. A local user can perform a denial of service (DoS) attack.
599) NULL pointer dereference (CVE-ID: CVE-2024-47708)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the netkit_priv(), netkit_xmit() and rcu_read_unlock() functions in drivers/net/netkit.c. A local user can perform a denial of service (DoS) attack.
600) Use-after-free (CVE-ID: CVE-2024-50267)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the edge_bulk_out_data_callback() and edge_bulk_out_cmd_callback() functions in drivers/usb/serial/io_edgeport.c. A local user can escalate privileges on the system.
601) Resource management error (CVE-ID: CVE-2024-56723)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ARRAY_SIZE() and bxtwc_probe() functions in drivers/mfd/intel_soc_pmic_bxtwc.c. A local user can perform a denial of service (DoS) attack.
602) Memory leak (CVE-ID: CVE-2024-50110)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the copy_to_user_auth() function in net/xfrm/xfrm_user.c. A local user can perform a denial of service (DoS) attack.
603) Information disclosure (CVE-ID: CVE-2024-50064)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the zram_destroy_comps() function in drivers/block/zram/zram_drv.c. A local user can gain access to sensitive information.
604) Input validation error (CVE-ID: CVE-2024-56722)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the free_srqc() function in drivers/infiniband/hw/hns/hns_roce_srq.c, within the hns_roce_mr_free() function in drivers/infiniband/hw/hns/hns_roce_mr.c, within the set_rwqe_data_seg(), free_mr_modify_rsv_qp(), free_mr_post_send_lp_wqe(), free_mr_send_cmd_to_hw(), hns_roce_v2_set_abs_fields(), hns_roce_v2_modify_qp(), hns_roce_v2_query_qp(), hns_roce_v2_destroy_qp_common(), hns_roce_v2_destroy_qp(), hns_roce_v2_modify_cq() and hns_roce_v2_query_cqc() functions in drivers/infiniband/hw/hns/hns_roce_hw_v2.c, within the hns_roce_table_put() function in drivers/infiniband/hw/hns/hns_roce_hem.c, within the free_cqc() function in drivers/infiniband/hw/hns/hns_roce_cq.c. A local user can perform a denial of service (DoS) attack.
605) NULL pointer dereference (CVE-ID: CVE-2024-53130)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nilfs_grab_buffer() function in fs/nilfs2/page.c, within the nilfs_mdt_create_block() function in fs/nilfs2/mdt.c, within the nilfs_gccache_submit_read_data() function in fs/nilfs2/gcinode.c, within the nilfs_btnode_create_block() and nilfs_btnode_submit_block() functions in fs/nilfs2/btnode.c. A local user can perform a denial of service (DoS) attack.
606) Use-after-free (CVE-ID: CVE-2024-53208)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mgmt_set_powered_complete() function in net/bluetooth/mgmt.c. A local user can escalate privileges on the system.
607) Memory leak (CVE-ID: CVE-2024-50102)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the IS_ENABLED() function in arch/x86/lib/getuser.S, within the RUNTIME_CONST() function in arch/x86/kernel/vmlinux.lds.S, within the arch_cpu_finalize_init() function in arch/x86/kernel/cpu/common.c. A local user can perform a denial of service (DoS) attack.
608) Use-after-free (CVE-ID: CVE-2024-50153)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the target_alloc_device() function in drivers/target/target_core_device.c. A local user can escalate privileges on the system.
609) Improper locking (CVE-ID: CVE-2024-49939)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtw89_ops_add_interface() function in drivers/net/wireless/realtek/rtw89/mac80211.c. A local user can perform a denial of service (DoS) attack.
610) Resource management error (CVE-ID: CVE-2024-53094)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the siw_tcp_sendpages() function in drivers/infiniband/sw/siw/siw_qp_tx.c. A local user can perform a denial of service (DoS) attack.
611) Out-of-bounds read (CVE-ID: CVE-2024-50262)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the trie_get_next_key() function in kernel/bpf/lpm_trie.c. A local user can perform a denial of service (DoS) attack.
612) NULL pointer dereference (CVE-ID: CVE-2024-49850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_core_apply() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
613) Resource management error (CVE-ID: CVE-2024-53195)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the DECLARE_KVM_NVHE_PER_CPU(), kvm_arch_vcpu_postcreate(), kvm_arch_vcpu_run_pid_change(), kvm_vcpu_exit_request() and kvm_arch_vcpu_ioctl_run() functions in arch/arm64/kvm/arm.c, within the get_timer_map() function in arch/arm64/kvm/arch_timer.c. A local user can perform a denial of service (DoS) attack.
614) Use-after-free (CVE-ID: CVE-2024-53170)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the del_gendisk() function in block/genhd.c, within the blk_register_queue() function in block/blk-sysfs.c. A local user can escalate privileges on the system.
615) Resource management error (CVE-ID: CVE-2024-50093)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the proc_thermal_pci_remove() function in drivers/thermal/intel/int340x_thermal/processor_thermal_device_pci.c. A local user can perform a denial of service (DoS) attack.
616) Resource management error (CVE-ID: CVE-2024-53223)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the to_mtmips_clk(), mt76x8_cpu_recalc_rate(), CLK_BASE() and ARRAY_SIZE() functions in drivers/clk/ralink/clk-mtmips.c. A local user can perform a denial of service (DoS) attack.
617) Improper locking (CVE-ID: CVE-2024-53093)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_add_ns_head_cdev(), nvme_mpath_alloc_disk(), nvme_mpath_set_live(), nvme_mpath_shutdown_disk() and nvme_mpath_remove_disk() functions in drivers/nvme/host/multipath.c. A local user can perform a denial of service (DoS) attack.
618) Improper resource shutdown or release (CVE-ID: CVE-2024-56699)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the zpci_device_reserved() and zpci_release_device() functions in arch/s390/pci/pci.c. A local user can perform a denial of service (DoS) attack.
619) NULL pointer dereference (CVE-ID: CVE-2024-50070)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the stm32_gpiolib_register_bank() function in drivers/pinctrl/stm32/pinctrl-stm32.c. A local user can perform a denial of service (DoS) attack.
620) Use-after-free (CVE-ID: CVE-2024-49992)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ltdc_crtc_atomic_print_state(), ltdc_plane_atomic_print_state(), ltdc_plane_create(), ltdc_crtc_init(), ltdc_encoder_init(), ltdc_load() and ltdc_unload() functions in drivers/gpu/drm/stm/ltdc.c, within the drv_load() function in drivers/gpu/drm/stm/drv.c. A local user can escalate privileges on the system.
621) Resource management error (CVE-ID: CVE-2024-50111)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the do_ale() and die_if_kernel() functions in arch/loongarch/kernel/traps.c. A local user can perform a denial of service (DoS) attack.
622) Memory leak (CVE-ID: CVE-2024-47728)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the BPF_CALL_5() function in net/core/filter.c, within the BPF_CALL_4() function in kernel/bpf/syscall.c, within the BPF_CALL_4() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
623) Memory leak (CVE-ID: CVE-2024-53202)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fw_log_firmware_info() function in drivers/base/firmware_loader/main.c. A local user can perform a denial of service (DoS) attack.
624) Memory leak (CVE-ID: CVE-2024-47741)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the find_desired_extent_in_hole() and find_desired_extent() functions in fs/btrfs/file.c. A local user can perform a denial of service (DoS) attack.
625) NULL pointer dereference (CVE-ID: CVE-2024-49920)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn32_is_center_timing() function in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource_helpers.c, within the dcn32_enable_phantom_plane() function in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c, within the bw_calcs_data_update_from_pplib() function in drivers/gpu/drm/amd/display/dc/resource/dce112/dce112_resource.c, within the reset_dio_stream_encoder() function in drivers/gpu/drm/amd/display/dc/link/hwss/link_hwss_dio.c, within the dp_set_test_pattern() function in drivers/gpu/drm/amd/display/dc/link/accessories/link_dp_cts.c, within the dcn20_post_unlock_program_front_end() and dcn20_wait_for_blank_complete() functions in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c, within the hwss_build_fast_sequence() function in drivers/gpu/drm/amd/display/dc/core/dc_hw_sequencer.c. A local user can perform a denial of service (DoS) attack.
626) Improper locking (CVE-ID: CVE-2024-56694)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sk_psock_strp_data_ready() function in net/core/skmsg.c. A local user can perform a denial of service (DoS) attack.
627) Buffer overflow (CVE-ID: CVE-2024-53126)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the psnet_open_pf_bar() function in drivers/vdpa/solidrun/snet_main.c. A local user can perform a denial of service (DoS) attack.
628) Memory leak (CVE-ID: CVE-2024-49851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tpm2_flush_space() function in drivers/char/tpm/tpm2-space.c, within the tpm_dev_transmit() function in drivers/char/tpm/tpm-dev-common.c. A local user can perform a denial of service (DoS) attack.
629) Improper locking (CVE-ID: CVE-2024-50099)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the arm_probe_decode_insn() and arm_kprobe_decode_insn() functions in arch/arm64/kernel/probes/decode-insn.c. A local user can perform a denial of service (DoS) attack.
630) Memory leak (CVE-ID: CVE-2024-50302)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hid_alloc_report_buf() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.
Note, the vulnerability is being actively exploited in the wild against Android devices.
631) Memory leak (CVE-ID: CVE-2024-50214)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drm_test_drm_hdmi_compute_mode_clock_rgb(), drm_test_drm_hdmi_compute_mode_clock_rgb_10bpc(), drm_test_drm_hdmi_compute_mode_clock_rgb_10bpc_vic_1(), drm_test_drm_hdmi_compute_mode_clock_rgb_12bpc(), drm_test_drm_hdmi_compute_mode_clock_rgb_12bpc_vic_1(), drm_test_drm_hdmi_compute_mode_clock_rgb_double(), drm_test_connector_hdmi_compute_mode_clock_yuv420_valid(), drm_test_connector_hdmi_compute_mode_clock_yuv420_10_bpc(), drm_test_connector_hdmi_compute_mode_clock_yuv420_12_bpc(), drm_test_connector_hdmi_compute_mode_clock_yuv422_8_bpc(), drm_test_connector_hdmi_compute_mode_clock_yuv422_10_bpc() and drm_test_connector_hdmi_compute_mode_clock_yuv422_12_bpc() functions in drivers/gpu/drm/tests/drm_connector_test.c. A local user can perform a denial of service (DoS) attack.
632) Buffer overflow (CVE-ID: CVE-2024-49973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/net/ethernet/realtek/r8169_main.c. A local user can perform a denial of service (DoS) attack.
633) Infinite loop (CVE-ID: CVE-2024-50024)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the __netlink_clear_multicast_users() function in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
634) NULL pointer dereference (CVE-ID: CVE-2024-50162)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dev_map_hash_get_next_key(), dev_map_bpf_prog_run() and bq_xmit_all() functions in kernel/bpf/devmap.c. A local user can perform a denial of service (DoS) attack.
635) Out-of-bounds read (CVE-ID: CVE-2024-53214)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vfio_virt_config_read() and vfio_config_do_rw() functions in drivers/vfio/pci/vfio_pci_config.c. A local user can perform a denial of service (DoS) attack.
636) Use-after-free (CVE-ID: CVE-2024-50073)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gsm_cleanup_mux() function in drivers/tty/n_gsm.c. A local user can escalate privileges on the system.
637) Race condition (CVE-ID: CVE-2024-50061)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the cdns_i3c_master_remove() function in drivers/i3c/master/i3c-master-cdns.c. A local user can escalate privileges on the system.
638) NULL pointer dereference (CVE-ID: CVE-2024-56549)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cachefiles_ondemand_fd_write_iter() and cachefiles_ondemand_fd_llseek() functions in fs/cachefiles/ondemand.c, within the cachefiles_commit_object() and cachefiles_clean_up_object() functions in fs/cachefiles/interface.c. A local user can perform a denial of service (DoS) attack.
639) NULL pointer dereference (CVE-ID: CVE-2024-56688)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xs_sock_reset_state_flags() function in net/sunrpc/xprtsock.c. A local user can perform a denial of service (DoS) attack.
640) Use-after-free (CVE-ID: CVE-2024-49960)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the flush_work() function in fs/ext4/super.c. A local user can escalate privileges on the system.
641) Resource management error (CVE-ID: CVE-2024-56543)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ath12k_mac_peer_cleanup_all() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.
642) Memory leak (CVE-ID: CVE-2024-53178)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the find_or_create_cached_dir() and smb2_set_related() functions in fs/smb/client/cached_dir.c. A local user can perform a denial of service (DoS) attack.
643) Double free (CVE-ID: CVE-2024-50027)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the thermal_zone_device_unregister() function in drivers/thermal/thermal_core.c. A local user can perform a denial of service (DoS) attack.
644) Resource management error (CVE-ID: CVE-2024-50295)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the arc_emac_tx_clean(), arc_emac_rx(), arc_emac_open(), arc_emac_set_rx_mode(), arc_free_tx_queue(), arc_free_rx_queue() and arc_emac_tx() functions in drivers/net/ethernet/arc/emac_main.c. A local user can perform a denial of service (DoS) attack.
645) Out-of-bounds write (CVE-ID: CVE-2024-53104)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an out-of-bounds read error within the uvc_parse_format() function in drivers/media/usb/uvc/uvc_driver.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
Note, the vulnerability is being actively exploited in the wild.
646) Resource management error (CVE-ID: CVE-2024-53065)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kmem_buckets_create() function in mm/slab_common.c. A local user can perform a denial of service (DoS) attack.
647) Use-after-free (CVE-ID: CVE-2024-47747)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ether3_remove() function in drivers/net/ethernet/seeq/ether3.c. A local user can escalate privileges on the system.
648) Use-after-free (CVE-ID: CVE-2024-49991)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pqm_clean_queue_resource() function in drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c, within the kfd_process_destroy_pdds() function in drivers/gpu/drm/amd/amdkfd/kfd_process.c, within the kfd_free_mqd_cp() function in drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager.c, within the deallocate_hiq_sdma_mqd() function in drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c, within the kfd_gtt_sa_fini() and kgd2kfd_device_exit() functions in drivers/gpu/drm/amd/amdkfd/kfd_device.c, within the kfd_ioctl_create_queue() function in drivers/gpu/drm/amd/amdkfd/kfd_chardev.c, within the amdgpu_amdkfd_free_gtt_mem() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c. A local user can escalate privileges on the system.
649) Input validation error (CVE-ID: CVE-2024-50202)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nilfs_lookup(), nilfs_do_unlink(), nilfs_rename() and nilfs_get_parent() functions in fs/nilfs2/namei.c, within the nilfs_readdir(), nilfs_find_entry() and nilfs_inode_by_name() functions in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
650) Race condition (CVE-ID: CVE-2024-49935)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the exit_round_robin() function in drivers/acpi/acpi_pad.c. A local user can perform a denial of service (DoS) attack.
651) Input validation error (CVE-ID: CVE-2024-50062)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the rtrs_srv_info_req_done() and post_recv_path() functions in drivers/infiniband/ulp/rtrs/rtrs-srv.c. A local user can perform a denial of service (DoS) attack.
652) Input validation error (CVE-ID: CVE-2024-50094)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the efx_poll() function in drivers/net/ethernet/sfc/siena/efx_channels.c, within the efx_poll() function in drivers/net/ethernet/sfc/efx_channels.c. A local user can perform a denial of service (DoS) attack.
653) NULL pointer dereference (CVE-ID: CVE-2024-56544)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vmap_udmabuf(), release_udmabuf() and udmabuf_create() functions in drivers/dma-buf/udmabuf.c. A local user can perform a denial of service (DoS) attack.
654) Resource management error (CVE-ID: CVE-2024-50010)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the SYSCALL_DEFINE1(), EXPORT_SYMBOL() and do_open_execat() functions in fs/exec.c. A local user can perform a denial of service (DoS) attack.
655) Input validation error (CVE-ID: CVE-2024-49971)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/gpu/drm/amd/display/dc/dml2/dml21/src/dml2_core/dml2_core_shared_types.h. A local user can perform a denial of service (DoS) attack.
656) Resource management error (CVE-ID: CVE-2024-50083)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tcp_can_coalesce_send_queue_head() function in net/ipv4/tcp_output.c. A local user can perform a denial of service (DoS) attack.
657) Improper locking (CVE-ID: CVE-2024-56687)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the musb_free_request() function in drivers/usb/musb/musb_gadget.c. A local user can perform a denial of service (DoS) attack.
658) Input validation error (CVE-ID: CVE-2024-47753)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vdec_vp8_slice_decode() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_vp8_req_if.c. A local user can perform a denial of service (DoS) attack.
659) Improper error handling (CVE-ID: CVE-2024-50297)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the axienet_start_xmit_dmaengine() function in drivers/net/ethernet/xilinx/xilinx_axienet_main.c. A local user can perform a denial of service (DoS) attack.
660) Memory leak (CVE-ID: CVE-2024-47733)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the netfs_init() and fs_initcall() functions in fs/netfs/main.c. A local user can perform a denial of service (DoS) attack.
661) Improper locking (CVE-ID: CVE-2024-50135)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_pci_nr_maps() and nvme_reset_work() functions in drivers/nvme/host/pci.c. A local user can perform a denial of service (DoS) attack.
662) Improper locking (CVE-ID: CVE-2024-50066)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the move_normal_pmd() function in mm/mremap.c. A local user can perform a denial of service (DoS) attack.
663) NULL pointer dereference (CVE-ID: CVE-2024-50118)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_reconfigure() function in fs/btrfs/super.c. A local user can perform a denial of service (DoS) attack.
664) Memory leak (CVE-ID: CVE-2024-56746)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sh7760fb_alloc_mem() function in drivers/video/fbdev/sh7760fb.c. A local user can perform a denial of service (DoS) attack.
665) Out-of-bounds read (CVE-ID: CVE-2024-47682)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sd_read_block_characteristics() function in drivers/scsi/sd.c. A local user can perform a denial of service (DoS) attack.
666) Use-after-free (CVE-ID: CVE-2024-53165)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the register_intc_controller() function in drivers/sh/intc/core.c. A local user can escalate privileges on the system.
667) Improper locking (CVE-ID: CVE-2024-50025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fnic_probe() function in drivers/scsi/fnic/fnic_main.c. A local user can perform a denial of service (DoS) attack.
668) Improper locking (CVE-ID: CVE-2024-49875)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fs/nfsd/vfs.c. A local user can perform a denial of service (DoS) attack.
669) NULL pointer dereference (CVE-ID: CVE-2024-47717)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the kvm_riscv_vcpu_pmu_read_hpm() function in arch/riscv/kvm/vcpu_pmu.c. A local user can perform a denial of service (DoS) attack.
670) Out-of-bounds read (CVE-ID: CVE-2024-49894)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm_helper_translate_curve_to_degamma_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c. A local user can perform a denial of service (DoS) attack.
671) NULL pointer dereference (CVE-ID: CVE-2024-50198)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the in_illuminance_period_available_show() function in drivers/iio/light/veml6030.c. A local user can perform a denial of service (DoS) attack.
672) Memory leak (CVE-ID: CVE-2024-50167)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the be_xmit() function in drivers/net/ethernet/emulex/benet/be_main.c. A local user can perform a denial of service (DoS) attack.
673) Input validation error (CVE-ID: CVE-2024-49958)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ocfs2_reflink_xattr_inline() function in fs/ocfs2/xattr.c, within the __ocfs2_reflink() function in fs/ocfs2/refcounttree.c. A local user can perform a denial of service (DoS) attack.
674) Improper error handling (CVE-ID: CVE-2024-49966)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ocfs2_local_read_info() function in fs/ocfs2/quota_local.c. A local user can perform a denial of service (DoS) attack.
675) Memory leak (CVE-ID: CVE-2024-50254)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __aligned() and bpf_iter_bits_new() functions in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
676) NULL pointer dereference (CVE-ID: CVE-2024-49904)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the aca_banks_release(), aca_error_fini() and aca_manager_fini() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_aca.c. A local user can perform a denial of service (DoS) attack.
677) Improper locking (CVE-ID: CVE-2024-50041)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the i40e_vc_get_vf_resources_msg() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c, within the i40e_add_mac_filter() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
678) Use-after-free (CVE-ID: CVE-2024-50005)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mac802154_scan_worker() function in net/mac802154/scan.c. A local user can escalate privileges on the system.
679) Use of uninitialized resource (CVE-ID: CVE-2024-53066)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nfs_fattr_init() function in fs/nfs/inode.c. A local user can perform a denial of service (DoS) attack.
680) NULL pointer dereference (CVE-ID: CVE-2024-50000)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5e_tir_builder_alloc() function in drivers/net/ethernet/mellanox/mlx5/core/en/tir.c. A local user can perform a denial of service (DoS) attack.
681) Double free (CVE-ID: CVE-2024-50215)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the nvmet_setup_dhgroup() function in drivers/nvme/target/auth.c. A local user can perform a denial of service (DoS) attack.
682) Use-after-free (CVE-ID: CVE-2024-47748)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vhost_vdpa_setup_vq_irq(), vhost_vdpa_vring_ioctl() and vhost_vdpa_open() functions in drivers/vhost/vdpa.c. A local user can escalate privileges on the system.
683) Memory leak (CVE-ID: CVE-2024-56742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5vf_add_migration_pages() function in drivers/vfio/pci/mlx5/cmd.c. A local user can perform a denial of service (DoS) attack.
684) Input validation error (CVE-ID: CVE-2024-50259)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nsim_nexthop_bucket_activity_write() function in drivers/net/netdevsim/fib.c. A local user can perform a denial of service (DoS) attack.
685) Resource management error (CVE-ID: CVE-2024-50092)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the send_ext_msg_udp() function in drivers/net/netconsole.c. A local user can perform a denial of service (DoS) attack.
686) Improper error handling (CVE-ID: CVE-2024-47737)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the idmap_id_to_name() function in fs/nfsd/nfs4idmap.c. A local user can perform a denial of service (DoS) attack.
687) NULL pointer dereference (CVE-ID: CVE-2024-53238)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btusb_mtk_claim_iso_intf() function in drivers/bluetooth/btusb.c, within the btmtk_usb_isointf_init() function in drivers/bluetooth/btmtk.c. A local user can perform a denial of service (DoS) attack.
688) Use of uninitialized resource (CVE-ID: CVE-2024-50300)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the rtq2208_probe() function in drivers/regulator/rtq2208-regulator.c. A local user can perform a denial of service (DoS) attack.
689) Buffer overflow (CVE-ID: CVE-2024-53192)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the loongson2_clk_probe() function in drivers/clk/clk-loongson2.c. A local user can escalate privileges on the system.
690) Use-after-free (CVE-ID: CVE-2024-47696)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iw_cm_init() function in drivers/infiniband/core/iwcm.c. A local user can escalate privileges on the system.
691) Buffer overflow (CVE-ID: CVE-2024-50134)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the hgsmi_update_pointer_shape() function in drivers/gpu/drm/vboxvideo/hgsmi_base.c. A local user can perform a denial of service (DoS) attack.
692) Resource management error (CVE-ID: CVE-2024-50201)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the radeon_encoder_clones() function in drivers/gpu/drm/radeon/radeon_encoders.c. A local user can perform a denial of service (DoS) attack.
693) Input validation error (CVE-ID: CVE-2024-50181)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the imx7d_clocks_init() function in drivers/clk/imx/clk-imx7d.c. A local user can perform a denial of service (DoS) attack.
694) NULL pointer dereference (CVE-ID: CVE-2024-49873)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the filemap_get_folios_contig() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.
695) Input validation error (CVE-ID: CVE-2024-50187)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vc4_perfmon_open_file() and vc4_perfmon_close_file() functions in drivers/gpu/drm/vc4/vc4_perfmon.c. A local user can perform a denial of service (DoS) attack.
696) Use-after-free (CVE-ID: CVE-2024-53171)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the get_znodes_to_commit() function in fs/ubifs/tnc_commit.c. A local user can escalate privileges on the system.
697) NULL pointer dereference (CVE-ID: CVE-2024-50160)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dolphin_fixups() function in sound/pci/hda/patch_cs8409.c. A local user can perform a denial of service (DoS) attack.
698) NULL pointer dereference (CVE-ID: CVE-2024-49923)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn21_fast_validate_bw() function in drivers/gpu/drm/amd/display/dc/resource/dcn21/dcn21_resource.c, within the dcn20_fast_validate_bw() function in drivers/gpu/drm/amd/display/dc/resource/dcn20/dcn20_resource.c. A local user can perform a denial of service (DoS) attack.
699) Buffer overflow (CVE-ID: CVE-2024-50063)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bpf_prog_map_compatible() function in kernel/bpf/core.c. A local user can perform a denial of service (DoS) attack.
700) Use-after-free (CVE-ID: CVE-2024-53174)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the c_show() function in net/sunrpc/cache.c. A local user can escalate privileges on the system.
701) Use of uninitialized resource (CVE-ID: CVE-2024-50143)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the udf_current_aext() function in fs/udf/inode.c. A local user can perform a denial of service (DoS) attack.
702) Use-after-free (CVE-ID: CVE-2024-49982)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ata_rw_frameinit(), aoecmd_ata_rw(), resend(), probe() and aoecmd_ata_id() functions in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.
703) Use-after-free (CVE-ID: CVE-2024-56546)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xlnx_add_cb_for_suspend() function in drivers/soc/xilinx/xlnx_event_manager.c. A local user can escalate privileges on the system.
704) NULL pointer dereference (CVE-ID: CVE-2024-50109)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the raid10_run() function in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
705) Memory leak (CVE-ID: CVE-2024-53119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the virtio_transport_recv_listen() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.
706) NULL pointer dereference (CVE-ID: CVE-2024-47707)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt6_uncached_list_flush_dev() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
707) NULL pointer dereference (CVE-ID: CVE-2024-56696)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the test_format_fill_silence(), test_playback_avail(), test_capture_avail() and test_pcm_format_name() functions in sound/core/sound_kunit.c. A local user can perform a denial of service (DoS) attack.
708) Use-after-free (CVE-ID: CVE-2024-53108)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the parse_amd_vsdb() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can escalate privileges on the system.
709) Buffer overflow (CVE-ID: CVE-2024-47731)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ali_drw_pmu_isr() function in drivers/perf/alibaba_uncore_drw_pmu.c. A local user can perform a denial of service (DoS) attack.
710) Use-after-free (CVE-ID: CVE-2024-50261)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the macsec_free_netdev() function in drivers/net/macsec.c. A local user can escalate privileges on the system.
711) Buffer overflow (CVE-ID: CVE-2024-50042)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ice_vf_pre_vsi_rebuild() function in drivers/net/ethernet/intel/ice/ice_vf_lib.c, within the ice_sriov_set_msix_vec_count() function in drivers/net/ethernet/intel/ice/ice_sriov.c. A local user can perform a denial of service (DoS) attack.
712) Use-after-free (CVE-ID: CVE-2024-49884)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_split_extent_at() and ext4_ext_dirty() functions in fs/ext4/extents.c. A local user can escalate privileges on the system.
713) Out-of-bounds read (CVE-ID: CVE-2024-53162)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the uof_get_name() function in drivers/crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c. A local user can perform a denial of service (DoS) attack.
714) Input validation error (CVE-ID: CVE-2024-56755)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the fs/netfs/fscache_volume.c. A local user can perform a denial of service (DoS) attack.
715) NULL pointer dereference (CVE-ID: CVE-2024-49919)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn201_acquire_free_pipe_for_layer() function in drivers/gpu/drm/amd/display/dc/resource/dcn201/dcn201_resource.c. A local user can perform a denial of service (DoS) attack.
716) Use-after-free (CVE-ID: CVE-2024-53216)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in fs/nfsd/export.c. A local user can execute arbitrary code with elevated privileges.
717) Division by zero (CVE-ID: CVE-2024-50287)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the tpg_precalculate_line() function in drivers/media/common/v4l2-tpg/v4l2-tpg-core.c. A local user can perform a denial of service (DoS) attack.
718) Use-after-free (CVE-ID: CVE-2024-53143)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fsnotify_get_sb_watched_objects() and fsnotify_get_inode_ref() functions in fs/notify/mark.c. A local user can escalate privileges on the system.
719) Use-after-free (CVE-ID: CVE-2024-50257)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xt_find_table_lock() function in net/netfilter/x_tables.c. A local user can escalate privileges on the system.
720) NULL pointer dereference (CVE-ID: CVE-2024-49890)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_overdrive_limits() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/processpptables.c. A local user can perform a denial of service (DoS) attack.
721) Resource management error (CVE-ID: CVE-2024-53172)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the alloc_ai(), scan_fast() and ubi_attach() functions in drivers/mtd/ubi/attach.c. A local user can perform a denial of service (DoS) attack.
722) NULL pointer dereference (CVE-ID: CVE-2024-53209)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bnxt_set_rx_skb_mode() and bnxt_change_mtu() functions in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can perform a denial of service (DoS) attack.
723) NULL pointer dereference (CVE-ID: CVE-2024-49956)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the destroy_workqueue() function in fs/gfs2/ops_fstype.c, within the gfs2_gl_hash_clear() function in fs/gfs2/glock.c. A local user can perform a denial of service (DoS) attack.
724) NULL pointer dereference (CVE-ID: CVE-2024-50238)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qmp_usbc_probe() function in drivers/phy/qualcomm/phy-qcom-qmp-usbc.c. A local user can perform a denial of service (DoS) attack.
725) Resource management error (CVE-ID: CVE-2024-49955)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the battery_hook_unregister_unlocked() and battery_hook_register() functions in drivers/acpi/battery.c. A local user can perform a denial of service (DoS) attack.
726) Improper locking (CVE-ID: CVE-2024-50046)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfs42_complete_copies() function in fs/nfs/nfs4state.c, within the handle_async_copy() function in fs/nfs/nfs42proc.c, within the nfs_alloc_server() function in fs/nfs/client.c. A local user can perform a denial of service (DoS) attack.
727) Improper locking (CVE-ID: CVE-2024-50098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ufshcd_wl_shutdown() function in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
728) Division by zero (CVE-ID: CVE-2024-50232)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ad7124_write_raw() function in drivers/iio/adc/ad7124.c. A local user can perform a denial of service (DoS) attack.
729) NULL pointer dereference (CVE-ID: CVE-2024-50292)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the stm32_spdifrx_remove() function in sound/soc/stm/stm32_spdifrx.c. A local user can perform a denial of service (DoS) attack.
730) Resource management error (CVE-ID: CVE-2024-56752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the gf100_gr_chan_new() function in drivers/gpu/drm/nouveau/nvkm/engine/gr/gf100.c. A local user can perform a denial of service (DoS) attack.
731) Resource management error (CVE-ID: CVE-2024-50195)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pc_clock_settime() function in kernel/time/posix-clock.c. A local user can perform a denial of service (DoS) attack.
732) NULL pointer dereference (CVE-ID: CVE-2024-47743)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the find_asymmetric_key() function in crypto/asymmetric_keys/asymmetric_type.c. A local user can perform a denial of service (DoS) attack.
733) Improper locking (CVE-ID: CVE-2024-53044)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tcf_block_get_ext() function in net/sched/cls_api.c. A local user can perform a denial of service (DoS) attack.
734) Input validation error (CVE-ID: CVE-2024-50049)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dc_validate_seamless_boot_timing() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
735) Use-after-free (CVE-ID: CVE-2024-49986)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the x86_android_tablet_probe() function in drivers/platform/x86/x86-android-tablets/core.c. A local user can escalate privileges on the system.
736) Infinite loop (CVE-ID: CVE-2024-53055)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the iwl_mvm_umac_scan_cfg_channels_v6_6g() function in drivers/net/wireless/intel/iwlwifi/mvm/scan.c. A local user can perform a denial of service (DoS) attack.
737) Buffer overflow (CVE-ID: CVE-2024-56539)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/net/wireless/marvell/mwifiex/fw.h. A local user can perform a denial of service (DoS) attack.
738) Improper error handling (CVE-ID: CVE-2024-50048)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the set_con2fb_map() function in drivers/video/fbdev/core/fbcon.c. A local user can perform a denial of service (DoS) attack.
739) Improper locking (CVE-ID: CVE-2024-49985)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the stm32f7_i2c_runtime_suspend() and stm32f7_i2c_runtime_resume() functions in drivers/i2c/busses/i2c-stm32f7.c. A local user can perform a denial of service (DoS) attack.
740) Use-after-free (CVE-ID: CVE-2024-53227)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfad_init() function in drivers/scsi/bfa/bfad.c. A local user can escalate privileges on the system.
741) Out-of-bounds read (CVE-ID: CVE-2024-49970)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dcn401_stream_encoder_create() function in drivers/gpu/drm/amd/display/dc/resource/dcn401/dcn401_resource.c. A local user can perform a denial of service (DoS) attack.
742) Input validation error (CVE-ID: CVE-2024-47702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the bpf_skb_is_valid_access(), xdp_is_valid_access() and flow_dissector_is_valid_access() functions in net/core/filter.c, within the check_packet_access() and check_mem_access() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
743) Use-after-free (CVE-ID: CVE-2024-49874)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svc_i3c_master_remove() function in drivers/i3c/master/svc-i3c-master.c. A local user can escalate privileges on the system.
744) Incorrect calculation (CVE-ID: CVE-2024-47703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the mark_reg_unknown(), check_packet_access(), check_ctx_access(), check_stack_access_within_bounds(), check_mem_access() and check_return_code() functions in kernel/bpf/verifier.c, within the btf_ctx_access() function in kernel/bpf/btf.c, within the BTF_SET_START() function in kernel/bpf/bpf_lsm.c. A local user can perform a denial of service (DoS) attack.
745) Use-after-free (CVE-ID: CVE-2024-53139)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sctp_v6_available() function in net/sctp/ipv6.c. A local user can escalate privileges on the system.
746) Resource management error (CVE-ID: CVE-2024-50072)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the arch/x86/include/asm/nospec-branch.h. A local user can perform a denial of service (DoS) attack.
747) NULL pointer dereference (CVE-ID: CVE-2024-53224)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_ib_dev_res_init(), mlx5_ib_stage_delay_drop_cleanup(), mlx5_ib_stage_dev_notifier_init() and STAGE_CREATE() functions in drivers/infiniband/hw/mlx5/main.c. A local user can perform a denial of service (DoS) attack.
748) NULL pointer dereference (CVE-ID: CVE-2024-49877)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fs/ocfs2/buffer_head_io.c. A local user can perform a denial of service (DoS) attack.
749) NULL pointer dereference (CVE-ID: CVE-2024-49922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the create_validate_stream_for_sink(), amdgpu_dm_commit_streams() and amdgpu_dm_atomic_commit_tail() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
750) Integer underflow (CVE-ID: CVE-2024-50290)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the cx24116_read_snr_pct() function in drivers/media/dvb-frontends/cx24116.c. A local user can execute arbitrary code.
751) NULL pointer dereference (CVE-ID: CVE-2024-47756)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ks_pcie_quirk() function in drivers/pci/controller/dwc/pci-keystone.c. A local user can perform a denial of service (DoS) attack.
752) Out-of-bounds read (CVE-ID: CVE-2024-50221)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vangogh_tables_init() function in drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c. A local user can perform a denial of service (DoS) attack.
753) Resource management error (CVE-ID: CVE-2024-50057)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tps6598x_remove() function in drivers/usb/typec/tipd/core.c. A local user can perform a denial of service (DoS) attack.
754) Resource management error (CVE-ID: CVE-2022-49034)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the show_cpuinfo() function in arch/sh/kernel/cpu/proc.c. A local user can perform a denial of service (DoS) attack.
755) NULL pointer dereference (CVE-ID: CVE-2024-53157)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the scpi_dvfs_get_info() function in drivers/firmware/arm_scpi.c. A local user can perform a denial of service (DoS) attack.
756) NULL pointer dereference (CVE-ID: CVE-2024-47749)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the act_establish() and act_open_rpl() functions in drivers/infiniband/hw/cxgb4/cm.c. A local user can perform a denial of service (DoS) attack.
757) NULL pointer dereference (CVE-ID: CVE-2024-53231)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cppc_get_cpu_power() function in drivers/cpufreq/cppc_cpufreq.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.