SB2025022828 - Ubuntu update for linux-oracle
Published: February 28, 2025 Updated: January 4, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 208 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2024-47718)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rtw_wait_firmware_completion() function in drivers/net/wireless/realtek/rtw88/main.c. A local user can escalate privileges on the system.
2) NULL pointer dereference (CVE-ID: CVE-2024-49942)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xe_bo_move() function in drivers/gpu/drm/xe/xe_bo.c. A local user can perform a denial of service (DoS) attack.
3) Improper error handling (CVE-ID: CVE-2024-49897)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dcn32_add_phantom_pipes() function in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c. A local user can perform a denial of service (DoS) attack.
4) NULL pointer dereference (CVE-ID: CVE-2024-49871)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the adp5589_keypad_add() and adp5589_probe() functions in drivers/input/keyboard/adp5589-keys.c. A local user can perform a denial of service (DoS) attack.
5) NULL pointer dereference (CVE-ID: CVE-2024-47687)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_vdpa_show_mr_leaks() function in drivers/vdpa/mlx5/core/mr.c. A local user can perform a denial of service (DoS) attack.
6) NULL pointer dereference (CVE-ID: CVE-2024-47692)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __cld_pipe_inprogress_downcall() function in fs/nfsd/nfs4recover.c. A local user can perform a denial of service (DoS) attack.
7) Input validation error (CVE-ID: CVE-2024-47740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the f2fs_ioc_start_atomic_write(), f2fs_ioc_commit_atomic_write(), f2fs_ioc_start_volatile_write(), f2fs_ioc_release_volatile_write() and f2fs_ioc_abort_volatile_write() functions in fs/f2fs/file.c. A local user can perform a denial of service (DoS) attack.
8) Use-after-free (CVE-ID: CVE-2024-47691)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the f2fs_shutdown() function in fs/f2fs/super.c, within the f2fs_ioc_abort_atomic_write(), f2fs_do_shutdown() and f2fs_ioc_shutdown() functions in fs/f2fs/file.c. A local user can escalate privileges on the system.
9) Buffer overflow (CVE-ID: CVE-2024-49973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/net/ethernet/realtek/r8169_main.c. A local user can perform a denial of service (DoS) attack.
10) Input validation error (CVE-ID: CVE-2024-49958)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ocfs2_reflink_xattr_inline() function in fs/ocfs2/xattr.c, within the __ocfs2_reflink() function in fs/ocfs2/refcounttree.c. A local user can perform a denial of service (DoS) attack.
11) Use-after-free (CVE-ID: CVE-2024-49889)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_split_extents(), ext4_split_extent() and ext4_ext_handle_unwritten_extents() functions in fs/ext4/extents.c. A local user can escalate privileges on the system.
12) Resource management error (CVE-ID: CVE-2024-49927)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ioapic_mask_entry(), __remove_pin_from_irq(), alloc_isa_irq_from_domain() and mp_irqdomain_alloc() functions in arch/x86/kernel/apic/io_apic.c. A local user can perform a denial of service (DoS) attack.
13) Use-after-free (CVE-ID: CVE-2024-49883)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fs/ext4/extents.c. A local user can escalate privileges on the system.
14) Buffer overflow (CVE-ID: CVE-2024-49885)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the slab_update_freelist(), print_slab_info(), inc_slabs_node() and slab_free_hook() functions in mm/slub.c. A local user can perform a denial of service (DoS) attack.
15) NULL pointer dereference (CVE-ID: CVE-2024-49912)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the planes_changed_for_existing_stream() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
16) Out-of-bounds read (CVE-ID: CVE-2024-47686)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ep93xx_div_recalc_rate() function in arch/arm/mach-ep93xx/clock.c. A local user can perform a denial of service (DoS) attack.
17) Improper locking (CVE-ID: CVE-2024-49985)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the stm32f7_i2c_runtime_suspend() and stm32f7_i2c_runtime_resume() functions in drivers/i2c/busses/i2c-stm32f7.c. A local user can perform a denial of service (DoS) attack.
18) Use-after-free (CVE-ID: CVE-2024-47732)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the remove_device_compression_modes() function in drivers/crypto/intel/iaa/iaa_crypto_main.c. A local user can escalate privileges on the system.
19) Use of uninitialized resource (CVE-ID: CVE-2024-47685)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nf_reject_ip6_tcphdr_put() function in net/ipv6/netfilter/nf_reject_ipv6.c. A local user can perform a denial of service (DoS) attack.
20) Race condition (CVE-ID: CVE-2024-49935)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the exit_round_robin() function in drivers/acpi/acpi_pad.c. A local user can perform a denial of service (DoS) attack.
21) Buffer overflow (CVE-ID: CVE-2024-49995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bearer_name_validate() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.
22) Buffer overflow (CVE-ID: CVE-2024-47731)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ali_drw_pmu_isr() function in drivers/perf/alibaba_uncore_drw_pmu.c. A local user can perform a denial of service (DoS) attack.
23) Out-of-bounds read (CVE-ID: CVE-2024-49931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wireless/ath/ath12k/dp_rx.c. A local user can perform a denial of service (DoS) attack.
24) Out-of-bounds read (CVE-ID: CVE-2024-49886)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the _isst_if_get_pci_dev() function in drivers/platform/x86/intel/speed_select_if/isst_if_common.c. A local user can perform a denial of service (DoS) attack.
25) Input validation error (CVE-ID: CVE-2024-53144)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_user_confirm_request_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
26) NULL pointer dereference (CVE-ID: CVE-2024-49917)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn30_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn30/dcn30_hwseq.c. A local user can perform a denial of service (DoS) attack.
27) NULL pointer dereference (CVE-ID: CVE-2024-49868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_update_reloc_root() function in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.
28) Improper error handling (CVE-ID: CVE-2024-49999)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the afs_wait_for_operation() function in fs/afs/fs_operation.c. A local user can perform a denial of service (DoS) attack.
29) NULL pointer dereference (CVE-ID: CVE-2024-47684)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/net/tcp.h. A local user can perform a denial of service (DoS) attack.
30) Memory leak (CVE-ID: CVE-2024-50013)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the exfat_load_bitmap() function in fs/exfat/balloc.c. A local user can perform a denial of service (DoS) attack.
31) NULL pointer dereference (CVE-ID: CVE-2024-49962)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the acpi_db_convert_to_package() function in drivers/acpi/acpica/dbconvert.c. A local user can perform a denial of service (DoS) attack.
32) Use-after-free (CVE-ID: CVE-2024-49981)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the venus_remove() function in drivers/media/platform/qcom/venus/core.c. A local user can escalate privileges on the system.
33) Buffer overflow (CVE-ID: CVE-2024-49858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the efi_retrieve_tpm2_eventlog() function in drivers/firmware/efi/libstub/tpm.c. A local user can perform a denial of service (DoS) attack.
34) Resource management error (CVE-ID: CVE-2024-49878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the EXPORT_SYMBOL_GPL() function in kernel/resource.c. A local user can perform a denial of service (DoS) attack.
35) Use-after-free (CVE-ID: CVE-2024-49852)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efc_nport_vport_del() function in drivers/scsi/elx/libefc/efc_nport.c. A local user can escalate privileges on the system.
36) Out-of-bounds read (CVE-ID: CVE-2024-49928)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wireless/realtek/rtw89/core.h. A local user can perform a denial of service (DoS) attack.
37) Improper locking (CVE-ID: CVE-2024-50006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_ind_migrate() function in fs/ext4/migrate.c. A local user can perform a denial of service (DoS) attack.
38) Incorrect calculation (CVE-ID: CVE-2024-49988)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the session_fd_check() and ksmbd_reopen_durable_fd() functions in fs/smb/server/vfs_cache.c, within the alloc_opinfo(), free_opinfo(), opinfo_get_list(), smb_send_parent_lease_break_noti(), smb_lazy_parent_lease_break_close(), smb_grant_oplock(), smb_break_all_write_oplock() and smb_break_all_levII_oplock() functions in fs/smb/server/oplock.c, within the ksmbd_conn_free() and ksmbd_conn_alloc() functions in fs/smb/server/connection.c. A local user can perform a denial of service (DoS) attack.
39) Out-of-bounds read (CVE-ID: CVE-2024-47697)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rtl2830_pid_filter() function in drivers/media/dvb-frontends/rtl2830.c. A local user can perform a denial of service (DoS) attack.
40) NULL pointer dereference (CVE-ID: CVE-2024-49923)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn21_fast_validate_bw() function in drivers/gpu/drm/amd/display/dc/resource/dcn21/dcn21_resource.c, within the dcn20_fast_validate_bw() function in drivers/gpu/drm/amd/display/dc/resource/dcn20/dcn20_resource.c. A local user can perform a denial of service (DoS) attack.
41) NULL pointer dereference (CVE-ID: CVE-2024-47704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the set_hpo_dp_throttled_vcp_size() and disable_hpo_dp_link_output() functions in drivers/gpu/drm/amd/display/dc/link/hwss/link_hwss_hpo_dp.c. A local user can perform a denial of service (DoS) attack.
42) Resource management error (CVE-ID: CVE-2024-49947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/linux/virtio_net.h. A local user can perform a denial of service (DoS) attack.
43) Out-of-bounds read (CVE-ID: CVE-2024-47751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the kirin_pcie_parse_port() function in drivers/pci/controller/dwc/pcie-kirin.c. A local user can perform a denial of service (DoS) attack.
44) Improper locking (CVE-ID: CVE-2024-47672)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the iwl_mvm_flush_no_vif() and iwl_mvm_mac_flush() functions in drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c. A local user can perform a denial of service (DoS) attack.
45) Improper error handling (CVE-ID: CVE-2024-47737)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the idmap_id_to_name() function in fs/nfsd/nfs4idmap.c. A local user can perform a denial of service (DoS) attack.
46) NULL pointer dereference (CVE-ID: CVE-2024-49909)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn32_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/hwss/dcn32/dcn32_hwseq.c. A local user can perform a denial of service (DoS) attack.
47) Use-after-free (CVE-ID: CVE-2024-49992)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ltdc_crtc_atomic_print_state(), ltdc_plane_atomic_print_state(), ltdc_plane_create(), ltdc_crtc_init(), ltdc_encoder_init(), ltdc_load() and ltdc_unload() functions in drivers/gpu/drm/stm/ltdc.c, within the drv_load() function in drivers/gpu/drm/stm/drv.c. A local user can escalate privileges on the system.
48) NULL pointer dereference (CVE-ID: CVE-2024-49944)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sctp_listen_start() function in net/sctp/socket.c. A local user can perform a denial of service (DoS) attack.
49) Use-after-free (CVE-ID: CVE-2024-49950)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_connect_req() function in net/bluetooth/l2cap_core.c, within the hci_remote_features_evt() function in net/bluetooth/hci_event.c, within the hci_acldata_packet() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
50) NULL pointer dereference (CVE-ID: CVE-2024-49850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_core_apply() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
51) Resource management error (CVE-ID: CVE-2024-49951)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cmd_status_rsp(), mgmt_index_added(), mgmt_power_on() and __mgmt_power_off() functions in net/bluetooth/mgmt.c. A local user can perform a denial of service (DoS) attack.
52) Buffer overflow (CVE-ID: CVE-2024-49996)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the parse_reparse_posix() and cifs_reparse_point_to_fattr() functions in fs/smb/client/reparse.c. A local user can escalate privileges on the system.
53) Use-after-free (CVE-ID: CVE-2024-49934)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dump_mapping() function in fs/inode.c. A local user can escalate privileges on the system.
54) NULL pointer dereference (CVE-ID: CVE-2024-47705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blk_add_partition() function in block/partitions/core.c. A local user can perform a denial of service (DoS) attack.
55) Memory leak (CVE-ID: CVE-2024-47741)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the find_desired_extent_in_hole() and find_desired_extent() functions in fs/btrfs/file.c. A local user can perform a denial of service (DoS) attack.
56) NULL pointer dereference (CVE-ID: CVE-2024-49957)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ocfs2_journal_shutdown() function in fs/ocfs2/journal.c. A local user can perform a denial of service (DoS) attack.
57) Out-of-bounds read (CVE-ID: CVE-2024-47682)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sd_read_block_characteristics() function in drivers/scsi/sd.c. A local user can perform a denial of service (DoS) attack.
58) Improper locking (CVE-ID: CVE-2024-49976)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the stop_kthread() and stop_per_cpu_kthreads() functions in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.
59) Out-of-bounds read (CVE-ID: CVE-2024-49895)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm3_helper_translate_curve_to_degamma_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn30/dcn30_cm_common.c. A local user can perform a denial of service (DoS) attack.
60) Improper locking (CVE-ID: CVE-2024-47689)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the f2fs_handle_critical_error() function in fs/f2fs/super.c. A local user can perform a denial of service (DoS) attack.
61) Improper error handling (CVE-ID: CVE-2024-49937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nl80211_start_radar_detection() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
62) Input validation error (CVE-ID: CVE-2024-47702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the bpf_skb_is_valid_access(), xdp_is_valid_access() and flow_dissector_is_valid_access() functions in net/core/filter.c, within the check_packet_access() and check_mem_access() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
63) Improper locking (CVE-ID: CVE-2024-49959)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __releases() function in fs/jbd2/checkpoint.c. A local user can perform a denial of service (DoS) attack.
64) Memory leak (CVE-ID: CVE-2024-47719)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iopt_alloc_iova() function in drivers/iommu/iommufd/io_pagetable.c. A local user can perform a denial of service (DoS) attack.
65) NULL pointer dereference (CVE-ID: CVE-2024-49922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the create_validate_stream_for_sink(), amdgpu_dm_commit_streams() and amdgpu_dm_atomic_commit_tail() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
66) NULL pointer dereference (CVE-ID: CVE-2024-47743)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the find_asymmetric_key() function in crypto/asymmetric_keys/asymmetric_type.c. A local user can perform a denial of service (DoS) attack.
67) Use-after-free (CVE-ID: CVE-2024-47696)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iw_cm_init() function in drivers/infiniband/core/iwcm.c. A local user can escalate privileges on the system.
68) Input validation error (CVE-ID: CVE-2024-50017)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ident_pud_init() function in arch/x86/mm/ident_map.c. A local user can perform a denial of service (DoS) attack.
69) Race condition (CVE-ID: CVE-2024-49864)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rxrpc_open_socket() function in net/rxrpc/local_object.c, within the rxrpc_encap_rcv() and rxrpc_io_thread() functions in net/rxrpc/io_thread.c. A local user can escalate privileges on the system.
70) Use-after-free (CVE-ID: CVE-2024-47747)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ether3_remove() function in drivers/net/ethernet/seeq/ether3.c. A local user can escalate privileges on the system.
71) Use-after-free (CVE-ID: CVE-2024-47748)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vhost_vdpa_setup_vq_irq(), vhost_vdpa_vring_ioctl() and vhost_vdpa_open() functions in drivers/vhost/vdpa.c. A local user can escalate privileges on the system.
72) Use-after-free (CVE-ID: CVE-2024-47701)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_find_inline_entry() function in fs/ext4/inline.c. A local user can escalate privileges on the system.
73) NULL pointer dereference (CVE-ID: CVE-2024-49915)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn32_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn32/dcn32_hwseq.c. A local user can perform a denial of service (DoS) attack.
74) NULL pointer dereference (CVE-ID: CVE-2024-49877)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fs/ocfs2/buffer_head_io.c. A local user can perform a denial of service (DoS) attack.
75) Out-of-bounds read (CVE-ID: CVE-2024-41016)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ocfs2_xattr_find_entry() function in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.
76) Resource management error (CVE-ID: CVE-2024-49961)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ar0521_power_off() and ar0521_power_on() functions in drivers/media/i2c/ar0521.c. A local user can perform a denial of service (DoS) attack.
77) Input validation error (CVE-ID: CVE-2024-47730)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qm_set_vf_mse(), qm_controller_reset_prepare(), qm_master_ooo_check() and qm_soft_reset_prepare() functions in drivers/crypto/hisilicon/qm.c. A local user can perform a denial of service (DoS) attack.
78) Use-after-free (CVE-ID: CVE-2024-49924)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pxafb_remove() function in drivers/video/fbdev/pxafb.c. A local user can escalate privileges on the system.
79) Input validation error (CVE-ID: CVE-2024-49974)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nfs4_state_create_net() function in fs/nfsd/nfs4state.c, within the nfs4_put_copy() and nfsd4_copy() functions in fs/nfsd/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
80) Improper locking (CVE-ID: CVE-2024-49875)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fs/nfsd/vfs.c. A local user can perform a denial of service (DoS) attack.
81) NULL pointer dereference (CVE-ID: CVE-2024-49918)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn32_acquire_idle_pipe_for_head_pipe_in_layer() function in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c. A local user can perform a denial of service (DoS) attack.
82) Use-after-free (CVE-ID: CVE-2024-47712)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wilc_parse_join_bss_param() function in drivers/net/wireless/microchip/wilc1000/hif.c. A local user can escalate privileges on the system.
83) Improper locking (CVE-ID: CVE-2024-50014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __ext4_fill_super() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
84) Improper locking (CVE-ID: CVE-2024-47679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the spin_lock() function in fs/inode.c. A local user can perform a denial of service (DoS) attack.
85) Out-of-bounds read (CVE-ID: CVE-2024-49894)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm_helper_translate_curve_to_degamma_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c. A local user can perform a denial of service (DoS) attack.
86) NULL pointer dereference (CVE-ID: CVE-2024-49911)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn20_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.
87) Use-after-free (CVE-ID: CVE-2024-49855)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nbd_requeue_cmd() and nbd_xmit_timeout() functions in drivers/block/nbd.c. A local user can escalate privileges on the system.
88) Input validation error (CVE-ID: CVE-2024-49948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qdisc_pkt_len_init() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
89) Resource management error (CVE-ID: CVE-2024-49955)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the battery_hook_unregister_unlocked() and battery_hook_register() functions in drivers/acpi/battery.c. A local user can perform a denial of service (DoS) attack.
90) NULL pointer dereference (CVE-ID: CVE-2023-52917)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ndev_init_debugfs() function in drivers/ntb/hw/intel/ntb_hw_gen1.c. A local user can perform a denial of service (DoS) attack.
91) Buffer overflow (CVE-ID: CVE-2024-50015)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ext4_handle_inode_extension(), ext4_dio_write_iter() and ext4_dax_write_iter() functions in fs/ext4/file.c. A local user can escalate privileges on the system.
92) Input validation error (CVE-ID: CVE-2024-47754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vdec_h264_slice_single_decode() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_h264_req_multi_if.c. A local user can perform a denial of service (DoS) attack.
93) NULL pointer dereference (CVE-ID: CVE-2024-49929)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iwl_mvm_tx_mpdu() and iwl_mvm_tx_skb_sta() functions in drivers/net/wireless/intel/iwlwifi/mvm/tx.c. A local user can perform a denial of service (DoS) attack.
94) Use-after-free (CVE-ID: CVE-2024-50005)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mac802154_scan_worker() function in net/mac802154/scan.c. A local user can escalate privileges on the system.
95) Incorrect calculation (CVE-ID: CVE-2024-47742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the fw_abort_batch_reqs() and _request_firmware() functions in drivers/base/firmware_loader/main.c. A local user can perform a denial of service (DoS) attack.
96) Use-after-free (CVE-ID: CVE-2024-49991)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pqm_clean_queue_resource() function in drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c, within the kfd_process_destroy_pdds() function in drivers/gpu/drm/amd/amdkfd/kfd_process.c, within the kfd_free_mqd_cp() function in drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager.c, within the deallocate_hiq_sdma_mqd() function in drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c, within the kfd_gtt_sa_fini() and kgd2kfd_device_exit() functions in drivers/gpu/drm/amd/amdkfd/kfd_device.c, within the kfd_ioctl_create_queue() function in drivers/gpu/drm/amd/amdkfd/kfd_chardev.c, within the amdgpu_amdkfd_free_gtt_mem() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c. A local user can escalate privileges on the system.
97) NULL pointer dereference (CVE-ID: CVE-2024-49913)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the commit_planes_for_stream() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
98) Improper locking (CVE-ID: CVE-2024-49980)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vrf_finish_direct() function in drivers/net/vrf.c. A local user can perform a denial of service (DoS) attack.
99) NULL pointer dereference (CVE-ID: CVE-2024-47749)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the act_establish() and act_open_rpl() functions in drivers/infiniband/hw/cxgb4/cm.c. A local user can perform a denial of service (DoS) attack.
100) Memory leak (CVE-ID: CVE-2024-49975)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __create_xol_area() function in kernel/events/uprobes.c. A local user can perform a denial of service (DoS) attack.
101) Memory leak (CVE-ID: CVE-2024-47671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the usbtmc_create_urb() function in drivers/usb/class/usbtmc.c. A local user can perform a denial of service (DoS) attack.
102) Memory leak (CVE-ID: CVE-2024-47677)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the exfat_create_upcase_table() function in fs/exfat/nls.c. A local user can perform a denial of service (DoS) attack.
103) Input validation error (CVE-ID: CVE-2024-47727)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the handle_mmio() function in arch/x86/coco/tdx/tdx.c. A local user can perform a denial of service (DoS) attack.
104) Improper error handling (CVE-ID: CVE-2024-47716)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/arm/vfp/vfpinstr.h. A local user can perform a denial of service (DoS) attack.
105) NULL pointer dereference (CVE-ID: CVE-2024-47707)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt6_uncached_list_flush_dev() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
106) Memory leak (CVE-ID: CVE-2024-49870)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cachefiles_open_file(), fput() and cachefiles_look_up_object() functions in fs/cachefiles/namei.c. A local user can perform a denial of service (DoS) attack.
107) Incorrect calculation (CVE-ID: CVE-2024-47703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the mark_reg_unknown(), check_packet_access(), check_ctx_access(), check_stack_access_within_bounds(), check_mem_access() and check_return_code() functions in kernel/bpf/verifier.c, within the btf_ctx_access() function in kernel/bpf/btf.c, within the BTF_SET_START() function in kernel/bpf/bpf_lsm.c. A local user can perform a denial of service (DoS) attack.
108) Improper locking (CVE-ID: CVE-2024-47710)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sock_hash_free() function in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
109) Input validation error (CVE-ID: CVE-2024-49977)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tc_setup_cbs() function in drivers/net/ethernet/stmicro/stmmac/stmmac_tc.c. A local user can perform a denial of service (DoS) attack.
110) Buffer overflow (CVE-ID: CVE-2024-49997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ltq_etop_tx() function in drivers/net/ethernet/lantiq_etop.c. A local user can perform a denial of service (DoS) attack.
111) Double free (CVE-ID: CVE-2024-49853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the scmi_optee_chan_free() function in drivers/firmware/arm_scmi/optee.c. A local user can perform a denial of service (DoS) attack.
112) NULL pointer dereference (CVE-ID: CVE-2024-47681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mt7996_mcu_sta_bfer_he() function in drivers/net/wireless/mediatek/mt76/mt7996/mcu.c. A local user can perform a denial of service (DoS) attack.
113) Use-after-free (CVE-ID: CVE-2024-49986)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the x86_android_tablet_probe() function in drivers/platform/x86/x86-android-tablets/core.c. A local user can escalate privileges on the system.
114) Out-of-bounds read (CVE-ID: CVE-2024-49969)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm3_helper_translate_curve_to_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn30/dcn30_cm_common.c. A local user can perform a denial of service (DoS) attack.
115) NULL pointer dereference (CVE-ID: CVE-2024-50000)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5e_tir_builder_alloc() function in drivers/net/ethernet/mellanox/mlx5/core/en/tir.c. A local user can perform a denial of service (DoS) attack.
116) Improper error handling (CVE-ID: CVE-2024-47690)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the f2fs_get_parent() and f2fs_lookup() functions in fs/f2fs/namei.c. A local user can perform a denial of service (DoS) attack.
117) Resource management error (CVE-ID: CVE-2024-47709)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bcm_notify() function in net/can/bcm.c. A local user can perform a denial of service (DoS) attack.
118) Improper locking (CVE-ID: CVE-2024-47713)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ieee80211_do_stop() function in net/mac80211/iface.c. A local user can perform a denial of service (DoS) attack.
119) NULL pointer dereference (CVE-ID: CVE-2024-47720)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn30_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/dcn30/dcn30_hwseq.c. A local user can perform a denial of service (DoS) attack.
120) NULL pointer dereference (CVE-ID: CVE-2024-49879)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the omapdrm_init() and omap_gem_deinit() functions in drivers/gpu/drm/omapdrm/omap_drv.c. A local user can perform a denial of service (DoS) attack.
121) NULL pointer dereference (CVE-ID: CVE-2024-47699)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nilfs_btree_root_broken() function in fs/nilfs2/btree.c. A local user can perform a denial of service (DoS) attack.
122) Out-of-bounds read (CVE-ID: CVE-2024-47714)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mt7996_mcu_sta_bfer_tlv() function in drivers/net/wireless/mediatek/mt76/mt7996/mcu.c. A local user can perform a denial of service (DoS) attack.
123) Incorrect calculation (CVE-ID: CVE-2024-50012)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the include/linux/cpufreq.h. A local user can perform a denial of service (DoS) attack.
124) Improper error handling (CVE-ID: CVE-2024-49880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the alloc_flex_gd() function in fs/ext4/resize.c. A local user can perform a denial of service (DoS) attack.
125) Improper locking (CVE-ID: CVE-2024-49946)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ppp_channel_bridge_input() function in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.
126) Improper locking (CVE-ID: CVE-2024-47735)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hns_roce_lock_cqs() and hns_roce_unlock_cqs() functions in drivers/infiniband/hw/hns/hns_roce_qp.c. A local user can perform a denial of service (DoS) attack.
127) Use-after-free (CVE-ID: CVE-2024-49876)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the get_submit_wq(), xe_guc_submit_init(), __release_guc_id() and __guc_exec_queue_fini_async() functions in drivers/gpu/drm/xe/xe_guc_submit.c, within the xe_device_destroy() and xe_device_create() functions in drivers/gpu/drm/xe/xe_device.c. A local user can escalate privileges on the system.
128) Resource management error (CVE-ID: CVE-2024-49963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bcm2835_mbox_probe() function in drivers/mailbox/bcm2835-mailbox.c. A local user can perform a denial of service (DoS) attack.
129) Improper error handling (CVE-ID: CVE-2024-50176)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dev_err() and rproc_del() functions in drivers/remoteproc/ti_k3_r5_remoteproc.c. A local user can perform a denial of service (DoS) attack.
130) Buffer overflow (CVE-ID: CVE-2024-49952)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nf_dup_ipv6_route() and nf_dup_ipv6() functions in net/ipv6/netfilter/nf_dup_ipv6.c, within the nf_dup_ipv4() function in net/ipv4/netfilter/nf_dup_ipv4.c. A local user can perform a denial of service (DoS) attack.
131) Memory leak (CVE-ID: CVE-2024-49881)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the get_ext_path() function in fs/ext4/move_extent.c, within the ext4_find_extent() and ext4_split_extent_at() functions in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
132) NULL pointer dereference (CVE-ID: CVE-2024-49987)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the show_link_netfilter() function in tools/bpf/bpftool/net.c. A local user can perform a denial of service (DoS) attack.
133) NULL pointer dereference (CVE-ID: CVE-2024-49919)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn201_acquire_free_pipe_for_layer() function in drivers/gpu/drm/amd/display/dc/resource/dcn201/dcn201_resource.c. A local user can perform a denial of service (DoS) attack.
134) Buffer overflow (CVE-ID: CVE-2024-49860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the acpi_device_setup_files() function in drivers/acpi/device_sysfs.c. A local user can perform a denial of service (DoS) attack.
135) Improper locking (CVE-ID: CVE-2024-47744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the EXPORT_SYMBOL_GPL(), kvm_online_cpu(), hardware_disable_nolock(), hardware_disable_all_nolock(), hardware_enable_all() and kvm_suspend() functions in virt/kvm/kvm_main.c, within the cpus_read_lock() function in Documentation/virt/kvm/locking.rst. A local user can perform a denial of service (DoS) attack.
136) Out-of-bounds read (CVE-ID: CVE-2024-47723)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the diAlloc() function in fs/jfs/jfs_imap.c, within the dbMount() and dbNextAG() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
137) Buffer overflow (CVE-ID: CVE-2024-50001)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mlx5e_sq_xmit_mpwqe() function in drivers/net/ethernet/mellanox/mlx5/core/en_tx.c. A local user can perform a denial of service (DoS) attack.
138) NULL pointer dereference (CVE-ID: CVE-2024-47756)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ks_pcie_quirk() function in drivers/pci/controller/dwc/pci-keystone.c. A local user can perform a denial of service (DoS) attack.
139) Use-after-free (CVE-ID: CVE-2024-49867)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the close_ctree() function in fs/btrfs/disk-io.c. A local user can escalate privileges on the system.
140) Memory leak (CVE-ID: CVE-2024-47728)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the BPF_CALL_5() function in net/core/filter.c, within the BPF_CALL_4() function in kernel/bpf/syscall.c, within the BPF_CALL_4() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
141) Out-of-bounds read (CVE-ID: CVE-2024-49933)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ioc_forgive_debts() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.
142) Input validation error (CVE-ID: CVE-2024-47752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vdec_h264_slice_decode() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_h264_req_if.c. A local user can perform a denial of service (DoS) attack.
143) NULL pointer dereference (CVE-ID: CVE-2024-49998)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() and dsa_switch_shutdown() functions in net/dsa/dsa.c. A local user can perform a denial of service (DoS) attack.
144) Input validation error (CVE-ID: CVE-2024-50179)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ceph_set_page_dirty() function in fs/ceph/addr.c. A local user can perform a denial of service (DoS) attack.
145) Use-after-free (CVE-ID: CVE-2024-47706)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_init_rq() function in block/bfq-iosched.c. A local user can escalate privileges on the system.
146) Double free (CVE-ID: CVE-2024-49989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the link_destruct() function in drivers/gpu/drm/amd/display/dc/link/link_factory.c. A local user can perform a denial of service (DoS) attack.
147) Out-of-bounds read (CVE-ID: CVE-2024-47670)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ocfs2_listxattr(), ocfs2_xattr_find_entry(), ocfs2_xattr_ibody_get(), ocfs2_xattr_ibody_find() and ocfs2_xattr_block_find() functions in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.
148) Improper locking (CVE-ID: CVE-2024-49965)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ocfs2_read_blocks() function in fs/ocfs2/buffer_head_io.c. A local user can perform a denial of service (DoS) attack.
149) Resource management error (CVE-ID: CVE-2024-47673)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iwl_mvm_stop_device() function in drivers/net/wireless/intel/iwlwifi/mvm/ops.c. A local user can perform a denial of service (DoS) attack.
150) Division by zero (CVE-ID: CVE-2024-47700)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ext4_block_group_meta_init(), __ext4_fill_super() and __ext4_remount() functions in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
151) NULL pointer dereference (CVE-ID: CVE-2024-47688)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the module_add_driver() function in drivers/base/module.c. A local user can perform a denial of service (DoS) attack.
152) Input validation error (CVE-ID: CVE-2024-49953)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5e_ipsec_handle_tx_limit() function in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c. A local user can perform a denial of service (DoS) attack.
153) Integer overflow (CVE-ID: CVE-2024-50016)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the dp_set_test_pattern() function in drivers/gpu/drm/amd/display/dc/link/accessories/link_dp_cts.c. A local user can execute arbitrary code.
154) NULL pointer dereference (CVE-ID: CVE-2024-49907)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_allow_idle_optimizations() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
155) Out-of-bounds read (CVE-ID: CVE-2024-49930)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can perform a denial of service (DoS) attack.
156) NULL pointer dereference (CVE-ID: CVE-2024-50002)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the static_call_del_module() function in kernel/static_call_inline.c. A local user can perform a denial of service (DoS) attack.
157) Input validation error (CVE-ID: CVE-2024-49859)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the f2fs_defragment_range(), f2fs_move_file_range() and f2fs_ioc_set_pin_file() functions in fs/f2fs/file.c. A local user can perform a denial of service (DoS) attack.
158) Improper locking (CVE-ID: CVE-2024-49939)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtw89_ops_add_interface() function in drivers/net/wireless/realtek/rtw89/mac80211.c. A local user can perform a denial of service (DoS) attack.
159) Memory leak (CVE-ID: CVE-2024-47675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bpf_uprobe_multi_link_attach() function in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.
160) Use of uninitialized resource (CVE-ID: CVE-2024-49861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the sizeof() function in net/core/filter.c, within the sizeof() function in kernel/trace/bpf_trace.c, within the arg_type_is_dynptr() function in kernel/bpf/verifier.c, within the sizeof() function in kernel/bpf/syscall.c, within the sizeof() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
161) Improper locking (CVE-ID: CVE-2024-50175)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the video_stop_streaming() function in drivers/media/platform/qcom/camss/camss-video.c. A local user can perform a denial of service (DoS) attack.
162) Out-of-bounds read (CVE-ID: CVE-2024-47757)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nilfs_btree_check_delete() function in fs/nilfs2/btree.c. A local user can perform a denial of service (DoS) attack.
163) Use of uninitialized resource (CVE-ID: CVE-2024-49900)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ea_get() function in fs/jfs/xattr.c. A local user can perform a denial of service (DoS) attack.
164) Resource management error (CVE-ID: CVE-2024-49954)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the static_call_module_notify() function in kernel/static_call_inline.c. A local user can perform a denial of service (DoS) attack.
165) Use-after-free (CVE-ID: CVE-2024-49982)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ata_rw_frameinit(), aoecmd_ata_rw(), resend(), probe() and aoecmd_ata_id() functions in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.
166) NULL pointer dereference (CVE-ID: CVE-2024-49891)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_sli_flush_io_rings() function in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_abort_handler() function in drivers/scsi/lpfc/lpfc_scsi.c, within the lpfc_dev_loss_tmo_callbk() function in drivers/scsi/lpfc/lpfc_hbadisc.c. A local user can perform a denial of service (DoS) attack.
167) Improper locking (CVE-ID: CVE-2024-47678)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the icmpv6_mask_allow(), icmpv6_global_allow(), icmpv6_xrlim_allow(), icmp6_send() and icmpv6_echo_reply() functions in net/ipv6/icmp.c, within the __SPIN_LOCK_UNLOCKED(), icmpv4_mask_allow(), icmpv4_global_allow(), icmpv4_xrlim_allow(), icmp_reply() and __icmp_send() functions in net/ipv4/icmp.c. A local user can perform a denial of service (DoS) attack.
168) Use-after-free (CVE-ID: CVE-2024-49936)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xenvif_new_hash() and xenvif_flush_hash() functions in drivers/net/xen-netback/hash.c. A local user can escalate privileges on the system.
169) NULL pointer dereference (CVE-ID: CVE-2024-49901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_gpu_init() function in drivers/gpu/drm/msm/msm_gpu.c, within the adreno_gpu_init() function in drivers/gpu/drm/msm/adreno/adreno_gpu.c. A local user can perform a denial of service (DoS) attack.
170) NULL pointer dereference (CVE-ID: CVE-2024-49898)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the subvp_drr_schedulable() and subvp_vblank_schedulable() functions in drivers/gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c. A local user can perform a denial of service (DoS) attack.
171) Resource management error (CVE-ID: CVE-2024-47693)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ib_cache_setup_one() function in drivers/infiniband/core/cache.c. A local user can perform a denial of service (DoS) attack.
172) Out-of-bounds read (CVE-ID: CVE-2024-50007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the HPIMSGX__init() function in sound/pci/asihpi/hpimsgx.c. A local user can perform a denial of service (DoS) attack.
173) NULL pointer dereference (CVE-ID: CVE-2024-49896)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the are_stream_backends_same() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
174) NULL pointer dereference (CVE-ID: CVE-2024-49863)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vhost_scsi_get_req() function in drivers/vhost/scsi.c. A local user can perform a denial of service (DoS) attack.
175) Use-after-free (CVE-ID: CVE-2024-47750)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hns_roce_v2_exit() and __hns_roce_hw_v2_uninit_instance() functions in drivers/infiniband/hw/hns/hns_roce_hw_v2.c. A local user can escalate privileges on the system.
176) NULL pointer dereference (CVE-ID: CVE-2024-49949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qdisc_pkt_len_init() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
177) Improper error handling (CVE-ID: CVE-2024-49888)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the do_misc_fixups() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
178) Improper locking (CVE-ID: CVE-2024-47739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the padata_do_serial() function in kernel/padata.c. A local user can perform a denial of service (DoS) attack.
179) Use-after-free (CVE-ID: CVE-2024-49983)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_ext_replay_update_ex() function in fs/ext4/extents.c. A local user can escalate privileges on the system.
180) Out-of-bounds read (CVE-ID: CVE-2024-47695)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the init_conns() function in drivers/infiniband/ulp/rtrs/rtrs-clt.c. A local user can perform a denial of service (DoS) attack.
181) Resource management error (CVE-ID: CVE-2024-47738)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ieee80211_tx_h_rate_ctrl() function in net/mac80211/tx.c, within the ieee80211_send_scan_probe_req() function in net/mac80211/scan.c, within the ieee80211_get_tx_rates() function in net/mac80211/rate.c, within the ieee80211_mgmt_tx() function in net/mac80211/offchannel.c. A local user can perform a denial of service (DoS) attack.
182) Resource management error (CVE-ID: CVE-2024-47734)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bond_xdp_get_xmit_slave() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
183) Input validation error (CVE-ID: CVE-2024-49892)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the calculate_ttu_cursor() function in drivers/gpu/drm/amd/display/dc/dml/dcn21/display_rq_dlg_calc_21.c, within the calculate_ttu_cursor() function in drivers/gpu/drm/amd/display/dc/dml/dcn20/display_rq_dlg_calc_20v2.c. A local user can perform a denial of service (DoS) attack.
184) Out-of-bounds read (CVE-ID: CVE-2024-47698)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rtl2832_pid_filter() function in drivers/media/dvb-frontends/rtl2832.c. A local user can perform a denial of service (DoS) attack.
185) Out-of-bounds read (CVE-ID: CVE-2024-49902)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAdjTree() and dbFindLeaf() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
186) Race condition (CVE-ID: CVE-2024-47715)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the EXPORT_SYMBOL_GPL() function in drivers/net/wireless/mediatek/mt76/mac80211.c. A local user can escalate privileges on the system.
187) Resource management error (CVE-ID: CVE-2024-49926)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kernel/rcu/tasks.h. A local user can perform a denial of service (DoS) attack.
188) Improper error handling (CVE-ID: CVE-2024-49882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ext4_ext_try_to_merge_up() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
189) NULL pointer dereference (CVE-ID: CVE-2024-49978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __udp_gso_segment() function in net/ipv4/udp_offload.c. A local user can perform a denial of service (DoS) attack.
190) Use-after-free (CVE-ID: CVE-2024-49945)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ncsi_unregister_dev() function in net/ncsi/ncsi-manage.c. A local user can escalate privileges on the system.
191) Use-after-free (CVE-ID: CVE-2024-49925)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efifb_probe(), pm_runtime_put() and efifb_remove() functions in drivers/video/fbdev/efifb.c. A local user can escalate privileges on the system.
192) Memory leak (CVE-ID: CVE-2024-47733)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the netfs_init() and fs_initcall() functions in fs/netfs/main.c. A local user can perform a denial of service (DoS) attack.
193) Use-after-free (CVE-ID: CVE-2024-49874)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svc_i3c_master_remove() function in drivers/i3c/master/svc-i3c-master.c. A local user can escalate privileges on the system.
194) Improper locking (CVE-ID: CVE-2024-49856)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sgx_alloc_epc_page() function in arch/x86/kernel/cpu/sgx/main.c. A local user can perform a denial of service (DoS) attack.
195) Improper error handling (CVE-ID: CVE-2024-49966)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ocfs2_local_read_info() function in fs/ocfs2/quota_local.c. A local user can perform a denial of service (DoS) attack.
196) Use-after-free (CVE-ID: CVE-2024-49960)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the flush_work() function in fs/ext4/super.c. A local user can escalate privileges on the system.
197) NULL pointer dereference (CVE-ID: CVE-2024-49905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the handle_cursor_update() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_plane.c. A local user can perform a denial of service (DoS) attack.
198) Resource management error (CVE-ID: CVE-2024-49866)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the osnoise_hotplug_workfn() function in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.
199) Use-after-free (CVE-ID: CVE-2024-49903)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the jfs_issue_discard() and jfs_ioc_trim() functions in fs/jfs/jfs_discard.c. A local user can escalate privileges on the system.
200) Off-by-one (CVE-ID: CVE-2024-49862)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the get_rpi() function in drivers/powercap/intel_rapl_common.c. A local user can perform a denial of service (DoS) attack.
201) Resource management error (CVE-ID: CVE-2024-50008)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mwifiex_ret_802_11_scan_ext() function in drivers/net/wireless/marvell/mwifiex/scan.c. A local user can perform a denial of service (DoS) attack.
202) Integer overflow (CVE-ID: CVE-2024-49994)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the blk_ioctl_discard() and blk_ioctl_secure_erase() functions in block/ioctl.c. A local user can execute arbitrary code.
203) Memory leak (CVE-ID: CVE-2024-49851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tpm2_flush_space() function in drivers/char/tpm/tpm2-space.c, within the tpm_dev_transmit() function in drivers/char/tpm/tpm-dev-common.c. A local user can perform a denial of service (DoS) attack.
204) Input validation error (CVE-ID: CVE-2024-47745)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the SYSCALL_DEFINE5() function in mm/mmap.c. A local user can perform a denial of service (DoS) attack.
205) Use-after-free (CVE-ID: CVE-2024-49884)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_split_extent_at() and ext4_ext_dirty() functions in fs/ext4/extents.c. A local user can escalate privileges on the system.
206) Input validation error (CVE-ID: CVE-2024-47753)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vdec_vp8_slice_decode() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_vp8_req_if.c. A local user can perform a denial of service (DoS) attack.
207) Input validation error (CVE-ID: CVE-2024-49938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ath9k_hif_usb_rx_cb() and ath9k_hif_usb_reg_in_cb() functions in drivers/net/wireless/ath/ath9k/hif_usb.c. A local user can perform a denial of service (DoS) attack.
208) NULL pointer dereference (CVE-ID: CVE-2024-49890)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_overdrive_limits() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/processpptables.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.