SB2025042513 - Dell APEX Cloud Platform for Red Hat OpenShift update for third-party components
Published: April 25, 2025 Updated: January 4, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1105 secuirty vulnerabilities.
1) NULL pointer dereference (CVE-ID: CVE-2024-47687)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_vdpa_show_mr_leaks() function in drivers/vdpa/mlx5/core/mr.c. A local user can perform a denial of service (DoS) attack.
2) Buffer overflow (CVE-ID: CVE-2024-47668)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the __genradix_ptr_alloc() function in lib/generic-radix-tree.c. A local user can perform a denial of service (DoS) attack.
3) Improper locking (CVE-ID: CVE-2024-47669)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_segctor_abort_construction() and nilfs_segctor_do_construct() functions in fs/nilfs2/segment.c. A local user can perform a denial of service (DoS) attack.
4) Out-of-bounds read (CVE-ID: CVE-2024-47670)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ocfs2_listxattr(), ocfs2_xattr_find_entry(), ocfs2_xattr_ibody_get(), ocfs2_xattr_ibody_find() and ocfs2_xattr_block_find() functions in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.
5) Memory leak (CVE-ID: CVE-2024-47671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the usbtmc_create_urb() function in drivers/usb/class/usbtmc.c. A local user can perform a denial of service (DoS) attack.
6) Improper locking (CVE-ID: CVE-2024-47672)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the iwl_mvm_flush_no_vif() and iwl_mvm_mac_flush() functions in drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c. A local user can perform a denial of service (DoS) attack.
7) Resource management error (CVE-ID: CVE-2024-47673)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iwl_mvm_stop_device() function in drivers/net/wireless/intel/iwlwifi/mvm/ops.c. A local user can perform a denial of service (DoS) attack.
8) Use-after-free (CVE-ID: CVE-2024-47674)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the remap_p4d_range() and remap_pfn_range_notrack() functions in mm/memory.c. A local user can escalate privileges on the system.
9) Memory leak (CVE-ID: CVE-2024-47675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bpf_uprobe_multi_link_attach() function in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.
10) Improper locking (CVE-ID: CVE-2024-47679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the spin_lock() function in fs/inode.c. A local user can perform a denial of service (DoS) attack.
11) NULL pointer dereference (CVE-ID: CVE-2024-47681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mt7996_mcu_sta_bfer_he() function in drivers/net/wireless/mediatek/mt76/mt7996/mcu.c. A local user can perform a denial of service (DoS) attack.
12) Out-of-bounds read (CVE-ID: CVE-2024-47682)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sd_read_block_characteristics() function in drivers/scsi/sd.c. A local user can perform a denial of service (DoS) attack.
13) NULL pointer dereference (CVE-ID: CVE-2024-47684)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/net/tcp.h. A local user can perform a denial of service (DoS) attack.
14) Use of uninitialized resource (CVE-ID: CVE-2024-47685)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nf_reject_ip6_tcphdr_put() function in net/ipv6/netfilter/nf_reject_ipv6.c. A local user can perform a denial of service (DoS) attack.
15) Out-of-bounds read (CVE-ID: CVE-2024-47686)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ep93xx_div_recalc_rate() function in arch/arm/mach-ep93xx/clock.c. A local user can perform a denial of service (DoS) attack.
16) NULL pointer dereference (CVE-ID: CVE-2024-47688)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the module_add_driver() function in drivers/base/module.c. A local user can perform a denial of service (DoS) attack.
17) Improper locking (CVE-ID: CVE-2024-47666)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pm8001_phy_control() function in drivers/scsi/pm8001/pm8001_sas.c. A local user can perform a denial of service (DoS) attack.
18) NULL pointer dereference (CVE-ID: CVE-2024-47692)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __cld_pipe_inprogress_downcall() function in fs/nfsd/nfs4recover.c. A local user can perform a denial of service (DoS) attack.
19) Resource management error (CVE-ID: CVE-2024-47693)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ib_cache_setup_one() function in drivers/infiniband/core/cache.c. A local user can perform a denial of service (DoS) attack.
20) Out-of-bounds read (CVE-ID: CVE-2024-47695)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the init_conns() function in drivers/infiniband/ulp/rtrs/rtrs-clt.c. A local user can perform a denial of service (DoS) attack.
21) Use-after-free (CVE-ID: CVE-2024-47696)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iw_cm_init() function in drivers/infiniband/core/iwcm.c. A local user can escalate privileges on the system.
22) Out-of-bounds read (CVE-ID: CVE-2024-47697)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rtl2830_pid_filter() function in drivers/media/dvb-frontends/rtl2830.c. A local user can perform a denial of service (DoS) attack.
23) Out-of-bounds read (CVE-ID: CVE-2024-47698)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rtl2832_pid_filter() function in drivers/media/dvb-frontends/rtl2832.c. A local user can perform a denial of service (DoS) attack.
24) NULL pointer dereference (CVE-ID: CVE-2024-47699)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nilfs_btree_root_broken() function in fs/nilfs2/btree.c. A local user can perform a denial of service (DoS) attack.
25) Input validation error (CVE-ID: CVE-2024-47702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the bpf_skb_is_valid_access(), xdp_is_valid_access() and flow_dissector_is_valid_access() functions in net/core/filter.c, within the check_packet_access() and check_mem_access() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
26) Incorrect calculation (CVE-ID: CVE-2024-47703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the mark_reg_unknown(), check_packet_access(), check_ctx_access(), check_stack_access_within_bounds(), check_mem_access() and check_return_code() functions in kernel/bpf/verifier.c, within the btf_ctx_access() function in kernel/bpf/btf.c, within the BTF_SET_START() function in kernel/bpf/bpf_lsm.c. A local user can perform a denial of service (DoS) attack.
27) NULL pointer dereference (CVE-ID: CVE-2024-47704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the set_hpo_dp_throttled_vcp_size() and disable_hpo_dp_link_output() functions in drivers/gpu/drm/amd/display/dc/link/hwss/link_hwss_hpo_dp.c. A local user can perform a denial of service (DoS) attack.
28) NULL pointer dereference (CVE-ID: CVE-2024-47705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blk_add_partition() function in block/partitions/core.c. A local user can perform a denial of service (DoS) attack.
29) Use-after-free (CVE-ID: CVE-2024-47706)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_init_rq() function in block/bfq-iosched.c. A local user can escalate privileges on the system.
30) NULL pointer dereference (CVE-ID: CVE-2024-47707)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt6_uncached_list_flush_dev() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
31) Resource management error (CVE-ID: CVE-2024-47709)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bcm_notify() function in net/can/bcm.c. A local user can perform a denial of service (DoS) attack.
32) Input validation error (CVE-ID: CVE-2024-47667)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the RTL GENMASK(), to_keystone_pcie(), ks_pcie_start_link() and ks_pcie_quirk() functions in drivers/pci/controller/dwc/pci-keystone.c. A local user can perform a denial of service (DoS) attack.
33) Input validation error (CVE-ID: CVE-2024-47665)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_dma_init() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.
34) Use-after-free (CVE-ID: CVE-2024-47712)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wilc_parse_join_bss_param() function in drivers/net/wireless/microchip/wilc1000/hif.c. A local user can escalate privileges on the system.
35) Race condition (CVE-ID: CVE-2024-46851)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the dcn10_set_drr() function in drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c. A local user can escalate privileges on the system.
36) Out-of-bounds read (CVE-ID: CVE-2024-46828)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.
37) Improper locking (CVE-ID: CVE-2024-46830)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kvm_arch_vcpu_ioctl() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
38) Use-after-free (CVE-ID: CVE-2024-46831)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vcap_api_encode_rule_test() function in drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c. A local user can escalate privileges on the system.
39) Out-of-bounds read (CVE-ID: CVE-2024-46834)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ethtool_set_channels() function in net/ethtool/ioctl.c, within the ethtool_get_max_rxfh_channel() function in net/ethtool/common.c, within the ethnl_set_channels() function in net/ethtool/channels.c. A local user can perform a denial of service (DoS) attack.
40) Resource management error (CVE-ID: CVE-2024-46835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the gfx_v11_0_hw_init() function in drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c. A local user can perform a denial of service (DoS) attack.
41) Input validation error (CVE-ID: CVE-2024-46836)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ast_udc_getstatus() function in drivers/usb/gadget/udc/aspeed_udc.c. A local user can perform a denial of service (DoS) attack.
42) Improper locking (CVE-ID: CVE-2024-46840)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reada_walk_down(), walk_down_proc(), do_walk_down() and walk_up_proc() functions in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.
43) Improper error handling (CVE-ID: CVE-2024-46841)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the walk_down_proc() function in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.
44) Use-after-free (CVE-ID: CVE-2024-46842)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lpfc_get_sfp_info_wait() function in drivers/scsi/lpfc/lpfc_els.c. A local user can escalate privileges on the system.
45) Resource management error (CVE-ID: CVE-2024-46843)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ufshcd_remove(), ufshcd_init() and blk_mq_free_tag_set() functions in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
46) Use-after-free (CVE-ID: CVE-2024-46845)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the this_cpu_tmr_var() and timerlat_fd_release() functions in kernel/trace/trace_osnoise.c. A local user can escalate privileges on the system.
47) Improper error handling (CVE-ID: CVE-2024-46846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the rockchip_spi_suspend() and rockchip_spi_resume() functions in drivers/spi/spi-rockchip.c. A local user can perform a denial of service (DoS) attack.
48) Infinite loop (CVE-ID: CVE-2024-46848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the adl_get_hybrid_cpu_type() and intel_pmu_init() functions in arch/x86/events/intel/core.c. A local user can perform a denial of service (DoS) attack.
49) Use-after-free (CVE-ID: CVE-2024-46849)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the axg_card_add_tdm_loopback() function in sound/soc/meson/axg-card.c. A local user can escalate privileges on the system.
50) Off-by-one (CVE-ID: CVE-2024-46852)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the cma_heap_vm_fault() function in drivers/dma-buf/heaps/cma_heap.c. A local user can perform a denial of service (DoS) attack.
51) Division by zero (CVE-ID: CVE-2024-47664)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the hisi_spi_probe() function in drivers/spi/spi-hisi-kunpeng.c. A local user can perform a denial of service (DoS) attack.
52) Resource management error (CVE-ID: CVE-2024-46870)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the drivers/gpu/drm/amd/display/dc/resource/dcn35/dcn35_resource.c. A local user can perform a denial of service (DoS) attack.
53) Division by zero (CVE-ID: CVE-2024-47663)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ad9834_write_frequency() function in drivers/staging/iio/frequency/ad9834.c. A local user can perform a denial of service (DoS) attack.
54) Input validation error (CVE-ID: CVE-2024-47662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dmub_dcn35_get_current_time() and dmub_dcn35_get_diagnostic_data() functions in drivers/gpu/drm/amd/display/dmub/src/dmub_dcn35.c. A local user can perform a denial of service (DoS) attack.
55) Buffer overflow (CVE-ID: CVE-2024-47661)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the dmub_abm_set_pipe() function in drivers/gpu/drm/amd/display/dc/hwss/dcn21/dcn21_hwseq.c, within the dmub_abm_set_pipe() function in drivers/gpu/drm/amd/display/dc/dce/dmub_abm_lcd.c. A local user can escalate privileges on the system.
56) Improper locking (CVE-ID: CVE-2024-47660)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __fsnotify_recalc_mask() function in fs/notify/mark.c, within the fsnotify_sb_delete(), __fsnotify_update_child_dentry_flags() and __fsnotify_parent() functions in fs/notify/fsnotify.c. A local user can perform a denial of service (DoS) attack.
57) Improper locking (CVE-ID: CVE-2024-47658)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the stm32_cryp_irq_thread() function in drivers/crypto/stm32/stm32-cryp.c. A local user can perform a denial of service (DoS) attack.
58) Input validation error (CVE-ID: CVE-2024-46871)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h. A local user can perform a denial of service (DoS) attack.
59) Improper Initialization (CVE-ID: CVE-2024-46864)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the hv_machine_shutdown() function in arch/x86/kernel/cpu/mshyperv.c, within the EXPORT_SYMBOL_GPL(), register_syscore_ops() and wrmsrl() functions in arch/x86/hyperv/hv_init.c. A local user can perform a denial of service (DoS) attack.
60) Use-after-free (CVE-ID: CVE-2024-46853)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nxp_fspi_fill_txfifo() function in drivers/spi/spi-nxp-fspi.c. A local user can escalate privileges on the system.
61) Input validation error (CVE-ID: CVE-2024-46861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ipheth_rcvbulk_callback() function in drivers/net/usb/ipheth.c. A local user can perform a denial of service (DoS) attack.
62) NULL pointer dereference (CVE-ID: CVE-2024-46860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mt7921_ipv6_addr_change() function in drivers/net/wireless/mediatek/mt76/mt7921/main.c. A local user can perform a denial of service (DoS) attack.
63) Out-of-bounds read (CVE-ID: CVE-2024-46859)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the DEVICE_ATTR_RW(), acpi_pcc_hotkey_resume() and acpi_pcc_hotkey_add() functions in drivers/platform/x86/panasonic-laptop.c. A local user can perform a denial of service (DoS) attack.
64) NULL pointer dereference (CVE-ID: CVE-2024-46857)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_eswitch_set_vepa() and mlx5_eswitch_get_vepa() functions in drivers/net/ethernet/mellanox/mlx5/core/esw/legacy.c. A local user can perform a denial of service (DoS) attack.
65) Memory leak (CVE-ID: CVE-2024-46855)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_socket_eval() function in net/netfilter/nft_socket.c. A local user can perform a denial of service (DoS) attack.
66) Memory leak (CVE-ID: CVE-2024-46854)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dpaa_start_xmit() function in drivers/net/ethernet/freescale/dpaa/dpaa_eth.c. A local user can perform a denial of service (DoS) attack.
67) Improper locking (CVE-ID: CVE-2024-47710)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sock_hash_free() function in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
68) Improper locking (CVE-ID: CVE-2024-47713)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ieee80211_do_stop() function in net/mac80211/iface.c. A local user can perform a denial of service (DoS) attack.
69) Input validation error (CVE-ID: CVE-2024-46826)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the fs/binfmt_elf.c. A local user can perform a denial of service (DoS) attack.
70) NULL pointer dereference (CVE-ID: CVE-2024-49879)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the omapdrm_init() and omap_gem_deinit() functions in drivers/gpu/drm/omapdrm/omap_drv.c. A local user can perform a denial of service (DoS) attack.
71) Buffer overflow (CVE-ID: CVE-2024-49860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the acpi_device_setup_files() function in drivers/acpi/device_sysfs.c. A local user can perform a denial of service (DoS) attack.
72) Use of uninitialized resource (CVE-ID: CVE-2024-49861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the sizeof() function in net/core/filter.c, within the sizeof() function in kernel/trace/bpf_trace.c, within the arg_type_is_dynptr() function in kernel/bpf/verifier.c, within the sizeof() function in kernel/bpf/syscall.c, within the sizeof() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
73) Off-by-one (CVE-ID: CVE-2024-49862)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the get_rpi() function in drivers/powercap/intel_rapl_common.c. A local user can perform a denial of service (DoS) attack.
74) NULL pointer dereference (CVE-ID: CVE-2024-49863)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vhost_scsi_get_req() function in drivers/vhost/scsi.c. A local user can perform a denial of service (DoS) attack.
75) Race condition (CVE-ID: CVE-2024-49864)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rxrpc_open_socket() function in net/rxrpc/local_object.c, within the rxrpc_encap_rcv() and rxrpc_io_thread() functions in net/rxrpc/io_thread.c. A local user can escalate privileges on the system.
76) Resource management error (CVE-ID: CVE-2024-49866)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the osnoise_hotplug_workfn() function in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.
77) Use-after-free (CVE-ID: CVE-2024-49867)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the close_ctree() function in fs/btrfs/disk-io.c. A local user can escalate privileges on the system.
78) NULL pointer dereference (CVE-ID: CVE-2024-49868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_update_reloc_root() function in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.
79) Memory leak (CVE-ID: CVE-2024-49870)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cachefiles_open_file(), fput() and cachefiles_look_up_object() functions in fs/cachefiles/namei.c. A local user can perform a denial of service (DoS) attack.
80) NULL pointer dereference (CVE-ID: CVE-2024-49871)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the adp5589_keypad_add() and adp5589_probe() functions in drivers/input/keyboard/adp5589-keys.c. A local user can perform a denial of service (DoS) attack.
81) Use-after-free (CVE-ID: CVE-2024-49874)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svc_i3c_master_remove() function in drivers/i3c/master/svc-i3c-master.c. A local user can escalate privileges on the system.
82) Improper locking (CVE-ID: CVE-2024-49875)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fs/nfsd/vfs.c. A local user can perform a denial of service (DoS) attack.
83) NULL pointer dereference (CVE-ID: CVE-2024-49877)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fs/ocfs2/buffer_head_io.c. A local user can perform a denial of service (DoS) attack.
84) Resource management error (CVE-ID: CVE-2024-49878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the EXPORT_SYMBOL_GPL() function in kernel/resource.c. A local user can perform a denial of service (DoS) attack.
85) Memory leak (CVE-ID: CVE-2024-49881)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the get_ext_path() function in fs/ext4/move_extent.c, within the ext4_find_extent() and ext4_split_extent_at() functions in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
86) Use-after-free (CVE-ID: CVE-2024-49855)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nbd_requeue_cmd() and nbd_xmit_timeout() functions in drivers/block/nbd.c. A local user can escalate privileges on the system.
87) Improper error handling (CVE-ID: CVE-2024-49882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ext4_ext_try_to_merge_up() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
88) Use-after-free (CVE-ID: CVE-2024-49883)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fs/ext4/extents.c. A local user can escalate privileges on the system.
89) Out-of-bounds read (CVE-ID: CVE-2024-49886)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the _isst_if_get_pci_dev() function in drivers/platform/x86/intel/speed_select_if/isst_if_common.c. A local user can perform a denial of service (DoS) attack.
90) Improper error handling (CVE-ID: CVE-2024-49888)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the do_misc_fixups() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
91) NULL pointer dereference (CVE-ID: CVE-2024-49890)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_overdrive_limits() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/processpptables.c. A local user can perform a denial of service (DoS) attack.
92) NULL pointer dereference (CVE-ID: CVE-2024-49891)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_sli_flush_io_rings() function in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_abort_handler() function in drivers/scsi/lpfc/lpfc_scsi.c, within the lpfc_dev_loss_tmo_callbk() function in drivers/scsi/lpfc/lpfc_hbadisc.c. A local user can perform a denial of service (DoS) attack.
93) Input validation error (CVE-ID: CVE-2024-49892)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the calculate_ttu_cursor() function in drivers/gpu/drm/amd/display/dc/dml/dcn21/display_rq_dlg_calc_21.c, within the calculate_ttu_cursor() function in drivers/gpu/drm/amd/display/dc/dml/dcn20/display_rq_dlg_calc_20v2.c. A local user can perform a denial of service (DoS) attack.
94) Out-of-bounds read (CVE-ID: CVE-2024-49894)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm_helper_translate_curve_to_degamma_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c. A local user can perform a denial of service (DoS) attack.
95) Out-of-bounds read (CVE-ID: CVE-2024-49895)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm3_helper_translate_curve_to_degamma_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn30/dcn30_cm_common.c. A local user can perform a denial of service (DoS) attack.
96) NULL pointer dereference (CVE-ID: CVE-2024-49896)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the are_stream_backends_same() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
97) Improper error handling (CVE-ID: CVE-2024-49897)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dcn32_add_phantom_pipes() function in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c. A local user can perform a denial of service (DoS) attack.
98) NULL pointer dereference (CVE-ID: CVE-2024-49898)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the subvp_drr_schedulable() and subvp_vblank_schedulable() functions in drivers/gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c. A local user can perform a denial of service (DoS) attack.
99) Input validation error (CVE-ID: CVE-2024-49899)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the CalculateVMGroupAndRequestTimes() function in drivers/gpu/drm/amd/display/dc/dml2/dml21/src/dml2_core/dml2_core_shared.c, within the get_bytes_per_element() function in drivers/gpu/drm/amd/display/dc/dml/dml1_display_rq_dlg_calc.c, within the calculate_ttu_cursor() function in drivers/gpu/drm/amd/display/dc/dml/dcn20/display_rq_dlg_calc_20.c. A local user can perform a denial of service (DoS) attack.
100) Use of uninitialized resource (CVE-ID: CVE-2024-49900)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ea_get() function in fs/jfs/xattr.c. A local user can perform a denial of service (DoS) attack.
101) Buffer overflow (CVE-ID: CVE-2024-49858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the efi_retrieve_tpm2_eventlog() function in drivers/firmware/efi/libstub/tpm.c. A local user can perform a denial of service (DoS) attack.
102) Double free (CVE-ID: CVE-2024-49853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the scmi_optee_chan_free() function in drivers/firmware/arm_scmi/optee.c. A local user can perform a denial of service (DoS) attack.
103) Out-of-bounds read (CVE-ID: CVE-2024-47714)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mt7996_mcu_sta_bfer_tlv() function in drivers/net/wireless/mediatek/mt76/mt7996/mcu.c. A local user can perform a denial of service (DoS) attack.
104) Memory leak (CVE-ID: CVE-2024-47741)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the find_desired_extent_in_hole() and find_desired_extent() functions in fs/btrfs/file.c. A local user can perform a denial of service (DoS) attack.
105) Race condition (CVE-ID: CVE-2024-47715)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the EXPORT_SYMBOL_GPL() function in drivers/net/wireless/mediatek/mt76/mac80211.c. A local user can escalate privileges on the system.
106) Use-after-free (CVE-ID: CVE-2024-47718)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rtw_wait_firmware_completion() function in drivers/net/wireless/realtek/rtw88/main.c. A local user can escalate privileges on the system.
107) Memory leak (CVE-ID: CVE-2024-47719)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iopt_alloc_iova() function in drivers/iommu/iommufd/io_pagetable.c. A local user can perform a denial of service (DoS) attack.
108) NULL pointer dereference (CVE-ID: CVE-2024-47720)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn30_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/dcn30/dcn30_hwseq.c. A local user can perform a denial of service (DoS) attack.
109) Out-of-bounds read (CVE-ID: CVE-2024-47723)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the diAlloc() function in fs/jfs/jfs_imap.c, within the dbMount() and dbNextAG() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
110) Input validation error (CVE-ID: CVE-2024-47727)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the handle_mmio() function in arch/x86/coco/tdx/tdx.c. A local user can perform a denial of service (DoS) attack.
111) Memory leak (CVE-ID: CVE-2024-47728)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the BPF_CALL_5() function in net/core/filter.c, within the BPF_CALL_4() function in kernel/bpf/syscall.c, within the BPF_CALL_4() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
112) Input validation error (CVE-ID: CVE-2024-47730)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qm_set_vf_mse(), qm_controller_reset_prepare(), qm_master_ooo_check() and qm_soft_reset_prepare() functions in drivers/crypto/hisilicon/qm.c. A local user can perform a denial of service (DoS) attack.
113) Buffer overflow (CVE-ID: CVE-2024-47731)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ali_drw_pmu_isr() function in drivers/perf/alibaba_uncore_drw_pmu.c. A local user can perform a denial of service (DoS) attack.
114) Use-after-free (CVE-ID: CVE-2024-47732)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the remove_device_compression_modes() function in drivers/crypto/intel/iaa/iaa_crypto_main.c. A local user can escalate privileges on the system.
115) Improper locking (CVE-ID: CVE-2024-47735)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hns_roce_lock_cqs() and hns_roce_unlock_cqs() functions in drivers/infiniband/hw/hns/hns_roce_qp.c. A local user can perform a denial of service (DoS) attack.
116) Improper error handling (CVE-ID: CVE-2024-47737)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the idmap_id_to_name() function in fs/nfsd/nfs4idmap.c. A local user can perform a denial of service (DoS) attack.
117) Resource management error (CVE-ID: CVE-2024-47738)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ieee80211_tx_h_rate_ctrl() function in net/mac80211/tx.c, within the ieee80211_send_scan_probe_req() function in net/mac80211/scan.c, within the ieee80211_get_tx_rates() function in net/mac80211/rate.c, within the ieee80211_mgmt_tx() function in net/mac80211/offchannel.c. A local user can perform a denial of service (DoS) attack.
118) Improper locking (CVE-ID: CVE-2024-47739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the padata_do_serial() function in kernel/padata.c. A local user can perform a denial of service (DoS) attack.
119) Incorrect calculation (CVE-ID: CVE-2024-47742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the fw_abort_batch_reqs() and _request_firmware() functions in drivers/base/firmware_loader/main.c. A local user can perform a denial of service (DoS) attack.
120) Use-after-free (CVE-ID: CVE-2024-49852)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efc_nport_vport_del() function in drivers/scsi/elx/libefc/efc_nport.c. A local user can escalate privileges on the system.
121) Input validation error (CVE-ID: CVE-2024-47752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vdec_h264_slice_decode() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_h264_req_if.c. A local user can perform a denial of service (DoS) attack.
122) Memory leak (CVE-ID: CVE-2024-49851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tpm2_flush_space() function in drivers/char/tpm/tpm2-space.c, within the tpm_dev_transmit() function in drivers/char/tpm/tpm-dev-common.c. A local user can perform a denial of service (DoS) attack.
123) NULL pointer dereference (CVE-ID: CVE-2024-49850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_core_apply() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
124) Out-of-bounds read (CVE-ID: CVE-2024-47757)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nilfs_btree_check_delete() function in fs/nilfs2/btree.c. A local user can perform a denial of service (DoS) attack.
125) NULL pointer dereference (CVE-ID: CVE-2024-47756)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ks_pcie_quirk() function in drivers/pci/controller/dwc/pci-keystone.c. A local user can perform a denial of service (DoS) attack.
126) Input validation error (CVE-ID: CVE-2024-47754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vdec_h264_slice_single_decode() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_h264_req_multi_if.c. A local user can perform a denial of service (DoS) attack.
127) Input validation error (CVE-ID: CVE-2024-47753)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vdec_vp8_slice_decode() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_vp8_req_if.c. A local user can perform a denial of service (DoS) attack.
128) Out-of-bounds read (CVE-ID: CVE-2024-47751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the kirin_pcie_parse_port() function in drivers/pci/controller/dwc/pcie-kirin.c. A local user can perform a denial of service (DoS) attack.
129) NULL pointer dereference (CVE-ID: CVE-2024-47743)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the find_asymmetric_key() function in crypto/asymmetric_keys/asymmetric_type.c. A local user can perform a denial of service (DoS) attack.
130) Use-after-free (CVE-ID: CVE-2024-47750)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hns_roce_v2_exit() and __hns_roce_hw_v2_uninit_instance() functions in drivers/infiniband/hw/hns/hns_roce_hw_v2.c. A local user can escalate privileges on the system.
131) NULL pointer dereference (CVE-ID: CVE-2024-47749)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the act_establish() and act_open_rpl() functions in drivers/infiniband/hw/cxgb4/cm.c. A local user can perform a denial of service (DoS) attack.
132) Use-after-free (CVE-ID: CVE-2024-47748)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vhost_vdpa_setup_vq_irq(), vhost_vdpa_vring_ioctl() and vhost_vdpa_open() functions in drivers/vhost/vdpa.c. A local user can escalate privileges on the system.
133) Use-after-free (CVE-ID: CVE-2024-47747)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ether3_remove() function in drivers/net/ethernet/seeq/ether3.c. A local user can escalate privileges on the system.
134) Input validation error (CVE-ID: CVE-2024-47745)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the SYSCALL_DEFINE5() function in mm/mmap.c. A local user can perform a denial of service (DoS) attack.
135) Improper locking (CVE-ID: CVE-2024-47744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the EXPORT_SYMBOL_GPL(), kvm_online_cpu(), hardware_disable_nolock(), hardware_disable_all_nolock(), hardware_enable_all() and kvm_suspend() functions in virt/kvm/kvm_main.c, within the cpus_read_lock() function in Documentation/virt/kvm/locking.rst. A local user can perform a denial of service (DoS) attack.
136) Input validation error (CVE-ID: CVE-2024-46827)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ath12k_station_assoc() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.
137) Input validation error (CVE-ID: CVE-2024-46825)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/net/wireless/intel/iwlwifi/mvm/mvm.h. A local user can perform a denial of service (DoS) attack.
138) Out-of-bounds read (CVE-ID: CVE-2024-49902)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAdjTree() and dbFindLeaf() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
139) Out-of-bounds read (CVE-ID: CVE-2023-52766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hci_dma_irq_handler() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.
140) Resource exhaustion (CVE-ID: CVE-2023-28450)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly perform fragmentation of UDP packets. A remote attacker can trigger resource exhaustion by sending overly large DNS UDP packets.
141) Resource exhaustion (CVE-ID: CVE-2023-50387)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when processing DNSSEC related records. A remote attacker can trigger resource exhaustion by forcing the DNS server to query a specially crafted DNSSEC zone and perform a denial of service (DoS) attack.
142) Resource exhaustion (CVE-ID: CVE-2023-50868)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when processing DNSSEC related records. A remote attacker can trigger resource exhaustion by forcing the DNS server to query a specially crafted DNSSEC zone and perform a denial of service (DoS) attack.
143) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-50379)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to missing access restrictions to the default servlet. If the default servlet is write enabled (readonly initialisation parameter set to the non-default value of false) for a case insensitive file system, concurrent read and upload under load of the same file can bypass Tomcat's case sensitivity checks and cause an uploaded file to be treated as a JSP leading to remote code execution.
144) Resource management error (CVE-ID: CVE-2024-52317)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to improper management of internal resources when handling HTTP/2 responses, which causes request and/or response mix-up between users. A remote non-authenticated attacker can send a series of HTTP/2 requests and gain access to sensitive information.
145) Resource exhaustion (CVE-ID: CVE-2024-54677)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the examples web application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
146) Security features bypass (CVE-ID: CVE-2024-56326)
The vulnerability allows a local user to bypass sandbox restrictions.
The vulnerability exists in the way the Jinja sandboxed environment detects calls to str.format. A local user with the ability to control the contents of a template can bypass sandbox restrictions.147) Resource exhaustion (CVE-ID: CVE-2023-45142)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect processing of HTTP header User-Agent and HTTP method. A remote attacker can send multiple requests with long randomly generated HTTP methods or/and User agents and consume memory resources, leading to a denial of service condition.148) Resource exhaustion (CVE-ID: CVE-2023-47108)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to grpc Unary Server Interceptor does not properly control consumption of internal resources when processing multiple requests. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
149) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2024-52530)
The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
150) Buffer overflow (CVE-ID: CVE-2024-52531)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when performing conversion to UTF-8. A remote attacker can trigger memory corruption and crash the application.
151) Infinite loop (CVE-ID: CVE-2024-52532)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop when reading WebSocket data. A remote attacker can trick the victim into visiting a specially crafted website, consume all available system resources and cause denial of service conditions.
152) Use-after-free (CVE-ID: CVE-2024-43374)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the alist_add() function in arglist.c. A remote attacker can trick the victim into opening a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system..
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
153) Use-after-free (CVE-ID: CVE-2024-47814)
The vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim into opening a specially crafted file and crash the application.
154) Buffer overflow (CVE-ID: CVE-2023-52778)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mptcp_update_infinite_map() and mptcp_sendmsg_frag() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
155) Use-after-free (CVE-ID: CVE-2024-56756)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_free_host_mem(), __nvme_alloc_host_mem() and kfree() functions in drivers/nvme/host/pci.c. A local user can escalate privileges on the system.
156) Use-after-free (CVE-ID: CVE-2023-52800)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath11k_htt_pktlog() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can escalate privileges on the system.
157) Spoofing attack (CVE-ID: CVE-2023-52881)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.
158) NULL pointer dereference (CVE-ID: CVE-2023-52917)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ndev_init_debugfs() function in drivers/ntb/hw/intel/ntb_hw_gen1.c. A local user can perform a denial of service (DoS) attack.
159) NULL pointer dereference (CVE-ID: CVE-2023-52918)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cx23885_video_register() function in drivers/media/pci/cx23885/cx23885-video.c. A local user can perform a denial of service (DoS) attack.
160) NULL pointer dereference (CVE-ID: CVE-2023-52919)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the send_acknowledge() function in net/nfc/nci/spi.c. A local user can perform a denial of service (DoS) attack.
161) NULL pointer dereference (CVE-ID: CVE-2023-52920)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the BPF_MOV64_REG() and BPF_RAW_INSN() functions in tools/testing/selftests/bpf/verifier/precise.c, within the subprog_spill_reg_precise() function in tools/testing/selftests/bpf/progs/verifier_subprog_precision.c, within the copy_verifier_state(), check_reg_arg(), is_jmp_point(), bt_is_reg_set(), calls_callback(), backtrack_insn(), __mark_chain_precision(), check_stack_write_fixed_off(), check_stack_read_fixed_off(), check_atomic(), push_jmp_history() and do_check() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
162) Use-after-free (CVE-ID: CVE-2023-52921)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the amdgpu_cs_pass1() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c. A local user can escalate privileges on the system.
163) Use-after-free (CVE-ID: CVE-2023-52922)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bcm_release() function in net/can/bcm.c. A local user can escalate privileges on the system.
164) Use-after-free (CVE-ID: CVE-2023-6270)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.
165) Out-of-bounds read (CVE-ID: CVE-2024-26596)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the EXPORT_SYMBOL_GPL() and dsa_user_changeupper() functions in net/dsa/user.c. A local user can perform a denial of service (DoS) attack.
166) NULL pointer dereference (CVE-ID: CVE-2024-26703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the timerlat_fd_open() and timerlat_fd_read() functions in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.
167) Resource management error (CVE-ID: CVE-2024-26741)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the net/ipv4/inet_hashtables.c. A local user can perform a denial of service (DoS) attack.
168) Resource management error (CVE-ID: CVE-2024-26758)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
169) Resource management error (CVE-ID: CVE-2024-26761)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __cxl_hdm_decode_init() function in drivers/cxl/core/pci.c. A local user can perform a denial of service (DoS) attack.
170) Improper access control (CVE-ID: CVE-2024-8805)
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions within the implementation of the HID over GATT Profile. A remote attacker on the local network can bypass implemented security restrictions and execute arbitrary code on the target system.
171) Input validation error (CVE-ID: CVE-2024-56755)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the fs/netfs/fscache_volume.c. A local user can perform a denial of service (DoS) attack.
172) Double free (CVE-ID: CVE-2024-26782)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mptcp_inet6_sk() and mptcp_sk_clone() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
173) Resource management error (CVE-ID: CVE-2024-53234)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the z_erofs_load_compact_lcluster() and z_erofs_get_extent_decompressedlen() functions in fs/erofs/zmap.c. A local user can perform a denial of service (DoS) attack.
174) Memory leak (CVE-ID: CVE-2024-53202)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fw_log_firmware_info() function in drivers/base/firmware_loader/main.c. A local user can perform a denial of service (DoS) attack.
175) Use-after-free (CVE-ID: CVE-2024-53206)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __inet_csk_reqsk_queue_drop() function in net/ipv4/inet_connection_sock.c. A local user can escalate privileges on the system.
176) Improper locking (CVE-ID: CVE-2024-53207)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mgmt_set_discoverable_complete(), mgmt_set_connectable_complete(), set_ssp_complete(), set_name_complete(), set_default_phy_complete(), start_discovery_complete(), stop_discovery_complete() and read_local_oob_ext_data_complete() functions in net/bluetooth/mgmt.c. A local user can perform a denial of service (DoS) attack.
177) Use-after-free (CVE-ID: CVE-2024-53208)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mgmt_set_powered_complete() function in net/bluetooth/mgmt.c. A local user can escalate privileges on the system.
178) NULL pointer dereference (CVE-ID: CVE-2024-53209)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bnxt_set_rx_skb_mode() and bnxt_change_mtu() functions in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can perform a denial of service (DoS) attack.
179) Memory leak (CVE-ID: CVE-2024-53210)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iucv_sock_recvmsg() function in net/iucv/af_iucv.c. A local user can perform a denial of service (DoS) attack.
180) Double free (CVE-ID: CVE-2024-53213)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the lan78xx_probe() function in drivers/net/usb/lan78xx.c. A local user can perform a denial of service (DoS) attack.
181) Out-of-bounds read (CVE-ID: CVE-2024-53214)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vfio_virt_config_read() and vfio_config_do_rw() functions in drivers/vfio/pci/vfio_pci_config.c. A local user can perform a denial of service (DoS) attack.
182) Improper error handling (CVE-ID: CVE-2024-53215)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the svc_rdma_proc_init() function in net/sunrpc/xprtrdma/svc_rdma.c. A local user can perform a denial of service (DoS) attack.
183) Use-after-free (CVE-ID: CVE-2024-53216)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in fs/nfsd/export.c. A local user can execute arbitrary code with elevated privileges.
184) NULL pointer dereference (CVE-ID: CVE-2024-53217)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfsd4_process_cb_update() function in fs/nfsd/nfs4callback.c. A local user can perform a denial of service (DoS) attack.
185) NULL pointer dereference (CVE-ID: CVE-2024-53222)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the zram_add() function in drivers/block/zram/zram_drv.c. A local user can perform a denial of service (DoS) attack.
186) NULL pointer dereference (CVE-ID: CVE-2024-53224)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_ib_dev_res_init(), mlx5_ib_stage_delay_drop_cleanup(), mlx5_ib_stage_dev_notifier_init() and STAGE_CREATE() functions in drivers/infiniband/hw/mlx5/main.c. A local user can perform a denial of service (DoS) attack.
187) Infinite loop (CVE-ID: CVE-2024-53229)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the rxe_requester() function in drivers/infiniband/sw/rxe/rxe_req.c. A local user can perform a denial of service (DoS) attack.
188) Use-after-free (CVE-ID: CVE-2024-53237)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __match_tty() and hci_conn_del_sysfs() functions in net/bluetooth/hci_sysfs.c. A local user can escalate privileges on the system.
189) Input validation error (CVE-ID: CVE-2024-56754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the caam_qi_init() function in drivers/crypto/caam/qi.c. A local user can perform a denial of service (DoS) attack.
190) Resource management error (CVE-ID: CVE-2024-56576)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tc358743_probe() function in drivers/media/i2c/tc358743.c. A local user can perform a denial of service (DoS) attack.
191) Resource management error (CVE-ID: CVE-2024-56752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the gf100_gr_chan_new() function in drivers/gpu/drm/nouveau/nvkm/engine/gr/gf100.c. A local user can perform a denial of service (DoS) attack.
192) NULL pointer dereference (CVE-ID: CVE-2024-56667)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the capture_engine() function in drivers/gpu/drm/i915/i915_gpu_error.c. A local user can perform a denial of service (DoS) attack.
193) Integer underflow (CVE-ID: CVE-2024-56645)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the j1939_session_new() function in net/can/j1939/transport.c. A local user can execute arbitrary code.
194) Use-after-free (CVE-ID: CVE-2024-56604)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rfcomm_sock_alloc() function in net/bluetooth/rfcomm/sock.c. A local user can escalate privileges on the system.
195) NULL pointer dereference (CVE-ID: CVE-2024-56599)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath10k_sdio_remove() function in drivers/net/wireless/ath/ath10k/sdio.c. A local user can perform a denial of service (DoS) attack.
196) Use-after-free (CVE-ID: CVE-2024-56582)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_encoded_read_endio() function in fs/btrfs/inode.c. A local user can escalate privileges on the system.
197) Division by zero (CVE-ID: CVE-2024-56567)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ad7780_write_raw() function in drivers/iio/adc/ad7780.c. A local user can perform a denial of service (DoS) attack.
198) NULL pointer dereference (CVE-ID: CVE-2024-53240)
The vulnerability allows a remote backend to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the guest xen-netfront driver. A a malicious network backend can crash the guest OS.
199) Improper locking (CVE-ID: CVE-2024-56566)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the check_slab(), slab_fix() and alloc_single_from_partial() functions in mm/slub.c. A local user can perform a denial of service (DoS) attack.
200) Input validation error (CVE-ID: CVE-2024-56562)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the i3c_master_put_i3c_addrs() function in drivers/i3c/master.c. A local user can perform a denial of service (DoS) attack.
201) Use-after-free (CVE-ID: CVE-2024-56551)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the amdgpu_vce_sw_fini() function in drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c, within the amdgpu_device_fini_sw() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can escalate privileges on the system.
202) NULL pointer dereference (CVE-ID: CVE-2024-56549)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cachefiles_ondemand_fd_write_iter() and cachefiles_ondemand_fd_llseek() functions in fs/cachefiles/ondemand.c, within the cachefiles_commit_object() and cachefiles_clean_up_object() functions in fs/cachefiles/interface.c. A local user can perform a denial of service (DoS) attack.
203) NULL pointer dereference (CVE-ID: CVE-2024-56536)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cw1200_spi_suspend() function in drivers/net/wireless/st/cw1200/cw1200_spi.c. A local user can perform a denial of service (DoS) attack.
204) Processor optimization removal or modification of security-critical code (CVE-ID: CVE-2024-53241)
The vulnerability allows a malicious guest to gain access to sensitive information.
The vulnerability exists due to implemented mitigations for hardware vulnerabilities related to Xen hypercall page implementation the guest OS is relying on to work might not be fully functional, resulting in e.g. guest user processes being able to read data they ought not have access to.
205) Infinite loop (CVE-ID: CVE-2024-26767)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the link_validate_dpia_bandwidth() function in drivers/gpu/drm/amd/display/dc/link/link_validation.c, within the get_firmware_info_v3_2(), get_integrated_info_v11(), get_integrated_info_v2_1() and get_integrated_info_v2_2() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
206) Information disclosure (CVE-ID: CVE-2024-26864)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the sock_prot_inuse_add() function in net/ipv4/inet_hashtables.c. A local user can gain access to sensitive information.
207) Input validation error (CVE-ID: CVE-2024-46821)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the navi10_get_current_clk_freq_by_table(), navi10_emit_clk_levels(), navi10_print_clk_levels() and navi10_force_clk_levels() functions in drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c. A local user can perform a denial of service (DoS) attack.
208) Input validation error (CVE-ID: CVE-2024-46802)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the resource_build_bit_depth_reduction_params() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
209) Incorrect calculation (CVE-ID: CVE-2024-45025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the free_fdtable_rcu(), copy_fdtable() and dup_fd() functions in fs/file.c. A local user can perform a denial of service (DoS) attack.
210) Improper locking (CVE-ID: CVE-2024-46678)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the bond_ipsec_add_sa(), bond_ipsec_add_sa_all(), bond_ipsec_del_sa(), bond_ipsec_del_sa_all(), bond_setup() and bond_uninit() functions in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
211) Input validation error (CVE-ID: CVE-2024-46680)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ps_wakeup(), btnxpuart_close() and nxp_serdev_remove() functions in drivers/bluetooth/btnxpuart.c. A local user can perform a denial of service (DoS) attack.
212) Infinite loop (CVE-ID: CVE-2024-46681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the pktgen_thread_worker() and pg_net_init() functions in net/core/pktgen.c. A local user can perform a denial of service (DoS) attack.
213) NULL pointer dereference (CVE-ID: CVE-2024-46721)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __aafs_profile_mkdir() function in security/apparmor/apparmorfs.c. A local user can perform a denial of service (DoS) attack.
214) Input validation error (CVE-ID: CVE-2024-46754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the net/core/filter.c. A local user can perform a denial of service (DoS) attack.
215) NULL pointer dereference (CVE-ID: CVE-2024-46765)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_xsk_pool_setup() function in drivers/net/ethernet/intel/ice/ice_xsk.c, within the ice_clear_hw_tbls(), ice_xdp_setup_prog() and ice_xdp() functions in drivers/net/ethernet/intel/ice/ice_main.c, within the ice_vsi_free(), ice_vsi_alloc() and ice_vsi_rebuild() functions in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.
216) Out-of-bounds read (CVE-ID: CVE-2024-46766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ice_napi_add(), ice_reinit_interrupt_scheme(), ice_suspend() and ice_vsi_open() functions in drivers/net/ethernet/intel/ice/ice_main.c, within the ice_vsi_cfg_def(), ice_vsi_close() and ice_dis_vsi() functions in drivers/net/ethernet/intel/ice/ice_lib.c, within the ice_free_q_vector() function in drivers/net/ethernet/intel/ice/ice_base.c. A local user can perform a denial of service (DoS) attack.
217) NULL pointer dereference (CVE-ID: CVE-2024-46770)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_prepare_for_reset(), ice_update_pf_netdev_link() and ice_rebuild() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
218) Input validation error (CVE-ID: CVE-2024-46775)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the perform_link_training_with_retries() function in drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training.c, within the hubbub2_program_watermarks() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hubbub.c, within the dc_dmub_srv_cmd_run_list() and dc_dmub_srv_get_visual_confirm_color_cmd() functions in drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c. A local user can perform a denial of service (DoS) attack.
219) Integer overflow (CVE-ID: CVE-2024-46777)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the udf_fill_partdesc_info() function in fs/udf/super.c. A local user can execute arbitrary code.
220) NULL pointer dereference (CVE-ID: CVE-2024-46788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the osnoise_migration_pending(), stop_kthread(), start_kthread() and start_per_cpu_kthreads() functions in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.
221) NULL pointer dereference (CVE-ID: CVE-2024-46797)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the barrier() function in arch/powerpc/lib/qspinlock.c. A local user can perform a denial of service (DoS) attack.
222) Use-after-free (CVE-ID: CVE-2024-46800)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qdisc_enqueue() function in net/sched/sch_netem.c. A local user can escalate privileges on the system.
223) NULL pointer dereference (CVE-ID: CVE-2024-46803)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the debug_event_write_work_handler() and kfd_dbg_trap_disable() functions in drivers/gpu/drm/amd/amdkfd/kfd_debug.c. A local user can perform a denial of service (DoS) attack.
224) Improper locking (CVE-ID: CVE-2024-44995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hns3_reset_notify_uninit_enet() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.
225) Out-of-bounds read (CVE-ID: CVE-2024-46813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dc_get_link_at_index() function in drivers/gpu/drm/amd/display/dc/core/dc_link_exports.c. A local user can perform a denial of service (DoS) attack.
226) NULL pointer dereference (CVE-ID: CVE-2024-46819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nbio_v7_4_handle_ras_controller_intr_no_bifring() function in drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c. A local user can perform a denial of service (DoS) attack.
227) Input validation error (CVE-ID: CVE-2024-46818)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the is_pin_busy(), set_pin_busy(), set_pin_free(), dal_gpio_service_lock() and dal_gpio_service_unlock() functions in drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c. A local user can perform a denial of service (DoS) attack.
228) Resource management error (CVE-ID: CVE-2024-46817)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_dm_initialize_drm_device() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
229) Resource management error (CVE-ID: CVE-2024-46816)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_dm_initialize_drm_device() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
230) Input validation error (CVE-ID: CVE-2024-46815)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the build_watermark_ranges() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dcn21/rn_clk_mgr.c. A local user can perform a denial of service (DoS) attack.
231) Input validation error (CVE-ID: CVE-2024-46814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hdmi_14_process_transaction() and dp_11_process_transaction() functions in drivers/gpu/drm/amd/display/dc/hdcp/hdcp_msg.c. A local user can perform a denial of service (DoS) attack.
232) Input validation error (CVE-ID: CVE-2024-46812)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ModeSupportAndSystemConfiguration() function in drivers/gpu/drm/amd/display/dc/dml/display_mode_vba.c. A local user can perform a denial of service (DoS) attack.
233) Resource management error (CVE-ID: CVE-2024-46804)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the read() and write() functions in drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c. A local user can perform a denial of service (DoS) attack.
234) Reachable assertion (CVE-ID: CVE-2024-46811)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the dcn321_update_bw_bounding_box_fpu() function in drivers/gpu/drm/amd/display/dc/dml/dcn321/dcn321_fpu.c, within the dcn32_update_bw_bounding_box_fpu() function in drivers/gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c, within the dcn303_fpu_update_bw_bounding_box() function in drivers/gpu/drm/amd/display/dc/dml/dcn303/dcn303_fpu.c, within the dcn302_fpu_update_bw_bounding_box() function in drivers/gpu/drm/amd/display/dc/dml/dcn302/dcn302_fpu.c. A local user can perform a denial of service (DoS) attack.
235) NULL pointer dereference (CVE-ID: CVE-2024-46810)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tc_irq_handler() function in drivers/gpu/drm/bridge/tc358767.c. A local user can perform a denial of service (DoS) attack.
236) Improper error handling (CVE-ID: CVE-2024-46809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the get_ss_info_v3_1(), get_ss_info_from_internal_ss_info_tbl_V2_1(), get_ss_info_from_ss_info_table(), get_ss_entry_number_from_ss_info_tbl(), get_ss_entry_number_from_internal_ss_info_tbl_v2_1() and get_ss_entry_number_from_internal_ss_info_tbl_V3_1() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser.c. A local user can perform a denial of service (DoS) attack.
237) NULL pointer dereference (CVE-ID: CVE-2024-46807)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_device_recover_vram() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
238) Resource management error (CVE-ID: CVE-2024-46806)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the aqua_vanjaram_switch_partition_mode() function in drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c. A local user can perform a denial of service (DoS) attack.
239) NULL pointer dereference (CVE-ID: CVE-2024-46805)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the psp_xgmi_reflect_topology_info() function in drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c. A local user can perform a denial of service (DoS) attack.
240) Use-after-free (CVE-ID: CVE-2024-45016)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the netem_enqueue() function in net/sched/sch_netem.c. A local user can escalate privileges on the system.
241) Memory leak (CVE-ID: CVE-2024-44964)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the idpf_rx_init_buf_tail(), idpf_vport_open(), idpf_init_task(), idpf_initiate_soft_reset() and idpf_open() functions in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can perform a denial of service (DoS) attack.
242) NULL pointer dereference (CVE-ID: CVE-2024-26943)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nouveau_dmem_evict_chunk() function in drivers/gpu/drm/nouveau/nouveau_dmem.c. A local user can perform a denial of service (DoS) attack.
243) Buffer overflow (CVE-ID: CVE-2024-36920)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mpi3mr_bsg_process_mpt_cmds() function in drivers/scsi/mpi3mr/mpi3mr_app.c. A local user can perform a denial of service (DoS) attack.
244) Information disclosure (CVE-ID: CVE-2024-26953)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the esp_req_sg(), esp_ssg_unref(), esp_output_done() and esp6_output_tail() functions in net/ipv6/esp6.c, within the esp_req_sg(), esp_ssg_unref(), esp_output_done() and esp_output_tail() functions in net/ipv4/esp4.c. A local user can gain access to sensitive information.
245) Incorrect calculation (CVE-ID: CVE-2024-27017)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to incorrect calculation within the nft_pipapo_walk() function in net/netfilter/nft_set_pipapo.c, within the nft_map_deactivate(), nf_tables_bind_set(), nft_map_activate(), nf_tables_dump_set(), nft_set_flush() and nf_tables_check_loops() functions in net/netfilter/nf_tables_api.c. A local user can manipulate data.
246) Resource management error (CVE-ID: CVE-2024-27026)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmxnet3_process_xdp() function in drivers/net/vmxnet3/vmxnet3_xdp.c. A local user can perform a denial of service (DoS) attack.
247) Use-after-free (CVE-ID: CVE-2024-27043)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dvb_register_device() function in drivers/media/dvb-core/dvbdev.c. A local user can escalate privileges on the system.
248) Buffer overflow (CVE-ID: CVE-2024-27407)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mi_enum_attr() function in fs/ntfs3/record.c. A local user can perform a denial of service (DoS) attack.
249) Use of uninitialized resource (CVE-ID: CVE-2024-35888)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ip6erspan_rcv() function in net/ipv6/ip6_gre.c, within the erspan_rcv() function in net/ipv4/ip_gre.c. A local user can perform a denial of service (DoS) attack.
250) Integer underflow (CVE-ID: CVE-2024-35980)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the arch/arm64/include/asm/tlbflush.h. A local user can execute arbitrary code.
251) Reachable Assertion (CVE-ID: CVE-2024-36000)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the alloc_huge_page() function in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.
252) Input validation error (CVE-ID: CVE-2024-36031)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __key_instantiate_and_link() function in security/keys/key.c. A local user can perform a denial of service (DoS) attack.
253) Resource management error (CVE-ID: CVE-2024-36244)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the parse_taprio_schedule() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
254) Reachable assertion (CVE-ID: CVE-2024-36484)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the __inet_accept() function in net/ipv4/af_inet.c. A local user can perform a denial of service (DoS) attack.
255) Out-of-bounds read (CVE-ID: CVE-2024-36883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the net_alloc_generic() and register_pernet_operations() functions in net/core/net_namespace.c. A local user can perform a denial of service (DoS) attack.
256) Use-after-free (CVE-ID: CVE-2024-36886)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a use-after-free error within the tipc_buf_append() function in net/tipc/msg.c when processing fragmented TIPC messages. A remote attacker can send specially crafted packets to the system, trigger a use-after-free error and execute arbitrary code on the system in the context of the kernel.
257) Race condition (CVE-ID: CVE-2024-36905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the tcp_send_fin() function in net/ipv4/tcp_output.c, within the tcp_rcv_state_process() function in net/ipv4/tcp_input.c, within the tcp_shutdown() and __tcp_close() functions in net/ipv4/tcp.c. A local user can perform a denial of service (DoS) attack.
258) Use of uninitialized resource (CVE-ID: CVE-2024-36927)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the raw_sendmsg() function in net/ipv4/raw.c, within the __ip_make_skb() function in net/ipv4/ip_output.c. A local user can perform a denial of service (DoS) attack.
259) Resource management error (CVE-ID: CVE-2024-44958)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sched_cpu_deactivate() function in kernel/sched/core.c. A local user can perform a denial of service (DoS) attack.
260) Memory leak (CVE-ID: CVE-2024-41023)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the enqueue_task_dl() function in kernel/sched/deadline.c. A local user can perform a denial of service (DoS) attack.
261) Use-after-free (CVE-ID: CVE-2024-44932)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the idpf_vport_intr_napi_dis_all() and idpf_vport_intr_rel() functions in drivers/net/ethernet/intel/idpf/idpf_txrx.c, within the idpf_vport_stop(), idpf_vport_open() and idpf_send_map_unmap_queue_vector_msg() functions in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can escalate privileges on the system.
262) Buffer overflow (CVE-ID: CVE-2024-42145)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the MODULE_AUTHOR(), __get_agent(), send_handler(), recv_handler() and ib_umad_read() functions in drivers/infiniband/core/user_mad.c. A local user can perform a denial of service (DoS) attack.
263) Integer overflow (CVE-ID: CVE-2024-42102)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the wb_dirty_limits() function in mm/page-writeback.c. A local user can execute arbitrary code.
264) Resource management error (CVE-ID: CVE-2024-41082)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nvmf_reg_read32(), nvmf_reg_read64() and nvmf_reg_write32() functions in drivers/nvme/host/fabrics.c. A local user can perform a denial of service (DoS) attack.
265) Improper locking (CVE-ID: CVE-2024-41047)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the i40e_xdp_setup() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
266) Resource management error (CVE-ID: CVE-2024-41031)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the do_sync_mmap_readahead() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.
267) Out-of-bounds read (CVE-ID: CVE-2024-41016)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ocfs2_xattr_find_entry() function in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.
268) Memory leak (CVE-ID: CVE-2024-36954)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tipc_buf_append() function in net/tipc/msg.c. A local user can perform a denial of service (DoS) attack.
269) Improper error handling (CVE-ID: CVE-2024-40914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the unpoison_memory() function in mm/memory-failure.c. A local user can perform a denial of service (DoS) attack.
270) Out-of-bounds read (CVE-ID: CVE-2024-38599)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_jffs2_setxattr() function in fs/jffs2/xattr.c. A local user can perform a denial of service (DoS) attack.
271) Improper locking (CVE-ID: CVE-2024-38589)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nr_add_node() and nr_del_node() functions in net/netrom/nr_route.c. A local user can perform a denial of service (DoS) attack.
272) Buffer overflow (CVE-ID: CVE-2024-38577)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kernel/rcu/tasks.h. A local user can escalate privileges on the system.
273) Buffer overflow (CVE-ID: CVE-2024-38576)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kernel/rcu/tree_stall.h. A local user can escalate privileges on the system.
274) Division by zero (CVE-ID: CVE-2024-36968)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the sco_sock_clear_timer() and sco_conn_add() functions in net/bluetooth/sco.c, within the l2cap_finish_move(), l2cap_rx_state_wait_f() and l2cap_conn_add() functions in net/bluetooth/l2cap_core.c, within the iso_sock_sendmsg() function in net/bluetooth/iso.c, within the hci_cc_read_buffer_size(), hci_cc_le_read_buffer_size(), hci_cs_create_conn(), hci_conn_complete_evt(), hci_conn_request_evt(), hci_cc_le_read_buffer_size_v2(), le_conn_complete_evt(), hci_le_cis_req_evt(), hci_le_big_sync_established_evt() and hci_le_big_info_adv_report_evt() functions in net/bluetooth/hci_event.c, within the hci_conn_add(), hci_conn_add_unset(), hci_connect_le(), hci_add_bis(), hci_connect_le_scan(), hci_connect_acl(), hci_connect_sco(), hci_bind_cis() and hci_iso_qos_setup() functions in net/bluetooth/hci_conn.c. A local user can perform a denial of service (DoS) attack.
275) NULL pointer dereference (CVE-ID: CVE-2024-49901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_gpu_init() function in drivers/gpu/drm/msm/msm_gpu.c, within the adreno_gpu_init() function in drivers/gpu/drm/msm/adreno/adreno_gpu.c. A local user can perform a denial of service (DoS) attack.
276) Use-after-free (CVE-ID: CVE-2024-49903)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the jfs_issue_discard() and jfs_ioc_trim() functions in fs/jfs/jfs_discard.c. A local user can escalate privileges on the system.
277) NULL pointer dereference (CVE-ID: CVE-2024-53200)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hwss_setup_dpp() function in drivers/gpu/drm/amd/display/dc/core/dc_hw_sequencer.c. A local user can perform a denial of service (DoS) attack.
278) Double free (CVE-ID: CVE-2024-50215)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the nvmet_setup_dhgroup() function in drivers/nvme/target/auth.c. A local user can perform a denial of service (DoS) attack.
279) Input validation error (CVE-ID: CVE-2024-50187)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vc4_perfmon_open_file() and vc4_perfmon_close_file() functions in drivers/gpu/drm/vc4/vc4_perfmon.c. A local user can perform a denial of service (DoS) attack.
280) Buffer overflow (CVE-ID: CVE-2024-50188)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the dp83869_configure_fiber() function in drivers/net/phy/dp83869.c. A local user can escalate privileges on the system.
281) Buffer overflow (CVE-ID: CVE-2024-50189)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the amd_sfh_hid_client_init() and amd_sfh_hid_client_deinit() functions in drivers/hid/amd-sfh-hid/amd_sfh_client.c. A local user can perform a denial of service (DoS) attack.
282) Resource management error (CVE-ID: CVE-2024-50192)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the its_build_vmapp_cmd(), its_vpe_set_affinity() and its_vpe_init() functions in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.
283) Buffer overflow (CVE-ID: CVE-2024-50194)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the arch_uprobe_analyze_insn() and arch_uprobe_skip_sstep() functions in arch/arm64/kernel/probes/uprobes.c. A local user can perform a denial of service (DoS) attack.
284) Resource management error (CVE-ID: CVE-2024-50195)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pc_clock_settime() function in kernel/time/posix-clock.c. A local user can perform a denial of service (DoS) attack.
285) Infinite loop (CVE-ID: CVE-2024-50196)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the ocelot_irq_handler() function in drivers/pinctrl/pinctrl-ocelot.c. A local user can perform a denial of service (DoS) attack.
286) NULL pointer dereference (CVE-ID: CVE-2024-50198)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the in_illuminance_period_available_show() function in drivers/iio/light/veml6030.c. A local user can perform a denial of service (DoS) attack.
287) Reachable assertion (CVE-ID: CVE-2024-50200)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the mte_node_or_none(), mas_wr_walk(), mas_wr_walk_index() and mas_wr_spanning_store() functions in lib/maple_tree.c. A local user can perform a denial of service (DoS) attack.
288) Resource management error (CVE-ID: CVE-2024-50201)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the radeon_encoder_clones() function in drivers/gpu/drm/radeon/radeon_encoders.c. A local user can perform a denial of service (DoS) attack.
289) Use of uninitialized resource (CVE-ID: CVE-2024-50205)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the apply_constraint_to_size() function in sound/firewire/amdtp-stream.c. A local user can perform a denial of service (DoS) attack.
290) Buffer overflow (CVE-ID: CVE-2024-50208)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the bnxt_qplib_alloc_init_hwq() function in drivers/infiniband/hw/bnxt_re/qplib_res.c. A local user can escalate privileges on the system.
291) Buffer overflow (CVE-ID: CVE-2024-50209)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bnxt_qplib_alloc_init_hwq() function in drivers/infiniband/hw/bnxt_re/qplib_res.c. A local user can perform a denial of service (DoS) attack.
292) Improper locking (CVE-ID: CVE-2024-50210)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pc_clock_settime() function in kernel/time/posix-clock.c. A local user can perform a denial of service (DoS) attack.
293) Use of uninitialized resource (CVE-ID: CVE-2024-50216)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the xfs_filestream_pick_ag() and !() functions in fs/xfs/xfs_filestream.c. A local user can perform a denial of service (DoS) attack.
294) Resource management error (CVE-ID: CVE-2024-50184)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the virtio_pmem_flush() function in drivers/nvdimm/nd_virtio.c. A local user can perform a denial of service (DoS) attack.
295) Input validation error (CVE-ID: CVE-2024-50218)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ocfs2_remove_inode_range() function in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.
296) Out-of-bounds read (CVE-ID: CVE-2024-50221)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vangogh_tables_init() function in drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c. A local user can perform a denial of service (DoS) attack.
297) NULL pointer dereference (CVE-ID: CVE-2024-50224)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dspi_setup() function in drivers/spi/spi-fsl-dspi.c. A local user can perform a denial of service (DoS) attack.
298) NULL pointer dereference (CVE-ID: CVE-2024-50225)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_bio_init() and __btrfs_bio_end_io() functions in fs/btrfs/bio.c. A local user can perform a denial of service (DoS) attack.
299) Improper locking (CVE-ID: CVE-2024-50229)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_symlink() function in fs/nilfs2/namei.c. A local user can perform a denial of service (DoS) attack.
300) Input validation error (CVE-ID: CVE-2024-50230)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nilfs_clear_dirty_page() function in fs/nilfs2/page.c. A local user can perform a denial of service (DoS) attack.
301) Memory leak (CVE-ID: CVE-2024-50231)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iio_gts_build_avail_scale_table() function in drivers/iio/industrialio-gts-helper.c. A local user can perform a denial of service (DoS) attack.
302) Division by zero (CVE-ID: CVE-2024-50232)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ad7124_write_raw() function in drivers/iio/adc/ad7124.c. A local user can perform a denial of service (DoS) attack.
303) Division by zero (CVE-ID: CVE-2024-50233)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ad9832_calc_freqreg() function in drivers/staging/iio/frequency/ad9832.c. A local user can perform a denial of service (DoS) attack.
304) Improper locking (CVE-ID: CVE-2024-50234)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the il_pci_resume() function in drivers/net/wireless/intel/iwlegacy/common.c. A local user can perform a denial of service (DoS) attack.
305) Double free (CVE-ID: CVE-2024-50235)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the _cfg80211_unregister_wdev() function in net/wireless/core.c. A local user can perform a denial of service (DoS) attack.
306) Memory leak (CVE-ID: CVE-2024-50236)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wmi_process_mgmt_tx_comp() and ath10k_wmi_mgmt_tx_clean_up_pending() functions in drivers/net/wireless/ath/ath10k/wmi.c, within the ath10k_wmi_tlv_op_cleanup_mgmt_tx_send() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can perform a denial of service (DoS) attack.
307) Use of uninitialized resource (CVE-ID: CVE-2024-50237)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ieee80211_get_tx_power() function in net/mac80211/cfg.c. A local user can perform a denial of service (DoS) attack.
308) NULL pointer dereference (CVE-ID: CVE-2024-50240)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qmp_usb_probe() function in drivers/phy/qualcomm/phy-qcom-qmp-usb.c. A local user can perform a denial of service (DoS) attack.
309) NULL pointer dereference (CVE-ID: CVE-2024-50186)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __sock_create() function in net/socket.c. A local user can perform a denial of service (DoS) attack.
310) Improper locking (CVE-ID: CVE-2024-50183)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_vport_delete() function in drivers/scsi/lpfc/lpfc_vport.c, within the lpfc_cmpl_ct() function in drivers/scsi/lpfc/lpfc_ct.c. A local user can perform a denial of service (DoS) attack.
311) Buffer overflow (CVE-ID: CVE-2024-50246)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mi_enum_attr() function in fs/ntfs3/record.c. A local user can perform a denial of service (DoS) attack.
312) Improper locking (CVE-ID: CVE-2024-50155)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nsim_dev_trap_report_work() and nsim_dev_traps_init() functions in drivers/net/netdevsim/dev.c. A local user can perform a denial of service (DoS) attack.
313) Use-after-free (CVE-ID: CVE-2024-50130)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_hook_run_bpf(), bpf_nf_link_release() and bpf_nf_link_attach() functions in net/netfilter/nf_bpf_link.c. A local user can escalate privileges on the system.
314) Improper error handling (CVE-ID: CVE-2024-50131)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the traceprobe_parse_event_name() function in kernel/trace/trace_probe.c. A local user can perform a denial of service (DoS) attack.
315) Buffer overflow (CVE-ID: CVE-2024-50134)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the hgsmi_update_pointer_shape() function in drivers/gpu/drm/vboxvideo/hgsmi_base.c. A local user can perform a denial of service (DoS) attack.
316) Improper locking (CVE-ID: CVE-2024-50135)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_pci_nr_maps() and nvme_reset_work() functions in drivers/nvme/host/pci.c. A local user can perform a denial of service (DoS) attack.
317) Resource management error (CVE-ID: CVE-2024-50136)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mlx5_eswitch_enable_locked() function in drivers/net/ethernet/mellanox/mlx5/core/eswitch.c. A local user can perform a denial of service (DoS) attack.
318) Improper locking (CVE-ID: CVE-2024-50138)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the bpf_ringbuf_alloc() and __bpf_ringbuf_reserve() functions in kernel/bpf/ringbuf.c. A local user can perform a denial of service (DoS) attack.
319) Out-of-bounds read (CVE-ID: CVE-2024-50139)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the reset_clidr() function in arch/arm64/kvm/sys_regs.c. A local user can perform a denial of service (DoS) attack.
320) Improper locking (CVE-ID: CVE-2024-50141)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the efi_pa_va_lookup(), acpi_parse_prmt() and acpi_platformrt_space_handler() functions in drivers/acpi/prmt.c. A local user can perform a denial of service (DoS) attack.
321) NULL pointer dereference (CVE-ID: CVE-2024-50145)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the octep_oq_next_pkt() and __octep_oq_process_rx() functions in drivers/net/ethernet/marvell/octeon_ep/octep_rx.c. A local user can perform a denial of service (DoS) attack.
322) NULL pointer dereference (CVE-ID: CVE-2024-50146)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the _mlx5e_remove() function in drivers/net/ethernet/mellanox/mlx5/core/en_main.c. A local user can perform a denial of service (DoS) attack.
323) NULL pointer dereference (CVE-ID: CVE-2024-50147)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_cmd_comp_handler(), mlx5_cmd_trigger_completions() and mlx5_cmd_enable() functions in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.
324) Resource management error (CVE-ID: CVE-2024-50148)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bnep_init() function in net/bluetooth/bnep/core.c. A local user can perform a denial of service (DoS) attack.
325) Use-after-free (CVE-ID: CVE-2024-50150)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the typec_altmode_release() and typec_register_altmode() functions in drivers/usb/typec/class.c. A local user can escalate privileges on the system.
326) Use-after-free (CVE-ID: CVE-2024-50153)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the target_alloc_device() function in drivers/target/target_core_device.c. A local user can escalate privileges on the system.
327) NULL pointer dereference (CVE-ID: CVE-2024-50156)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_disp_state_dump_regs() and msm_disp_state_print() functions in drivers/gpu/drm/msm/disp/msm_disp_snapshot_util.c. A local user can perform a denial of service (DoS) attack.
328) Buffer overflow (CVE-ID: CVE-2024-50182)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYSCALL_DEFINE1() and secretmem_init() functions in mm/secretmem.c. A local user can perform a denial of service (DoS) attack.
329) Memory leak (CVE-ID: CVE-2024-50172)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bnxt_re_setup_chip_ctx() function in drivers/infiniband/hw/bnxt_re/main.c. A local user can perform a denial of service (DoS) attack.
330) Input validation error (CVE-ID: CVE-2024-50181)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the imx7d_clocks_init() function in drivers/clk/imx/clk-imx7d.c. A local user can perform a denial of service (DoS) attack.
331) Buffer overflow (CVE-ID: CVE-2024-50180)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the sisfb_search_mode() function in drivers/video/fbdev/sis/sis_main.c. A local user can escalate privileges on the system.
332) Input validation error (CVE-ID: CVE-2024-50179)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ceph_set_page_dirty() function in fs/ceph/addr.c. A local user can perform a denial of service (DoS) attack.
333) Out-of-bounds read (CVE-ID: CVE-2024-50177)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dml_core_mode_support() and dml_core_mode_programming() functions in drivers/gpu/drm/amd/display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c. A local user can perform a denial of service (DoS) attack.
334) Improper error handling (CVE-ID: CVE-2024-50176)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dev_err() and rproc_del() functions in drivers/remoteproc/ti_k3_r5_remoteproc.c. A local user can perform a denial of service (DoS) attack.
335) Improper locking (CVE-ID: CVE-2024-50175)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the video_stop_streaming() function in drivers/media/platform/qcom/camss/camss-video.c. A local user can perform a denial of service (DoS) attack.
336) Memory leak (CVE-ID: CVE-2024-50171)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm_sysport_xmit() function in drivers/net/ethernet/broadcom/bcmsysport.c. A local user can perform a denial of service (DoS) attack.
337) Improper locking (CVE-ID: CVE-2024-50157)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the is_dbr_fifo_full() and __wait_for_fifo_occupancy_below_th() functions in drivers/infiniband/hw/bnxt_re/main.c. A local user can perform a denial of service (DoS) attack.
338) Improper locking (CVE-ID: CVE-2024-50169)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the virtio_transport_read_skb() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.
339) Memory leak (CVE-ID: CVE-2024-50167)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the be_xmit() function in drivers/net/ethernet/emulex/benet/be_main.c. A local user can perform a denial of service (DoS) attack.
340) Memory leak (CVE-ID: CVE-2024-50166)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mac_probe() and mac_remove() functions in drivers/net/ethernet/freescale/fman/mac.c. A local user can perform a denial of service (DoS) attack.
341) NULL pointer dereference (CVE-ID: CVE-2024-50160)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dolphin_fixups() function in sound/pci/hda/patch_cs8409.c. A local user can perform a denial of service (DoS) attack.
342) Use-after-free (CVE-ID: CVE-2024-50159)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the scmi_debugfs_common_setup() function in drivers/firmware/arm_scmi/driver.c. A local user can escalate privileges on the system.
343) Out-of-bounds read (CVE-ID: CVE-2024-50158)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bnxt_re_ib_get_hw_stats() function in drivers/infiniband/hw/bnxt_re/hw_counters.c. A local user can perform a denial of service (DoS) attack.
344) Improper locking (CVE-ID: CVE-2024-50245)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ntfs_lookup() function in fs/ntfs3/namei.c. A local user can perform a denial of service (DoS) attack.
345) Input validation error (CVE-ID: CVE-2024-50248)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to boundary error within the mi_enum_attr() function in fs/ntfs3/record.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
346) Use-after-free (CVE-ID: CVE-2024-50127)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the taprio_change() function in net/sched/sch_taprio.c. A local user can escalate privileges on the system.
347) Resource management error (CVE-ID: CVE-2024-53094)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the siw_tcp_sendpages() function in drivers/infiniband/sw/siw/siw_qp_tx.c. A local user can perform a denial of service (DoS) attack.
348) NULL pointer dereference (CVE-ID: CVE-2024-53060)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_atif_call() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c. A local user can perform a denial of service (DoS) attack.
349) Buffer overflow (CVE-ID: CVE-2024-53061)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the exynos4_jpeg_parse_decode_h_tbl(), get_word_be() and s5p_jpeg_parse_hdr() functions in drivers/media/platform/s5p-jpeg/jpeg-core.c. A local user can escalate privileges on the system.
350) Resource management error (CVE-ID: CVE-2024-53063)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the DECLARE_RWSEM() and dvb_register_device() functions in drivers/media/dvb-core/dvbdev.c. A local user can perform a denial of service (DoS) attack.
351) Use of uninitialized resource (CVE-ID: CVE-2024-53066)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nfs_fattr_init() function in fs/nfs/inode.c. A local user can perform a denial of service (DoS) attack.
352) Use-after-free (CVE-ID: CVE-2024-53068)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL(), __scmi_device_destroy() and __scmi_device_create() functions in drivers/firmware/arm_scmi/bus.c. A local user can escalate privileges on the system.
353) Resource management error (CVE-ID: CVE-2024-53072)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amd_pmc_s2d_init() function in drivers/platform/x86/amd/pmc.c. A local user can perform a denial of service (DoS) attack.
354) Memory leak (CVE-ID: CVE-2024-53074)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iwl_mvm_mac_remove_interface() function in drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c. A local user can perform a denial of service (DoS) attack.
355) Memory leak (CVE-ID: CVE-2024-53076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iio_gts_build_avail_scale_table() function in drivers/iio/industrialio-gts-helper.c. A local user can perform a denial of service (DoS) attack.
356) Improper locking (CVE-ID: CVE-2024-53079)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the destroy_large_folio() function in mm/page_alloc.c, within the mem_cgroup_move_account(), mem_cgroup_move_charge_pte_range(), uncharge_folio() and mem_cgroup_swapout() functions in mm/memcontrol.c, within the __folio_undo_large_rmappable() and deferred_split_folio() functions in mm/huge_memory.c. A local user can perform a denial of service (DoS) attack.
357) Integer overflow (CVE-ID: CVE-2024-53081)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the calc_pll() function in drivers/media/i2c/ar0521.c. A local user can execute arbitrary code.
358) Input validation error (CVE-ID: CVE-2024-53082)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the virtnet_probe() function in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
359) Improper locking (CVE-ID: CVE-2024-53085)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tpm_pm_suspend() and tpm_get_random() functions in drivers/char/tpm/tpm-interface.c, within the tpm_hwrng_read() function in drivers/char/tpm/tpm-chip.c. A local user can perform a denial of service (DoS) attack.
360) Memory leak (CVE-ID: CVE-2024-53088)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the i40e_count_filters(), i40e_correct_mac_vlan_filters(), i40e_correct_vf_mac_vlan_filters(), i40e_aqc_broadcast_filter() and i40e_sync_vsi_filters() functions in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
361) Improper locking (CVE-ID: CVE-2024-53093)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_add_ns_head_cdev(), nvme_mpath_alloc_disk(), nvme_mpath_set_live(), nvme_mpath_shutdown_disk() and nvme_mpath_remove_disk() functions in drivers/nvme/host/multipath.c. A local user can perform a denial of service (DoS) attack.
362) Memory leak (CVE-ID: CVE-2024-53096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the do_munmap(), mmap_region(), vma_set_page_prot() and vms_abort_munmap_vmas() functions in mm/mmap.c. A local user can perform a denial of service (DoS) attack.
363) Improper error handling (CVE-ID: CVE-2024-53058)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the stmmac_tso_xmit() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.
364) Improper locking (CVE-ID: CVE-2024-53100)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_tcp_get_address() function in drivers/nvme/host/tcp.c. A local user can perform a denial of service (DoS) attack.
365) Use of uninitialized resource (CVE-ID: CVE-2024-53101)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ocfs2_setattr() function in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.
366) Out-of-bounds write (CVE-ID: CVE-2024-53104)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an out-of-bounds read error within the uvc_parse_format() function in drivers/media/usb/uvc/uvc_driver.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
Note, the vulnerability is being actively exploited in the wild.
367) Buffer overflow (CVE-ID: CVE-2024-53106)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ima_eventdigest_init_common() function in security/integrity/ima/ima_template_lib.c. A local user can perform a denial of service (DoS) attack.
368) Use-after-free (CVE-ID: CVE-2024-53108)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the parse_amd_vsdb() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can escalate privileges on the system.
369) Buffer overflow (CVE-ID: CVE-2024-53110)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vp_vdpa_probe() function in drivers/vdpa/virtio_pci/vp_vdpa.c. A local user can perform a denial of service (DoS) attack.
370) Improper locking (CVE-ID: CVE-2024-53112)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ocfs2_commit_trans() function in fs/ocfs2/resize.c. A local user can perform a denial of service (DoS) attack.
371) Input validation error (CVE-ID: CVE-2024-53114)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the init_amd_zen4() function in arch/x86/kernel/cpu/amd.c. A local user can perform a denial of service (DoS) attack.
372) Memory leak (CVE-ID: CVE-2024-53121)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lookup_fte_locked() function in drivers/net/ethernet/mellanox/mlx5/core/fs_core.c. A local user can perform a denial of service (DoS) attack.
373) Incorrect calculation (CVE-ID: CVE-2024-53138)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the tx_sync_info_get(), mlx5e_ktls_tx_handle_resync_dump_comp() and mlx5e_ktls_tx_handle_ooo() functions in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_tx.c. A local user can perform a denial of service (DoS) attack.
374) Insecure temporary file (CVE-ID: CVE-2024-54661)
The vulnerability allows a local user to overwrite arbitrary files on the system.
The vulnerability exists due to usage of a predictable temporary file name in readline.sh. A local user can create a symbolic link from the temporary file to an arbitrary files on the system and overwrite it with the application's output, corrupting the file.
375) Information disclosure (CVE-ID: CVE-2024-11053)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to an error when using a .netrc file for credentials and an instruction to follow HTTP redirects. The cURL library can leak credentials intended for the first URL prior to redirection. This however will only occur if the .netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.
376) Incorrect Regular Expression (CVE-ID: CVE-2024-21538)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
377) Input validation error (CVE-ID: CVE-2024-53059)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the iwl_mvm_disconnect_iterator() and iwl_mvm_send_recovery_cmd() functions in drivers/net/wireless/intel/iwlwifi/mvm/fw.c. A local user can perform a denial of service (DoS) attack.
378) NULL pointer dereference (CVE-ID: CVE-2024-53056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_crtc_destroy() function in drivers/gpu/drm/mediatek/mtk_crtc.c. A local user can perform a denial of service (DoS) attack.
379) Improper locking (CVE-ID: CVE-2024-50249)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the acpi_cppc_processor_probe() and cpc_write() functions in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.
380) Double free (CVE-ID: CVE-2024-50276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mse102x_tx_frame_spi() function in drivers/net/ethernet/vertexcom/mse102x.c. A local user can perform a denial of service (DoS) attack.
381) Buffer overflow (CVE-ID: CVE-2024-50250)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the dax_unshare_iter() function in fs/dax.c. A local user can escalate privileges on the system.
382) Memory leak (CVE-ID: CVE-2024-50252)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlxsw_sp_ipip_ol_netdev_change_gre6() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_ipip.c. A local user can perform a denial of service (DoS) attack.
383) NULL pointer dereference (CVE-ID: CVE-2024-50255)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __hci_cmd_sync_sk() and __hci_cmd_sync_status_sk() functions in net/bluetooth/hci_sync.c. A local user can perform a denial of service (DoS) attack.
384) Use-after-free (CVE-ID: CVE-2024-50257)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xt_find_table_lock() function in net/netfilter/x_tables.c. A local user can escalate privileges on the system.
385) Use-after-free (CVE-ID: CVE-2024-50261)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the macsec_free_netdev() function in drivers/net/macsec.c. A local user can escalate privileges on the system.
386) Use-after-free (CVE-ID: CVE-2024-50264)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the virtio_transport_destruct() function in net/vmw_vsock/virtio_transport_common.c. A local user can escalate privileges on the system.
387) Memory leak (CVE-ID: CVE-2024-50265)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ocfs2_xa_remove() function in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.
388) Use-after-free (CVE-ID: CVE-2024-50267)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the edge_bulk_out_data_callback() and edge_bulk_out_cmd_callback() functions in drivers/usb/serial/io_edgeport.c. A local user can escalate privileges on the system.
389) Out-of-bounds read (CVE-ID: CVE-2024-50268)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ucsi_ccg_update_set_new_cam_cmd() function in drivers/usb/typec/ucsi/ucsi_ccg.c. A local user can perform a denial of service (DoS) attack.
390) Improper resource shutdown or release (CVE-ID: CVE-2024-50269)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the sunxi_musb_exit() function in drivers/usb/musb/sunxi.c. A local user can perform a denial of service (DoS) attack.
391) Improper locking (CVE-ID: CVE-2024-50271)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dec_rlimit_put_ucounts() and inc_rlimit_get_ucounts() functions in kernel/ucount.c, within the __sigqueue_alloc() function in kernel/signal.c. A local user can perform a denial of service (DoS) attack.
392) NULL pointer dereference (CVE-ID: CVE-2024-50273)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the insert_delayed_ref() function in fs/btrfs/delayed-ref.c. A local user can perform a denial of service (DoS) attack.
393) Improper locking (CVE-ID: CVE-2024-50274)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the idpf_handle_event_link() function in drivers/net/ethernet/intel/idpf/idpf_virtchnl.c, within the idpf_initiate_soft_reset() function in drivers/net/ethernet/intel/idpf/idpf_lib.c, within the idpf_set_msglevel() function in drivers/net/ethernet/intel/idpf/idpf_ethtool.c. A local user can perform a denial of service (DoS) attack.
394) Resource management error (CVE-ID: CVE-2024-50275)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sve_init_regs() function in arch/arm64/kernel/fpsimd.c. A local user can perform a denial of service (DoS) attack.
395) Buffer overflow (CVE-ID: CVE-2024-50282)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the amdgpu_debugfs_regs_smc_read() function in drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c. A local user can escalate privileges on the system.
396) Infinite loop (CVE-ID: CVE-2024-53055)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the iwl_mvm_umac_scan_cfg_channels_v6_6g() function in drivers/net/wireless/intel/iwlwifi/mvm/scan.c. A local user can perform a denial of service (DoS) attack.
397) Memory leak (CVE-ID: CVE-2024-50302)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hid_alloc_report_buf() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.
Note, the vulnerability is being actively exploited in the wild against Android devices.
398) Improper locking (CVE-ID: CVE-2024-53052)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the io_write_prep() and io_write() functions in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
399) NULL pointer dereference (CVE-ID: CVE-2024-53051)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the intel_hdcp_read_valid_bksv() function in drivers/gpu/drm/i915/display/intel_hdcp.c. A local user can perform a denial of service (DoS) attack.
400) Improper Initialization (CVE-ID: CVE-2024-53048)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the ARRAY_SIZE() and ice_cgu_get_pin_desc() functions in drivers/net/ethernet/intel/ice/ice_ptp_hw.c, within the ice_dpll_init_worker() and ice_dpll_init_info_direct_pins() functions in drivers/net/ethernet/intel/ice/ice_dpll.c. A local user can perform a denial of service (DoS) attack.
401) Resource management error (CVE-ID: CVE-2024-53045)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dapm_widget_list_create() function in sound/soc/soc-dapm.c. A local user can perform a denial of service (DoS) attack.
402) Input validation error (CVE-ID: CVE-2024-53043)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mctp_i2c_header_create() function in drivers/net/mctp/mctp-i2c.c. A local user can perform a denial of service (DoS) attack.
403) Improper locking (CVE-ID: CVE-2024-53042)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/net/ip_tunnels.h. A local user can perform a denial of service (DoS) attack.
404) Out-of-bounds read (CVE-ID: CVE-2024-50301)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the security/keys/keyring.c. A local user can perform a denial of service (DoS) attack.
405) Division by zero (CVE-ID: CVE-2024-50287)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the tpg_precalculate_line() function in drivers/media/common/v4l2-tpg/v4l2-tpg-core.c. A local user can perform a denial of service (DoS) attack.
406) NULL pointer dereference (CVE-ID: CVE-2024-50298)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the enetc_sriov_configure(), enetc_pf_probe(), free_netdev() and enetc_pf_remove() functions in drivers/net/ethernet/freescale/enetc/enetc_pf.c. A local user can perform a denial of service (DoS) attack.
407) NULL pointer dereference (CVE-ID: CVE-2024-50296)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hnae3_unregister_ae_algo_prepare() function in drivers/net/ethernet/hisilicon/hns3/hnae3.c. A local user can perform a denial of service (DoS) attack.
408) Resource management error (CVE-ID: CVE-2024-50295)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the arc_emac_tx_clean(), arc_emac_rx(), arc_emac_open(), arc_emac_set_rx_mode(), arc_free_tx_queue(), arc_free_rx_queue() and arc_emac_tx() functions in drivers/net/ethernet/arc/emac_main.c. A local user can perform a denial of service (DoS) attack.
409) NULL pointer dereference (CVE-ID: CVE-2024-50292)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the stm32_spdifrx_remove() function in sound/soc/stm/stm32_spdifrx.c. A local user can perform a denial of service (DoS) attack.
410) Integer underflow (CVE-ID: CVE-2024-50290)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the cx24116_read_snr_pct() function in drivers/media/dvb-frontends/cx24116.c. A local user can execute arbitrary code.
411) Input validation error (CVE-ID: CVE-2024-50289)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the CI_handle() and dvb_ca_ioctl() functions in drivers/staging/media/av7110/av7110_ca.c. A local user can perform a denial of service (DoS) attack.
412) Out-of-bounds read (CVE-ID: CVE-2024-50128)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wwan/wwan_core.c. A local user can perform a denial of service (DoS) attack.
413) Use-after-free (CVE-ID: CVE-2024-50125)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the SCO_CONN_TIMEOUT(), sco_sock_timeout() and sco_conn_del() functions in net/bluetooth/sco.c, within the bt_sock_unlink() function in net/bluetooth/af_bluetooth.c. A local user can escalate privileges on the system.
414) NULL pointer dereference (CVE-ID: CVE-2024-49905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the handle_cursor_update() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_plane.c. A local user can perform a denial of service (DoS) attack.
415) Buffer overflow (CVE-ID: CVE-2024-49973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/net/ethernet/realtek/r8169_main.c. A local user can perform a denial of service (DoS) attack.
416) Resource management error (CVE-ID: CVE-2024-49955)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the battery_hook_unregister_unlocked() and battery_hook_register() functions in drivers/acpi/battery.c. A local user can perform a denial of service (DoS) attack.
417) NULL pointer dereference (CVE-ID: CVE-2024-49957)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ocfs2_journal_shutdown() function in fs/ocfs2/journal.c. A local user can perform a denial of service (DoS) attack.
418) Input validation error (CVE-ID: CVE-2024-49958)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ocfs2_reflink_xattr_inline() function in fs/ocfs2/xattr.c, within the __ocfs2_reflink() function in fs/ocfs2/refcounttree.c. A local user can perform a denial of service (DoS) attack.
419) Improper locking (CVE-ID: CVE-2024-49959)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __releases() function in fs/jbd2/checkpoint.c. A local user can perform a denial of service (DoS) attack.
420) Use-after-free (CVE-ID: CVE-2024-49960)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the flush_work() function in fs/ext4/super.c. A local user can escalate privileges on the system.
421) Resource management error (CVE-ID: CVE-2024-49961)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ar0521_power_off() and ar0521_power_on() functions in drivers/media/i2c/ar0521.c. A local user can perform a denial of service (DoS) attack.
422) NULL pointer dereference (CVE-ID: CVE-2024-49962)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the acpi_db_convert_to_package() function in drivers/acpi/acpica/dbconvert.c. A local user can perform a denial of service (DoS) attack.
423) Resource management error (CVE-ID: CVE-2024-49963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bcm2835_mbox_probe() function in drivers/mailbox/bcm2835-mailbox.c. A local user can perform a denial of service (DoS) attack.
424) Improper locking (CVE-ID: CVE-2024-49965)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ocfs2_read_blocks() function in fs/ocfs2/buffer_head_io.c. A local user can perform a denial of service (DoS) attack.
425) Improper error handling (CVE-ID: CVE-2024-49966)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ocfs2_local_read_info() function in fs/ocfs2/quota_local.c. A local user can perform a denial of service (DoS) attack.
426) Input validation error (CVE-ID: CVE-2024-49967)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the do_split() function in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.
427) Input validation error (CVE-ID: CVE-2024-49968)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ext4_feature_set_ok() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
428) Out-of-bounds read (CVE-ID: CVE-2024-49969)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm3_helper_translate_curve_to_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn30/dcn30_cm_common.c. A local user can perform a denial of service (DoS) attack.
429) Use of uninitialized resource (CVE-ID: CVE-2024-49972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the dc_state_create() function in drivers/gpu/drm/amd/display/dc/core/dc_state.c. A local user can perform a denial of service (DoS) attack.
430) Input validation error (CVE-ID: CVE-2024-49974)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nfs4_state_create_net() function in fs/nfsd/nfs4state.c, within the nfs4_put_copy() and nfsd4_copy() functions in fs/nfsd/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
431) Input validation error (CVE-ID: CVE-2024-49953)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5e_ipsec_handle_tx_limit() function in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c. A local user can perform a denial of service (DoS) attack.
432) Memory leak (CVE-ID: CVE-2024-49975)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __create_xol_area() function in kernel/events/uprobes.c. A local user can perform a denial of service (DoS) attack.
433) Improper locking (CVE-ID: CVE-2024-49976)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the stop_kthread() and stop_per_cpu_kthreads() functions in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.
434) Use-after-free (CVE-ID: CVE-2024-49981)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the venus_remove() function in drivers/media/platform/qcom/venus/core.c. A local user can escalate privileges on the system.
435) Use-after-free (CVE-ID: CVE-2024-49982)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ata_rw_frameinit(), aoecmd_ata_rw(), resend(), probe() and aoecmd_ata_id() functions in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.
436) Use-after-free (CVE-ID: CVE-2024-49983)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_ext_replay_update_ex() function in fs/ext4/extents.c. A local user can escalate privileges on the system.
437) Improper locking (CVE-ID: CVE-2024-49985)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the stm32f7_i2c_runtime_suspend() and stm32f7_i2c_runtime_resume() functions in drivers/i2c/busses/i2c-stm32f7.c. A local user can perform a denial of service (DoS) attack.
438) Use-after-free (CVE-ID: CVE-2024-49986)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the x86_android_tablet_probe() function in drivers/platform/x86/x86-android-tablets/core.c. A local user can escalate privileges on the system.
439) NULL pointer dereference (CVE-ID: CVE-2024-49987)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the show_link_netfilter() function in tools/bpf/bpftool/net.c. A local user can perform a denial of service (DoS) attack.
440) Double free (CVE-ID: CVE-2024-49989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the link_destruct() function in drivers/gpu/drm/amd/display/dc/link/link_factory.c. A local user can perform a denial of service (DoS) attack.
441) Use-after-free (CVE-ID: CVE-2024-49991)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pqm_clean_queue_resource() function in drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c, within the kfd_process_destroy_pdds() function in drivers/gpu/drm/amd/amdkfd/kfd_process.c, within the kfd_free_mqd_cp() function in drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager.c, within the deallocate_hiq_sdma_mqd() function in drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c, within the kfd_gtt_sa_fini() and kgd2kfd_device_exit() functions in drivers/gpu/drm/amd/amdkfd/kfd_device.c, within the kfd_ioctl_create_queue() function in drivers/gpu/drm/amd/amdkfd/kfd_chardev.c, within the amdgpu_amdkfd_free_gtt_mem() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c. A local user can escalate privileges on the system.
442) Improper locking (CVE-ID: CVE-2024-49993)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the free_iommu() and raw_spin_lock() functions in drivers/iommu/intel/dmar.c. A local user can perform a denial of service (DoS) attack.
443) Buffer overflow (CVE-ID: CVE-2024-49995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bearer_name_validate() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.
444) Buffer overflow (CVE-ID: CVE-2024-49996)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the parse_reparse_posix() and cifs_reparse_point_to_fattr() functions in fs/smb/client/reparse.c. A local user can escalate privileges on the system.
445) NULL pointer dereference (CVE-ID: CVE-2024-50000)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5e_tir_builder_alloc() function in drivers/net/ethernet/mellanox/mlx5/core/en/tir.c. A local user can perform a denial of service (DoS) attack.
446) Resource management error (CVE-ID: CVE-2024-49954)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the static_call_module_notify() function in kernel/static_call_inline.c. A local user can perform a denial of service (DoS) attack.
447) Buffer overflow (CVE-ID: CVE-2024-49952)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nf_dup_ipv6_route() and nf_dup_ipv6() functions in net/ipv6/netfilter/nf_dup_ipv6.c, within the nf_dup_ipv4() function in net/ipv4/netfilter/nf_dup_ipv4.c. A local user can perform a denial of service (DoS) attack.
448) NULL pointer dereference (CVE-ID: CVE-2024-50002)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the static_call_del_module() function in kernel/static_call_inline.c. A local user can perform a denial of service (DoS) attack.
449) NULL pointer dereference (CVE-ID: CVE-2024-49923)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn21_fast_validate_bw() function in drivers/gpu/drm/amd/display/dc/resource/dcn21/dcn21_resource.c, within the dcn20_fast_validate_bw() function in drivers/gpu/drm/amd/display/dc/resource/dcn20/dcn20_resource.c. A local user can perform a denial of service (DoS) attack.
450) NULL pointer dereference (CVE-ID: CVE-2024-49906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn20_program_pipe() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.
451) NULL pointer dereference (CVE-ID: CVE-2024-49907)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_allow_idle_optimizations() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
452) NULL pointer dereference (CVE-ID: CVE-2024-49908)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_update_cursor() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
453) NULL pointer dereference (CVE-ID: CVE-2024-49909)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn32_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/hwss/dcn32/dcn32_hwseq.c. A local user can perform a denial of service (DoS) attack.
454) NULL pointer dereference (CVE-ID: CVE-2024-49911)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn20_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.
455) NULL pointer dereference (CVE-ID: CVE-2024-49912)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the planes_changed_for_existing_stream() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
456) NULL pointer dereference (CVE-ID: CVE-2024-49913)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the commit_planes_for_stream() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
457) NULL pointer dereference (CVE-ID: CVE-2024-49914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn20_program_pipe() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.
458) NULL pointer dereference (CVE-ID: CVE-2024-49917)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn30_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn30/dcn30_hwseq.c. A local user can perform a denial of service (DoS) attack.
459) NULL pointer dereference (CVE-ID: CVE-2024-49918)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn32_acquire_idle_pipe_for_head_pipe_in_layer() function in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c. A local user can perform a denial of service (DoS) attack.
460) NULL pointer dereference (CVE-ID: CVE-2024-49919)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn201_acquire_free_pipe_for_layer() function in drivers/gpu/drm/amd/display/dc/resource/dcn201/dcn201_resource.c. A local user can perform a denial of service (DoS) attack.
461) NULL pointer dereference (CVE-ID: CVE-2024-49920)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn32_is_center_timing() function in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource_helpers.c, within the dcn32_enable_phantom_plane() function in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c, within the bw_calcs_data_update_from_pplib() function in drivers/gpu/drm/amd/display/dc/resource/dce112/dce112_resource.c, within the reset_dio_stream_encoder() function in drivers/gpu/drm/amd/display/dc/link/hwss/link_hwss_dio.c, within the dp_set_test_pattern() function in drivers/gpu/drm/amd/display/dc/link/accessories/link_dp_cts.c, within the dcn20_post_unlock_program_front_end() and dcn20_wait_for_blank_complete() functions in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c, within the hwss_build_fast_sequence() function in drivers/gpu/drm/amd/display/dc/core/dc_hw_sequencer.c. A local user can perform a denial of service (DoS) attack.
462) NULL pointer dereference (CVE-ID: CVE-2024-49921)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dp_verify_link_cap_with_retries() function in drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_capability.c, within the dcn35_init_hw() and dcn35_calc_blocks_to_gate() functions in drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c, within the dcn31_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn31/dcn31_hwseq.c, within the dcn10_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c, within the dce110_edp_backlight_control() function in drivers/gpu/drm/amd/display/dc/hwss/dce110/dce110_hwseq.c, within the hubp2_is_flip_pending() function in drivers/gpu/drm/amd/display/dc/hubp/dcn20/dcn20_hubp.c, within the hubp1_is_flip_pending() function in drivers/gpu/drm/amd/display/dc/hubp/dcn10/dcn10_hubp.c, within the dce11_pplib_apply_display_requirements() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dce110/dce110_clk_mgr.c. A local user can perform a denial of service (DoS) attack.
463) NULL pointer dereference (CVE-ID: CVE-2024-49922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the create_validate_stream_for_sink(), amdgpu_dm_commit_streams() and amdgpu_dm_atomic_commit_tail() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
464) Use-after-free (CVE-ID: CVE-2024-49925)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efifb_probe(), pm_runtime_put() and efifb_remove() functions in drivers/video/fbdev/efifb.c. A local user can escalate privileges on the system.
465) NULL pointer dereference (CVE-ID: CVE-2024-49949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qdisc_pkt_len_init() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
466) Improper error handling (CVE-ID: CVE-2024-49937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nl80211_start_radar_detection() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
467) Resource management error (CVE-ID: CVE-2024-49947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/linux/virtio_net.h. A local user can perform a denial of service (DoS) attack.
468) Improper locking (CVE-ID: CVE-2024-49946)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ppp_channel_bridge_input() function in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.
469) Use-after-free (CVE-ID: CVE-2024-49945)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ncsi_unregister_dev() function in net/ncsi/ncsi-manage.c. A local user can escalate privileges on the system.
470) NULL pointer dereference (CVE-ID: CVE-2024-49944)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sctp_listen_start() function in net/sctp/socket.c. A local user can perform a denial of service (DoS) attack.
471) Improper locking (CVE-ID: CVE-2024-49939)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtw89_ops_add_interface() function in drivers/net/wireless/realtek/rtw89/mac80211.c. A local user can perform a denial of service (DoS) attack.
472) Input validation error (CVE-ID: CVE-2024-49938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ath9k_hif_usb_rx_cb() and ath9k_hif_usb_reg_in_cb() functions in drivers/net/wireless/ath/ath9k/hif_usb.c. A local user can perform a denial of service (DoS) attack.
473) Use-after-free (CVE-ID: CVE-2024-49936)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xenvif_new_hash() and xenvif_flush_hash() functions in drivers/net/xen-netback/hash.c. A local user can escalate privileges on the system.
474) Out-of-bounds read (CVE-ID: CVE-2024-49928)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wireless/realtek/rtw89/core.h. A local user can perform a denial of service (DoS) attack.
475) Race condition (CVE-ID: CVE-2024-49935)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the exit_round_robin() function in drivers/acpi/acpi_pad.c. A local user can perform a denial of service (DoS) attack.
476) Use-after-free (CVE-ID: CVE-2024-49934)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dump_mapping() function in fs/inode.c. A local user can escalate privileges on the system.
477) Out-of-bounds read (CVE-ID: CVE-2024-49933)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ioc_forgive_debts() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.
478) Out-of-bounds read (CVE-ID: CVE-2024-49931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wireless/ath/ath12k/dp_rx.c. A local user can perform a denial of service (DoS) attack.
479) Out-of-bounds read (CVE-ID: CVE-2024-49930)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can perform a denial of service (DoS) attack.
480) NULL pointer dereference (CVE-ID: CVE-2024-49929)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iwl_mvm_tx_mpdu() and iwl_mvm_tx_skb_sta() functions in drivers/net/wireless/intel/iwlwifi/mvm/tx.c. A local user can perform a denial of service (DoS) attack.
481) Buffer overflow (CVE-ID: CVE-2024-50001)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mlx5e_sq_xmit_mpwqe() function in drivers/net/ethernet/mellanox/mlx5/core/en_tx.c. A local user can perform a denial of service (DoS) attack.
482) Input validation error (CVE-ID: CVE-2024-50003)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dmub_hpd_callback() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
483) Use-after-free (CVE-ID: CVE-2024-50124)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ISO_CONN_TIMEOUT(), iso_sock_timeout() and iso_conn_del() functions in net/bluetooth/iso.c. A local user can escalate privileges on the system.
484) Use of uninitialized resource (CVE-ID: CVE-2024-50087)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the replay_one_name() and check_item_in_log() functions in fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.
485) Input validation error (CVE-ID: CVE-2024-50062)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the rtrs_srv_info_req_done() and post_recv_path() functions in drivers/infiniband/ulp/rtrs/rtrs-srv.c. A local user can perform a denial of service (DoS) attack.
486) Buffer overflow (CVE-ID: CVE-2024-50063)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bpf_prog_map_compatible() function in kernel/bpf/core.c. A local user can perform a denial of service (DoS) attack.
487) Information disclosure (CVE-ID: CVE-2024-50064)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the zram_destroy_comps() function in drivers/block/zram/zram_drv.c. A local user can gain access to sensitive information.
488) Use-after-free (CVE-ID: CVE-2024-50067)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uprobe_buffer_init(), prepare_uprobe_buffer() and __uprobe_trace_func() functions in kernel/trace/trace_uprobe.c. A local user can escalate privileges on the system.
489) NULL pointer dereference (CVE-ID: CVE-2024-50069)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the apple_gpio_pinctrl_probe() function in drivers/pinctrl/pinctrl-apple-gpio.c. A local user can perform a denial of service (DoS) attack.
490) Out-of-bounds read (CVE-ID: CVE-2024-50074)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_active_device(), do_autoprobe(), do_hardware_base_addr(), do_hardware_irq(), do_hardware_dma() and do_hardware_modes() functions in drivers/parport/procfs.c. A local user can perform a denial of service (DoS) attack.
491) Input validation error (CVE-ID: CVE-2024-50075)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tegra_xusb_enter_elpg() function in drivers/usb/host/xhci-tegra.c. A local user can perform a denial of service (DoS) attack.
492) Buffer overflow (CVE-ID: CVE-2024-50076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the con_font_get() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.
493) Improper error handling (CVE-ID: CVE-2024-50077)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the iso_init() function in net/bluetooth/iso.c. A local user can perform a denial of service (DoS) attack.
494) Improper error handling (CVE-ID: CVE-2024-50078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bt_exit() function in net/bluetooth/af_bluetooth.c. A local user can perform a denial of service (DoS) attack.
495) Memory leak (CVE-ID: CVE-2024-50080)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ublk_ctrl_add_dev() function in drivers/block/ublk_drv.c. A local user can perform a denial of service (DoS) attack.
496) Improper Initialization (CVE-ID: CVE-2024-50081)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the blk_mq_init_allocated_queue() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
497) Improper locking (CVE-ID: CVE-2024-50082)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rq_qos_wake_function() function in block/blk-rq-qos.c. A local user can perform a denial of service (DoS) attack.
498) Memory leak (CVE-ID: CVE-2024-50084)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vcap_api_encode_rule_test() function in drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c. A local user can perform a denial of service (DoS) attack.
499) NULL pointer dereference (CVE-ID: CVE-2024-50088)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the add_inode_ref() function in fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.
500) Improper locking (CVE-ID: CVE-2024-50060)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __io_cqring_overflow_flush() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
501) Memory leak (CVE-ID: CVE-2024-50102)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the IS_ENABLED() function in arch/x86/lib/getuser.S, within the RUNTIME_CONST() function in arch/x86/kernel/vmlinux.lds.S, within the arch_cpu_finalize_init() function in arch/x86/kernel/cpu/common.c. A local user can perform a denial of service (DoS) attack.
502) Use-after-free (CVE-ID: CVE-2024-50121)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfs4_state_shutdown_net() function in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.
503) NULL pointer dereference (CVE-ID: CVE-2024-50117)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_atif_call() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c. A local user can perform a denial of service (DoS) attack.
504) Improper error handling (CVE-ID: CVE-2024-50116)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nilfs_forget_buffer() and nilfs_clear_dirty_page() functions in fs/nilfs2/page.c. A local user can perform a denial of service (DoS) attack.
505) Memory leak (CVE-ID: CVE-2024-50110)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the copy_to_user_auth() function in net/xfrm/xfrm_user.c. A local user can perform a denial of service (DoS) attack.
506) Resource management error (CVE-ID: CVE-2024-50108)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the is_psr_su_specific_panel() function in drivers/gpu/drm/amd/display/modules/power/power_helpers.c. A local user can perform a denial of service (DoS) attack.
507) NULL pointer dereference (CVE-ID: CVE-2024-50103)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the asoc_qcom_lpass_cpu_platform_probe() function in sound/soc/qcom/lpass-cpu.c. A local user can perform a denial of service (DoS) attack.
508) Input validation error (CVE-ID: CVE-2024-50101)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the domain_context_clear_one_cb() function in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.
509) Input validation error (CVE-ID: CVE-2024-50089)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nfdicf_init() and main() functions in fs/unicode/mkutf8data.c. A local user can perform a denial of service (DoS) attack.
510) Resource management error (CVE-ID: CVE-2024-50100)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dummy_urb_enqueue(), dummy_urb_dequeue(), dummy_timer(), dummy_bus_resume() and dummy_stop() functions in drivers/usb/gadget/udc/dummy_hcd.c. A local user can perform a denial of service (DoS) attack.
511) Improper locking (CVE-ID: CVE-2024-50099)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the arm_probe_decode_insn() and arm_kprobe_decode_insn() functions in arch/arm64/kernel/probes/decode-insn.c. A local user can perform a denial of service (DoS) attack.
512) Improper locking (CVE-ID: CVE-2024-50098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ufshcd_wl_shutdown() function in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
513) Buffer overflow (CVE-ID: CVE-2024-50096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nouveau_dmem_fault_copy_one() function in drivers/gpu/drm/nouveau/nouveau_dmem.c. A local user can perform a denial of service (DoS) attack.
514) Improper locking (CVE-ID: CVE-2024-50095)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the retry_send() and timeout_sends() functions in drivers/infiniband/core/mad.c. A local user can perform a denial of service (DoS) attack.
515) Resource management error (CVE-ID: CVE-2024-50093)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the proc_thermal_pci_remove() function in drivers/thermal/intel/int340x_thermal/processor_thermal_device_pci.c. A local user can perform a denial of service (DoS) attack.
516) Race condition (CVE-ID: CVE-2024-50061)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the cdns_i3c_master_remove() function in drivers/i3c/master/i3c-master-cdns.c. A local user can escalate privileges on the system.
517) Race condition (CVE-ID: CVE-2024-50059)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the switchtec_ntb_remove() function in drivers/ntb/hw/mscc/ntb_hw_switchtec.c. A local user can escalate privileges on the system.
518) Input validation error (CVE-ID: CVE-2024-50004)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the build_unoptimized_policy_settings() function in drivers/gpu/drm/amd/display/dc/dml2/dml2_policy.c. A local user can perform a denial of service (DoS) attack.
519) Infinite loop (CVE-ID: CVE-2024-50024)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the __netlink_clear_multicast_users() function in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
520) Improper locking (CVE-ID: CVE-2024-50006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_ind_migrate() function in fs/ext4/migrate.c. A local user can perform a denial of service (DoS) attack.
521) Out-of-bounds read (CVE-ID: CVE-2024-50007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the HPIMSGX__init() function in sound/pci/asihpi/hpimsgx.c. A local user can perform a denial of service (DoS) attack.
522) Resource management error (CVE-ID: CVE-2024-50008)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mwifiex_ret_802_11_scan_ext() function in drivers/net/wireless/marvell/mwifiex/scan.c. A local user can perform a denial of service (DoS) attack.
523) NULL pointer dereference (CVE-ID: CVE-2024-50009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amd_pstate_adjust_perf() and amd_pstate_init_prefcore() functions in drivers/cpufreq/amd-pstate.c. A local user can perform a denial of service (DoS) attack.
524) Incorrect calculation (CVE-ID: CVE-2024-50012)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the include/linux/cpufreq.h. A local user can perform a denial of service (DoS) attack.
525) Memory leak (CVE-ID: CVE-2024-50013)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the exfat_load_bitmap() function in fs/exfat/balloc.c. A local user can perform a denial of service (DoS) attack.
526) Improper locking (CVE-ID: CVE-2024-50014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __ext4_fill_super() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
527) Buffer overflow (CVE-ID: CVE-2024-50015)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ext4_handle_inode_extension(), ext4_dio_write_iter() and ext4_dax_write_iter() functions in fs/ext4/file.c. A local user can escalate privileges on the system.
528) Input validation error (CVE-ID: CVE-2024-50017)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ident_pud_init() function in arch/x86/mm/ident_map.c. A local user can perform a denial of service (DoS) attack.
529) Resource management error (CVE-ID: CVE-2024-50019)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kthread_unpark() function in kernel/kthread.c. A local user can perform a denial of service (DoS) attack.
530) Improper error handling (CVE-ID: CVE-2024-50020)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ice_sriov_set_msix_vec_count() and ice_sriov_get_irqs() functions in drivers/net/ethernet/intel/ice/ice_sriov.c. A local user can perform a denial of service (DoS) attack.
531) Incorrect calculation (CVE-ID: CVE-2024-50021)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the ice_dpll_init_rclk_pins() function in drivers/net/ethernet/intel/ice/ice_dpll.c. A local user can perform a denial of service (DoS) attack.
532) Buffer overflow (CVE-ID: CVE-2024-50022)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dax_set_mapping() function in drivers/dax/device.c. A local user can perform a denial of service (DoS) attack.
533) Input validation error (CVE-ID: CVE-2024-50023)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the phy_led_hw_is_supported() function in drivers/net/phy/phy_device.c. A local user can perform a denial of service (DoS) attack.
534) Improper locking (CVE-ID: CVE-2024-50025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fnic_probe() function in drivers/scsi/fnic/fnic_main.c. A local user can perform a denial of service (DoS) attack.
535) Input validation error (CVE-ID: CVE-2024-50058)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the uart_shutdown() function in drivers/tty/serial/serial_core.c. A local user can perform a denial of service (DoS) attack.
536) Buffer overflow (CVE-ID: CVE-2024-50042)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ice_vf_pre_vsi_rebuild() function in drivers/net/ethernet/intel/ice/ice_vf_lib.c, within the ice_sriov_set_msix_vec_count() function in drivers/net/ethernet/intel/ice/ice_sriov.c. A local user can perform a denial of service (DoS) attack.
537) Double free (CVE-ID: CVE-2024-50055)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the bus_remove_file() function in drivers/base/bus.c. A local user can perform a denial of service (DoS) attack.
538) Input validation error (CVE-ID: CVE-2024-50049)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dc_validate_seamless_boot_timing() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
539) Improper error handling (CVE-ID: CVE-2024-50048)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the set_con2fb_map() function in drivers/video/fbdev/core/fbcon.c. A local user can perform a denial of service (DoS) attack.
540) Improper locking (CVE-ID: CVE-2024-50046)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfs42_complete_copies() function in fs/nfs/nfs4state.c, within the handle_async_copy() function in fs/nfs/nfs42proc.c, within the nfs_alloc_server() function in fs/nfs/client.c. A local user can perform a denial of service (DoS) attack.
541) Input validation error (CVE-ID: CVE-2024-50045)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the br_nf_dev_queue_xmit() function in net/bridge/br_netfilter_hooks.c. A local user can perform a denial of service (DoS) attack.
542) Improper locking (CVE-ID: CVE-2024-50044)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rfcomm_sock_ioctl() function in net/bluetooth/rfcomm/sock.c. A local user can perform a denial of service (DoS) attack.
543) Improper locking (CVE-ID: CVE-2024-50041)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the i40e_vc_get_vf_resources_msg() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c, within the i40e_add_mac_filter() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
544) Improper Initialization (CVE-ID: CVE-2024-50026)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the wd33c93_intr() function in drivers/scsi/wd33c93.c. A local user can perform a denial of service (DoS) attack.
545) Improper error handling (CVE-ID: CVE-2024-50040)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the igb_io_resume() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
546) Use of uninitialized resource (CVE-ID: CVE-2024-50035)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ppp_async_encode() function in drivers/net/ppp/ppp_async.c. A local user can perform a denial of service (DoS) attack.
547) Use of uninitialized resource (CVE-ID: CVE-2024-50033)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the slhc_remember() function in drivers/net/slip/slhc.c. A local user can perform a denial of service (DoS) attack.
548) Resource management error (CVE-ID: CVE-2024-50031)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the v3d_perfmon_open_file() and v3d_perfmon_idr_del() functions in drivers/gpu/drm/v3d/v3d_perfmon.c. A local user can perform a denial of service (DoS) attack.
549) Incorrect calculation (CVE-ID: CVE-2024-50028)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the thermal_genl_cmd_tz_get_trip(), thermal_genl_cmd_tz_get_temp() and thermal_genl_cmd_tz_get_gov() functions in drivers/thermal/thermal_netlink.c, within the thermal_zone_get_by_id() function in drivers/thermal/thermal_core.c. A local user can perform a denial of service (DoS) attack.
550) Double free (CVE-ID: CVE-2024-50027)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the thermal_zone_device_unregister() function in drivers/thermal/thermal_core.c. A local user can perform a denial of service (DoS) attack.
551) NULL pointer dereference (CVE-ID: CVE-2024-53201)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn20_program_pipe() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.
552) Double free (CVE-ID: CVE-2024-53191)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ath12k_dp_free() function in drivers/net/wireless/ath/ath12k/dp.c. A local user can perform a denial of service (DoS) attack.
553) Stack-based buffer overflow (CVE-ID: CVE-2024-8176)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when handling XML content. A remote attacker can pass specially crafted XML content to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
554) Integer overflow (CVE-ID: CVE-2025-0677)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow when performing a symlink lookup within the grub_ufs_lookup_symlink() function in UFS filesystem driver. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
555) Out-of-bounds write (CVE-ID: CVE-2024-45774)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when parsing JPEG files. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
556) Improper error handling (CVE-ID: CVE-2024-45775)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect handling of memory allocation failures within the grub_extcmd_dispatcher() function. A local user can perform a denial of service attack or corrupt the IVT data.
557) Integer overflow (CVE-ID: CVE-2024-45776)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the grub_mofile_open() function when reading .mo file. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
558) Integer overflow (CVE-ID: CVE-2024-45777)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the grub_gettext_getstr_from_position() function when reading .mo file. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
559) Integer overflow (CVE-ID: CVE-2024-45778)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow when reading BFS filesystem. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
560) Integer overflow (CVE-ID: CVE-2024-45779)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to integer overflow within the BFS filesystem driver. A local user can trigger an integer overflow and corrupt data.
561) Integer overflow (CVE-ID: CVE-2024-45780)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow when handling tar files. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
562) Out-of-bounds write (CVE-ID: CVE-2024-45781)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when ready symbolic link name from a UFS filesystem. A local user can trigger an out-of-bounds write and execute arbitrary code.
563) Out-of-bounds write (CVE-ID: CVE-2024-45782)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when reading a volume's name within the grub_fs_mount() function in HFS filesystem driver. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
564) NULL pointer dereference (CVE-ID: CVE-2024-45783)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error when failing to mount a HFS+. A local user can perform a denial of service (DoS) attack.
565) Information disclosure (CVE-ID: CVE-2024-49504)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to an error in grub implementation. A local user with access to the grub shell can access files on the encrypted disks.
566) Heap-based buffer overflow (CVE-ID: CVE-2024-56737)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the fs/hfs.c when reading sblock data from HFS filesystem. A local user can trigger a heap-based buffer overflow and execute arbitrary code with elevated privileges.
567) Use-after-free (CVE-ID: CVE-2025-0622)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error caused by not removing hooks when the related module is being unloaded. A local user can execute arbitrary code with elevated privileges.
568) Out-of-bounds write (CVE-ID: CVE-2025-0624)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the grub_net_search_config_file() function. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
569) Integer overflow (CVE-ID: CVE-2025-0678)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow in squash4 fs module. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
570) Improper authorization (CVE-ID: CVE-2024-45337)
The vulnerability allows a remote attacker to gain unauthorized access to the application.
The vulnerability exists due to improper authorization caused by improper usage of the ServerConfig.PublicKeyCallback callback. A remote attacker can bypass authorization in certain cases and gain access to the application.
571) Out-of-bounds write (CVE-ID: CVE-2025-0684)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when performing a symlink lookup from a reiserfs filesystem. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
572) Integer overflow (CVE-ID: CVE-2025-0685)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow when reading data from a jfs filesystem within the grub_jfs_lookup_symlink() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
573) Integer overflow (CVE-ID: CVE-2025-0686)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the grub_romfs_read_symlink() function when performing a symlink lookup from a romfs filesystem. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
574) Heap-based buffer overflow (CVE-ID: CVE-2025-0689)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the grub_udf_read_block() function when reading data from disk. A local user can trigger a heap-based buffer overflow and execute arbitrary code with elevated privileges.
575) Integer overflow (CVE-ID: CVE-2025-0690)
The vulnerability allows an attacker to escalate privileges on the system.
The vulnerability exists due to integer overflow when reading data from the keyboard input. An attacker with physical access to the system can trigger an integer overflow and execute arbitrary code with elevated privileges.
576) Security features bypass (CVE-ID: CVE-2025-1118)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to the dump command is not blocked when grub is in lockdown mode. A local user can read any data from the system memory.
577) Integer overflow (CVE-ID: CVE-2025-1125)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the hfsplus_open_compressed_real() function when reading data from a hfs filesystem. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
578) Man-in-the-Middle (MitM) attack (CVE-ID: CVE-2025-26465)
The vulnerability allows a remote attacker to perform MitM attack.
The
vulnerability exists due to incorrect processing of user-supplied data
in ssh(1). A remote attacker can perform server impersonation when
VerifyHostKeyDNS enabled.
579) Input validation error (CVE-ID: CVE-2025-26466)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input related to SSH2_MSG_PING handling in sshd(8). A remote attacker can send specially crafted packets to the server and perform a denial of service (DoS) attack.
580) Buffer overflow (CVE-ID: CVE-2025-0395)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when the assert() function fails. A remote attacker can trigger memory corruption and perform a denial of service (DoS) attack.
581) Input validation error (CVE-ID: CVE-2025-0938)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to urllib.parse.urlsplit and urlparse accept domain names with square brackets. A remote attacker can pass specially crafted input to the application and bypass implemented security restrictions.
582) Resource exhaustion (CVE-ID: CVE-2024-12133)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources processing a large number of SEQUENCE OF or SET OF elements in a certificate. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
583) Race condition (CVE-ID: CVE-2023-52489)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the section_deactivate() function in mm/sparse.c. A local user can exploit the race and escalate privileges on the system.
584) Improper locking (CVE-ID: CVE-2023-52923)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nft_rbtree_cmp(), __nft_rbtree_lookup(), nft_rbtree_get(), nft_rbtree_gc_elem(), nft_rbtree_activate(), nft_rbtree_flush() and nft_rbtree_gc() functions in net/netfilter/nft_set_rbtree.c, within the pipapo_drop(), pipapo_gc() and nft_pipapo_activate() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_cmp(), nft_rhash_activate(), nft_rhash_flush(), nft_rhash_deactivate(), nft_rhash_gc() and nft_rhash_destroy() functions in net/netfilter/nft_set_hash.c. A local user can perform a denial of service (DoS) attack.
585) Resource exhaustion (CVE-ID: CVE-2024-45338)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in several Parse functions. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
586) Covert Timing Channel (CVE-ID: CVE-2024-13176)
The vulnerability allows a remote attacker to recover a private key.
The vulnerability exists due to a timing side-channel in ECDSA signature computations. A remote attacker can recover the private key and decrypt data.
Successful exploitation of the vulnerability requires that the attacker's process must either be located in the same physical computer or must have a very fast network connection with low latency.
587) Resource management error (CVE-ID: CVE-2024-39282)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the t7xx_fsm_broadcast_state(), fsm_main_thread() and t7xx_fsm_append_cmd() functions in drivers/net/wwan/t7xx/t7xx_state_monitor.c. A local user can perform a denial of service (DoS) attack.
588) Improper error handling (CVE-ID: CVE-2025-21799)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the am65_cpsw_nuss_remove_tx_chns() function in drivers/net/ethernet/ti/am65-cpsw-nuss.c. A local user can perform a denial of service (DoS) attack.
589) Out-of-bounds read (CVE-ID: CVE-2025-21692)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ets_class_from_arg() function in net/sched/sch_ets.c. A local user can perform a denial of service (DoS) attack.
590) NULL pointer dereference (CVE-ID: CVE-2025-21697)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the v3d_irq() and v3d_hub_irq() functions in drivers/gpu/drm/v3d/v3d_irq.c. A local user can perform a denial of service (DoS) attack.
591) Resource management error (CVE-ID: CVE-2025-21699)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the do_gfs2_set_flags() function in fs/gfs2/file.c. A local user can perform a denial of service (DoS) attack.
592) Use-after-free (CVE-ID: CVE-2025-21700)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qdisc_lookup() function in net/sched/sch_api.c. A local user can escalate privileges on the system.
593) Improper locking (CVE-ID: CVE-2025-21705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mptcp_sendmsg_fastopen() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
594) Use-after-free (CVE-ID: CVE-2025-21715)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dm9000_drv_remove() function in drivers/net/ethernet/davicom/dm9000.c. A local user can escalate privileges on the system.
595) Use of uninitialized resource (CVE-ID: CVE-2025-21716)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the vxlan_vnifilter_dump() function in drivers/net/vxlan/vxlan_vnifilter.c. A local user can perform a denial of service (DoS) attack.
596) Race condition (CVE-ID: CVE-2025-21719)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the list_for_each_entry() function in net/ipv4/ipmr_base.c. A local user can perform a denial of service (DoS) attack.
597) Out-of-bounds read (CVE-ID: CVE-2025-21724)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iova_bitmap_offset_to_index() function in drivers/vfio/iova_bitmap.c. A local user can perform a denial of service (DoS) attack.
598) Input validation error (CVE-ID: CVE-2025-21725)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the parse_server_interfaces() function in fs/smb/client/smb2ops.c. A local user can perform a denial of service (DoS) attack.
599) Resource management error (CVE-ID: CVE-2025-21728)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bpf_send_signal_common() function in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.
600) Improper locking (CVE-ID: CVE-2025-21767)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the clocksource_verify_percpu() function in kernel/time/clocksource.c. A local user can perform a denial of service (DoS) attack.
601) NULL pointer dereference (CVE-ID: CVE-2025-21790)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vxlan_init() function in drivers/net/vxlan/vxlan_core.c. A local user can perform a denial of service (DoS) attack.
602) Input validation error (CVE-ID: CVE-2025-21795)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nfsd4_run_cb_work() function in fs/nfsd/nfs4callback.c. A local user can perform a denial of service (DoS) attack.
603) Input validation error (CVE-ID: CVE-2025-21802)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hclgevf_init() function in drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c, within the hclge_init() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c, within the module_init() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c, within the EXPORT_SYMBOL() function in drivers/net/ethernet/hisilicon/hns3/hnae3.c. A local user can perform a denial of service (DoS) attack.
604) Input validation error (CVE-ID: CVE-2025-1094)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in the database.
The vulnerability exists due to insufficient validation of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() and within the command line utility programs when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. A remote attacker can pass specially crafted input to the application and execute arbitrary SQL queries in the database.
Note, the vulnerability is being actively exploited in the wild.
605) Inefficient regular expression complexity (CVE-ID: CVE-2024-49761)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when parsing an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
606) Out-of-bounds write (CVE-ID: CVE-2025-24014)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.
607) Heap-based buffer overflow (CVE-ID: CVE-2025-22134)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim into opening a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
608) Buffer overflow (CVE-ID: CVE-2025-1215)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing data passed via "--log" argument. A remote attacker can trick the victim into opening a file with a specially crafted argument, trigger memory corruption and execute arbitrary code on the target system.
609) Heap-based buffer overflow (CVE-ID: CVE-2024-45306)
The vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and crash the application.
610) Heap-based buffer overflow (CVE-ID: CVE-2024-43802)
The vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary error within the ins_typebuf() function. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and crash the application.
611) Heap-based buffer overflow (CVE-ID: CVE-2024-43790)
The vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to boundary error within the do_search() function when performing a search and displaying the search-count message is disabled. A remote attacker can trick the victim to open a specially crafted file and use a specially crafted payload to search information, trigger a heap-based buffer overflow and crash the editor.
612) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2024-47220)
The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially crafted HTTP request containing both a Content-Length header and a Transfer-Encoding header to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
613) Resource exhaustion (CVE-ID: CVE-2025-27144)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when parsing JWS and JWE input. A remote attacker can pass specially crafted data to the application, trigger resource exhaustion and perform a denial of service (DoS) attack.
614) Buffer overflow (CVE-ID: CVE-2025-26597)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the XkbChangeTypesOfKey() function. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
615) Out-of-bounds write (CVE-ID: CVE-2023-4016)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when processing untrusted input. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
616) NULL pointer dereference (CVE-ID: CVE-2025-27113)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xmlPatMatch() function in pattern.c. A remote attacker can pass specially crafted XML document to the affected application and perform a denial of service (DoS) attack.
617) Stack-based buffer overflow (CVE-ID: CVE-2025-24928)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the xmlSnprintfElements() function in valid.c. A remote attacker can pass specially crafted XML data to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
618) Use-after-free (CVE-ID: CVE-2024-56171)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the xmlSchemaIDCFillNodeTables() and xmlSchemaBubbleIDCNodeTables() functions in xmlschemas.c. A remote attacker can pass specially crafted XML document to the application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
619) Resource exhaustion (CVE-ID: CVE-2024-12243)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to libtasn1 does not properly control consumption of internal resources when decoding certain DER-encoded certificate data. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
620) NULL pointer dereference (CVE-ID: CVE-2024-36476)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the send_io_resp_imm() function in drivers/infiniband/ulp/rtrs/rtrs-srv.c. A local user can perform a denial of service (DoS) attack.
621) Memory leak (CVE-ID: CVE-2024-43913)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the devm_apple_nvme_mempool_destroy() and apple_nvme_probe() functions in drivers/nvme/host/apple.c. A local user can perform a denial of service (DoS) attack.
622) Out-of-bounds read (CVE-ID: CVE-2025-21689)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qt2_process_read_urb() function in drivers/usb/serial/quatech2.c. A local user can perform a denial of service (DoS) attack.
623) Improper error handling (CVE-ID: CVE-2024-56372)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the tun_napi_alloc_frags() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
624) Integer underflow (CVE-ID: CVE-2024-53203)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the ucsi_ccg_sync_control() function in drivers/usb/typec/ucsi/ucsi_ccg.c. A local user can execute arbitrary code.
625) Use-after-free (CVE-ID: CVE-2024-53227)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfad_init() function in drivers/scsi/bfa/bfad.c. A local user can escalate privileges on the system.
626) NULL pointer dereference (CVE-ID: CVE-2024-53230)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cppc_get_cpu_cost() function in drivers/cpufreq/cppc_cpufreq.c. A local user can perform a denial of service (DoS) attack.
627) NULL pointer dereference (CVE-ID: CVE-2024-53231)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cppc_get_cpu_power() function in drivers/cpufreq/cppc_cpufreq.c. A local user can perform a denial of service (DoS) attack.
628) Use-after-free (CVE-ID: CVE-2024-53232)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the calc_rtx(), s390_domain_free(), s390_iommu_attach_device(), s390_iommu_probe_device(), s390_iommu_unmap_pages() and s390_iommu_init() functions in drivers/iommu/s390-iommu.c, within the pci_fmb_show() function in arch/s390/pci/pci_debug.c, within the zpci_fmb_enable_device() function in arch/s390/pci/pci.c. A local user can escalate privileges on the system.
629) Improper error handling (CVE-ID: CVE-2024-53233)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the utf8_load() function in fs/unicode/utf8-core.c. A local user can perform a denial of service (DoS) attack.
630) Memory leak (CVE-ID: CVE-2024-53236)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xsk_build_skb() function in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.
631) Improper locking (CVE-ID: CVE-2024-53685)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fs/ceph/mds_client.c. A local user can perform a denial of service (DoS) attack.
632) Integer underflow (CVE-ID: CVE-2024-53690)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nilfs_lookup() function in fs/nilfs2/namei.c, within the nilfs_iget() function in fs/nilfs2/inode.c. A local user can execute arbitrary code.
633) Use-after-free (CVE-ID: CVE-2024-54680)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the clean_demultiplex_info(), cifs_get_tcp_session(), cifs_crypto_secmech_release(), cifs_put_tcp_session() and generic_ip_connect() functions in fs/smb/client/connect.c. A local user can perform a denial of service (DoS) attack.
634) Input validation error (CVE-ID: CVE-2024-55639)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the rswitch_device_alloc(), of_node_put() and rswitch_device_free() functions in drivers/net/ethernet/renesas/rswitch.c. A local user can perform a denial of service (DoS) attack.
635) Resource management error (CVE-ID: CVE-2024-55881)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the complete_hypercall_exit() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
636) NULL pointer dereference (CVE-ID: CVE-2024-55916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the util_probe() function in drivers/hv/hv_util.c, within the hv_vss_init() function in drivers/hv/hv_snapshot.c, within the hv_kvp_init() function in drivers/hv/hv_kvp.c. A local user can perform a denial of service (DoS) attack.
637) Division by zero (CVE-ID: CVE-2024-56369)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the EXPORT_SYMBOL() and drm_mode_vrefresh() functions in drivers/gpu/drm/drm_modes.c. A local user can perform a denial of service (DoS) attack.
638) Improper locking (CVE-ID: CVE-2024-56531)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_usb_caiaq_input_free() function in sound/usb/caiaq/input.c, within the setup_card(), init_card() and snd_disconnect() functions in sound/usb/caiaq/device.c, within the snd_usb_caiaq_audio_init() function in sound/usb/caiaq/audio.c. A local user can perform a denial of service (DoS) attack.
639) Out-of-bounds write (CVE-ID: CVE-2024-53197)
The vulnerability allows a local user to compromise the affected system.
The vulnerability exists due to an out-of-bounds write error within the snd_usb_create_quirk(), snd_usb_extigy_boot_quirk(), mbox2_setup_48_24_magic() and snd_usb_mbox2_boot_quirk() functions in sound/usb/quirks.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
Note, the vulnerability is being actively exploited against Android devices.
640) Improper locking (CVE-ID: CVE-2024-56532)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_us122l_disconnect() function in sound/usb/usx2y/us122l.c. A local user can perform a denial of service (DoS) attack.
641) Improper locking (CVE-ID: CVE-2024-56533)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_usx2y_disconnect() function in sound/usb/usx2y/usbusx2y.c. A local user can perform a denial of service (DoS) attack.
642) Use-after-free (CVE-ID: CVE-2024-56538)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zynqmp_dpsub_drm_cleanup() function in drivers/gpu/drm/xlnx/zynqmp_kms.c. A local user can escalate privileges on the system.
643) Resource management error (CVE-ID: CVE-2024-56543)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ath12k_mac_peer_cleanup_all() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.
644) Use-after-free (CVE-ID: CVE-2024-56546)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xlnx_add_cb_for_suspend() function in drivers/soc/xilinx/xlnx_event_manager.c. A local user can escalate privileges on the system.
645) Buffer overflow (CVE-ID: CVE-2024-56557)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the __aligned() function in drivers/iio/adc/ad7923.c. A local user can escalate privileges on the system.
646) Use-after-free (CVE-ID: CVE-2024-56558)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the e_show() function in fs/nfsd/export.c. A local user can escalate privileges on the system.
647) NULL pointer dereference (CVE-ID: CVE-2024-56569)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ftrace_mod_callback() function in kernel/trace/ftrace.c. A local user can perform a denial of service (DoS) attack.
648) Input validation error (CVE-ID: CVE-2024-56570)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ovl_dentry_init_flags() function in fs/overlayfs/util.c. A local user can perform a denial of service (DoS) attack.
649) Resource management error (CVE-ID: CVE-2024-56571)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the uvc_alloc_entity(), uvc_parse_vendor_control(), uvc_parse_standard_control() and uvc_gpio_parse() functions in drivers/media/usb/uvc/uvc_driver.c. A local user can perform a denial of service (DoS) attack.
650) Memory leak (CVE-ID: CVE-2024-56572)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the allocate_buffers_internal() function in drivers/media/platform/allegro-dvt/allegro-core.c. A local user can perform a denial of service (DoS) attack.
651) Double free (CVE-ID: CVE-2024-56573)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the efi_handle_cmdline() function in drivers/firmware/efi/libstub/efi-stub.c. A local user can perform a denial of service (DoS) attack.
652) NULL pointer dereference (CVE-ID: CVE-2024-56574)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ts2020_regmap_unlock() function in drivers/media/dvb-frontends/ts2020.c. A local user can perform a denial of service (DoS) attack.
653) NULL pointer dereference (CVE-ID: CVE-2024-56575)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mxc_jpeg_detach_pm_domains() function in drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c. A local user can perform a denial of service (DoS) attack.
654) Memory leak (CVE-ID: CVE-2024-53198)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xenbus_dev_probe() function in drivers/xen/xenbus/xenbus_probe.c. A local user can perform a denial of service (DoS) attack.
655) Improper error handling (CVE-ID: CVE-2024-53196)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the kvm_mmio_read_buf() and kvm_handle_mmio_return() functions in arch/arm64/kvm/mmio.c. A local user can perform a denial of service (DoS) attack.
656) NULL pointer dereference (CVE-ID: CVE-2024-45828)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hci_dma_cleanup() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.
657) Out-of-bounds read (CVE-ID: CVE-2024-50151)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the SMB2_ioctl_init() function in fs/cifs/smb2pdu.c. A local user can perform a denial of service (DoS) attack.
658) Use-after-free (CVE-ID: CVE-2024-46858)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mptcp_pm_del_add_timer() and remove_anno_list_by_saddr() functions in net/mptcp/pm_netlink.c. A local user can escalate privileges on the system.
659) NULL pointer dereference (CVE-ID: CVE-2024-46896)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_job_set_resources() and amdgpu_job_free_resources() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_job.c. A local user can perform a denial of service (DoS) attack.
660) NULL pointer dereference (CVE-ID: CVE-2024-47141)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pr_fmt(), pinmux_can_be_used_for_gpio(), pin_request(), pin_free(), pinmux_enable_setting(), pinmux_disable_setting() and pinmux_pins_show() functions in drivers/pinctrl/pinmux.c, within the pinctrl_register_one_pin() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.
661) Improper locking (CVE-ID: CVE-2024-47143)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the check_unmap() function in kernel/dma/debug.c. A local user can perform a denial of service (DoS) attack.
662) NULL pointer dereference (CVE-ID: CVE-2024-47809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the validate_lock_args() function in fs/dlm/lock.c. A local user can perform a denial of service (DoS) attack.
663) NULL pointer dereference (CVE-ID: CVE-2024-48873)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rtw89_update_6ghz_rnr_chan() function in drivers/net/wireless/realtek/rtw89/fw.c. A local user can perform a denial of service (DoS) attack.
664) NULL pointer dereference (CVE-ID: CVE-2024-48881)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cache_set_flush() function in drivers/md/bcache/super.c. A local user can perform a denial of service (DoS) attack.
665) Improper locking (CVE-ID: CVE-2024-49569)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_stop_keep_alive() function in drivers/nvme/host/rdma.c. A local user can perform a denial of service (DoS) attack.
666) Input validation error (CVE-ID: CVE-2024-49948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qdisc_pkt_len_init() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
667) Resource management error (CVE-ID: CVE-2024-49951)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cmd_status_rsp(), mgmt_index_added(), mgmt_power_on() and __mgmt_power_off() functions in net/bluetooth/mgmt.c. A local user can perform a denial of service (DoS) attack.
668) NULL pointer dereference (CVE-ID: CVE-2024-49978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __udp_gso_segment() function in net/ipv4/udp_offload.c. A local user can perform a denial of service (DoS) attack.
669) NULL pointer dereference (CVE-ID: CVE-2024-49998)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() and dsa_switch_shutdown() functions in net/dsa/dsa.c. A local user can perform a denial of service (DoS) attack.
670) Use-after-free (CVE-ID: CVE-2024-50051)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mpc52xx_spi_remove() function in drivers/spi/spi-mpc52xx.c. A local user can escalate privileges on the system.
671) Use-after-free (CVE-ID: CVE-2024-50106)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the destroy_delegation(), nfsd4_revoke_states(), nfs4_laundromat(), nfsd4_free_stateid() and nfsd4_delegreturn() functions in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.
672) Use-after-free (CVE-ID: CVE-2024-50199)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the unuse_mm() function in mm/swapfile.c. A local user can escalate privileges on the system.
673) Resource management error (CVE-ID: CVE-2024-53195)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the DECLARE_KVM_NVHE_PER_CPU(), kvm_arch_vcpu_postcreate(), kvm_arch_vcpu_run_pid_change(), kvm_vcpu_exit_request() and kvm_arch_vcpu_ioctl_run() functions in arch/arm64/kvm/arm.c, within the get_timer_map() function in arch/arm64/kvm/arch_timer.c. A local user can perform a denial of service (DoS) attack.
674) Use-after-free (CVE-ID: CVE-2024-53168)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xs_create_sock() function in net/sunrpc/xprtsock.c, within the svc_create_socket() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.
675) Use-after-free (CVE-ID: CVE-2024-53194)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pci_slot_release(), pci_bus_get() and make_slot_name() functions in drivers/pci/slot.c. A local user can escalate privileges on the system.
676) Buffer overflow (CVE-ID: CVE-2024-53187)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the io_pin_pages() function in io_uring/memmap.c. A local user can escalate privileges on the system.
677) Use-after-free (CVE-ID: CVE-2024-53185)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the SMB2_negotiate() function in fs/smb/client/smb2pdu.c. A local user can escalate privileges on the system.
678) Memory leak (CVE-ID: CVE-2024-53175)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the create_ipc_ns() function in ipc/namespace.c. A local user can perform a denial of service (DoS) attack.
679) Resource management error (CVE-ID: CVE-2024-53172)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the alloc_ai(), scan_fast() and ubi_attach() functions in drivers/mtd/ubi/attach.c. A local user can perform a denial of service (DoS) attack.
680) Use-after-free (CVE-ID: CVE-2024-53170)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the del_gendisk() function in block/genhd.c, within the blk_register_queue() function in block/blk-sysfs.c. A local user can escalate privileges on the system.
681) Resource management error (CVE-ID: CVE-2024-53164)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the choke_drop_by_idx() function in net/sched/sch_choke.c, within the cake_drop() function in net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.
682) Incorrect calculation (CVE-ID: CVE-2024-50251)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the nft_payload_set_eval() function in net/netfilter/nft_payload.c. A local user can perform a denial of service (DoS) attack.
683) Use-after-free (CVE-ID: CVE-2024-53095)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the clean_demultiplex_info(), cifs_put_tcp_session() and generic_ip_connect() functions in fs/smb/client/connect.c. A local user can escalate privileges on the system.
684) Input validation error (CVE-ID: CVE-2024-53091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the include/net/tls.h. A local user can perform a denial of service (DoS) attack.
685) Resource management error (CVE-ID: CVE-2024-52332)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the igb_init_module() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
686) Improper locking (CVE-ID: CVE-2024-50304)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ip_tunnel_find() function in net/ipv4/ip_tunnel.c. A local user can perform a denial of service (DoS) attack.
687) Input validation error (CVE-ID: CVE-2024-50299)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sctp_sf_ootb() function in net/sctp/sm_statefuns.c. A local user can perform a denial of service (DoS) attack.
688) Input validation error (CVE-ID: CVE-2024-50258)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the NLA_POLICY_MIN() function in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.
689) Resource management error (CVE-ID: CVE-2025-21690)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dev_warn() and storvsc_on_io_completion() functions in drivers/scsi/storvsc_drv.c. A local user can perform a denial of service (DoS) attack.
690) NULL pointer dereference (CVE-ID: CVE-2025-21688)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the v3d_irq() and v3d_hub_irq() functions in drivers/gpu/drm/v3d/v3d_irq.c. A local user can perform a denial of service (DoS) attack.
691) Improper error handling (CVE-ID: CVE-2024-56578)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mxc_jpeg_probe() function in drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c. A local user can perform a denial of service (DoS) attack.
692) Improper locking (CVE-ID: CVE-2025-21825)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the bpf_timer_cancel_and_free() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
693) Use-after-free (CVE-ID: CVE-2025-21703)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the net/sched/sch_netem.c. A local user can escalate privileges on the system.
694) Resource management error (CVE-ID: CVE-2025-21706)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mptcp_pm_nl_set_flags() function in net/mptcp/pm_netlink.c. A local user can perform a denial of service (DoS) attack.
695) Resource management error (CVE-ID: CVE-2025-21733)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the trace_sched_migrate_callback() and register_migration_monitor() functions in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.
696) Memory leak (CVE-ID: CVE-2025-21739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ufshcd_pltfrm_init() and ufshcd_pltfrm_remove() functions in drivers/ufs/host/ufshcd-pltfrm.c, within the ufshcd_pci_remove() and ufshcd_pci_probe() functions in drivers/ufs/host/ufshcd-pci.c, within the EXPORT_SYMBOL_GPL(), ufshcd_set_dma_mask() and ufshcd_alloc_host() functions in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
697) Use-after-free (CVE-ID: CVE-2025-21753)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fs/btrfs/transaction.c. A local user can escalate privileges on the system.
698) Reachable assertion (CVE-ID: CVE-2025-21754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the btrfs_split_ordered_extent() function in fs/btrfs/ordered-data.c. A local user can perform a denial of service (DoS) attack.
699) Use-after-free (CVE-ID: CVE-2025-21759)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mld_send_cr() and igmp6_send() functions in net/ipv6/mcast.c. A local user can escalate privileges on the system.
700) Use-after-free (CVE-ID: CVE-2025-21760)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_nd_hdr() and ndisc_send_skb() functions in net/ipv6/ndisc.c. A local user can escalate privileges on the system.
701) Use-after-free (CVE-ID: CVE-2025-21761)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ovs_vport_cmd_fill_info() function in net/openvswitch/datapath.c. A local user can escalate privileges on the system.
702) Use-after-free (CVE-ID: CVE-2025-21762)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the arp_xmit_finish() function in net/ipv4/arp.c. A local user can escalate privileges on the system.
703) Use-after-free (CVE-ID: CVE-2025-21763)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __neigh_notify() function in net/core/neighbour.c. A local user can escalate privileges on the system.
704) Input validation error (CVE-ID: CVE-2025-21765)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ip6_default_advmss() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
705) Input validation error (CVE-ID: CVE-2025-21766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the out: kfree_skb_reason() and __ip_rt_update_pmtu() functions in net/ipv4/route.c. A local user can perform a denial of service (DoS) attack.
706) Use-after-free (CVE-ID: CVE-2025-21791)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the include/net/l3mdev.h. A local user can escalate privileges on the system.
707) NULL pointer dereference (CVE-ID: CVE-2025-21844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fs/smb/client/smb2ops.c. A local user can perform a denial of service (DoS) attack.
708) Use-after-free (CVE-ID: CVE-2025-21693)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zswap_pool_create(), zswap_cpu_comp_prepare(), zswap_cpu_comp_dead(), zswap_compress() and zswap_decompress() functions in mm/zswap.c. A local user can escalate privileges on the system.
709) NULL pointer dereference (CVE-ID: CVE-2025-21848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfp_bpf_cmsg_alloc() function in drivers/net/ethernet/netronome/nfp/bpf/cmsg.c. A local user can perform a denial of service (DoS) attack.
710) Use-after-free (CVE-ID: CVE-2025-21856)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ism_dev_release(), ism_probe(), device_del() and ism_remove() functions in drivers/s390/net/ism_drv.c. A local user can escalate privileges on the system.
711) NULL pointer dereference (CVE-ID: CVE-2025-21857)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tcf_exts_miss_cookie_base_alloc() function in net/sched/cls_api.c. A local user can perform a denial of service (DoS) attack.
712) Resource management error (CVE-ID: CVE-2025-21861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the migrate_device_finalize() function in mm/migrate_device.c. A local user can perform a denial of service (DoS) attack.
713) Improper locking (CVE-ID: CVE-2025-21862)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the init_net_drop_monitor() and exit_net_drop_monitor() functions in net/core/drop_monitor.c. A local user can perform a denial of service (DoS) attack.
714) Memory leak (CVE-ID: CVE-2025-21864)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tcp_add_backlog() function in net/ipv4/tcp_ipv4.c, within the tcp_ofo_queue(), tcp_queue_rcv(), tcp_data_queue() and tcp_rcv_established() functions in net/ipv4/tcp_input.c, within the tcp_fastopen_add_skb() function in net/ipv4/tcp_fastopen.c. A local user can perform a denial of service (DoS) attack.
715) Improper error handling (CVE-ID: CVE-2025-21865)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the gtp_net_exit_batch_rtnl() function in drivers/net/gtp.c. A local user can perform a denial of service (DoS) attack.
716) NULL pointer dereference (CVE-ID: CVE-2025-21870)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sof_ipc4_widget_setup_comp_dai() and sof_ipc4_prepare_copier_module() functions in sound/soc/sof/ipc4-topology.c. A local user can perform a denial of service (DoS) attack.
717) Improper locking (CVE-ID: CVE-2025-21871)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the optee_supp_thrd_req() function in drivers/tee/optee/supp.c. A local user can perform a denial of service (DoS) attack.
718) Use-after-free (CVE-ID: CVE-2025-21883)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ice_initialize_vf_entry() function in drivers/net/ethernet/intel/ice/ice_vf_lib.c, within the ice_free_vf_entries() and ice_free_vfs() functions in drivers/net/ethernet/intel/ice/ice_sriov.c. A local user can escalate privileges on the system.
719) Resource management error (CVE-ID: CVE-2025-21890)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the idpf_rx_rsc() function in drivers/net/ethernet/intel/idpf/idpf_txrx.c. A local user can perform a denial of service (DoS) attack.
720) Use of uninitialized resource (CVE-ID: CVE-2025-21891)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ipvlan_addr_lookup() and ipvlan_process_v6_outbound() functions in drivers/net/ipvlan/ipvlan_core.c. A local user can perform a denial of service (DoS) attack.
721) Heap-based buffer overflow (CVE-ID: CVE-2025-31344)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the DumpScreen2RGB() function in gif2rgb.c. A remote attacker can pass specially crafted image file to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
722) Deadlock (CVE-ID: CVE-2025-1713)
The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking when handling legacy PCI devices pass-through. A malicious low-privileged guest can crash the entire host.
Successful exploitation of the vulnerability requires Intel IOMMU hardware (VT-d).
723) Improper locking (CVE-ID: CVE-2025-21701)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ethnl_ops_begin() function in net/ethtool/netlink.c. A local user can perform a denial of service (DoS) attack.
724) Input validation error (CVE-ID: CVE-2025-21659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the netdev_nl_napi_fill_one() and netdev_nl_napi_get_doit() functions in net/core/netdev-genl.c, within the dev_fill_forward_path() and napi_complete_done() functions in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
725) Permissions, privileges, and access controls (CVE-ID: CVE-2024-56337)
The vulnerability allows a remote attacker to compromise the affected system.
The mitigation bypass depends on the version of Java used on the system.
726) Input validation error (CVE-ID: CVE-2024-56638)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nft_inner_parse() and nft_inner_parse_needed() functions in net/netfilter/nft_inner.c. A local user can perform a denial of service (DoS) attack.
727) Input validation error (CVE-ID: CVE-2023-52927)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nft_ct_set_zone_eval() and nft_ct_tmpl_alloc_pcpu() functions in net/netfilter/nft_ct.c, within the EXPORT_SYMBOL_GPL() and nf_ct_find_expectation() functions in net/netfilter/nf_conntrack_expect.c, within the init_conntrack() function in net/netfilter/nf_conntrack_core.c. A local user can perform a denial of service (DoS) attack.
728) Improper locking (CVE-ID: CVE-2024-35910)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tcp_close() function in net/ipv4/tcp.c, within the inet_csk_clear_xmit_timers() function in net/ipv4/inet_connection_sock.c. A local user can perform a denial of service (DoS) attack.
729) Improper locking (CVE-ID: CVE-2024-41005)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the netpoll_owner_active() function in net/core/netpoll.c. A local user can perform a denial of service (DoS) attack.
730) Use-after-free (CVE-ID: CVE-2024-46782)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ila_xlat_init_net() and ila_xlat_exit_net() functions in net/ipv6/ila/ila_xlat.c, within the ila_pre_exit_net() and ila_exit_net() functions in net/ipv6/ila/ila_main.c. A local user can escalate privileges on the system.
731) Input validation error (CVE-ID: CVE-2024-47408)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the smc_find_ism_v2_device_serv() function in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.
732) Infinite loop (CVE-ID: CVE-2024-47794)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the bpf_attach_type_to_tramp(), __bpf_trampoline_link_prog(), __bpf_trampoline_unlink_prog(), bpf_shim_tramp_link_release() and bpf_trampoline_link_cgroup_shim() functions in kernel/bpf/trampoline.c, within the bpf_tracing_link_release() and bpf_tracing_prog_attach() functions in kernel/bpf/syscall.c, within the bpf_prog_alloc_no_stats() function in kernel/bpf/core.c, within the prog_fd_array_get_ptr() function in kernel/bpf/arraymap.c. A local user can perform a denial of service (DoS) attack.
733) Input validation error (CVE-ID: CVE-2024-49571)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the smc_clc_msg_prop_valid() function in net/smc/smc_clc.c, within the smc_listen_prfx_check() and smc_find_ism_v1_device_serv() functions in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.
734) NULL pointer dereference (CVE-ID: CVE-2024-49940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pppol2tp_session_setsockopt() function in net/l2tp/l2tp_ppp.c, within the l2tp_nl_cmd_session_modify() function in net/l2tp/l2tp_netlink.c, within the l2tp_v3_session_get(), l2tp_session_register(), l2tp_recv_common(), EXPORT_SYMBOL_GPL(), l2tp_session_set_header_len() and l2tp_session_create() functions in net/l2tp/l2tp_core.c. A local user can perform a denial of service (DoS) attack.
735) Input validation error (CVE-ID: CVE-2024-50056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the find_format_by_pix(), uvc_v4l2_try_format() and uvc_v4l2_enum_format() functions in drivers/usb/gadget/function/uvc_v4l2.c. A local user can perform a denial of service (DoS) attack.
736) Improper locking (CVE-ID: CVE-2024-50140)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the task_work_add() function in kernel/task_work.c, within the task_tick_mm_cid() function in kernel/sched/core.c. A local user can perform a denial of service (DoS) attack.
737) Use-after-free (CVE-ID: CVE-2024-53057)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qdisc_tree_reduce_backlog() function in net/sched/sch_api.c. A local user can escalate privileges on the system.
738) Double free (CVE-ID: CVE-2024-53140)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the netlink_skb_set_owner_r(), netlink_sock_destruct(), deferred_put_nlk_sk() and netlink_release() functions in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
739) NULL pointer dereference (CVE-ID: CVE-2024-53680)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ip_vs_protocol_net_cleanup() and ip_vs_protocol_init() functions in net/netfilter/ipvs/ip_vs_proto.c. A local user can perform a denial of service (DoS) attack.
740) Improper locking (CVE-ID: CVE-2024-54683)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the idletimer_tg_destroy() and idletimer_tg_destroy_v1() functions in net/netfilter/xt_IDLETIMER.c. A local user can perform a denial of service (DoS) attack.
741) Use-after-free (CVE-ID: CVE-2024-56640)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smc_listen_out() and smc_listen_work() functions in net/smc/af_smc.c. A local user can escalate privileges on the system.
742) NULL pointer dereference (CVE-ID: CVE-2025-21635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ATOMIC_INIT(), sizeof(), rds_tcp_sysctl_reset() and rds_tcp_skbuf_handler() functions in net/rds/tcp.c. A local user can perform a denial of service (DoS) attack.
743) Memory leak (CVE-ID: CVE-2024-57947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_pipapo_avx2_lookup_slow() function in net/netfilter/nft_set_pipapo_avx2.c, within the nft_pipapo_lookup() and pipapo_get() functions in net/netfilter/nft_set_pipapo.c. A local user can perform a denial of service (DoS) attack.
744) Use-after-free (CVE-ID: CVE-2024-58083)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the include/linux/kvm_host.h. A local user can escalate privileges on the system.
745) NULL pointer dereference (CVE-ID: CVE-2024-58019)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the r535_gsp_msgq_wait() function in drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c. A local user can perform a denial of service (DoS) attack.
746) NULL pointer dereference (CVE-ID: CVE-2024-58012)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sdw_params_stream() function in sound/soc/sof/intel/hda.c, within the sdw_hda_dai_hw_params() function in sound/soc/sof/intel/hda-dai.c. A local user can perform a denial of service (DoS) attack.
747) Out-of-bounds read (CVE-ID: CVE-2024-57996)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sfq_change() function in net/sched/sch_sfq.c. A local user can perform a denial of service (DoS) attack.
748) Use-after-free (CVE-ID: CVE-2024-57979)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ptp_ocp_complete() function in drivers/ptp/ptp_ocp.c, within the DEFINE_MUTEX(), pps_cdev_pps_fetch(), pps_cdev_ioctl(), pps_cdev_compat_ioctl(), pps_device_destruct(), pps_register_cdev(), pps_unregister_cdev(), EXPORT_SYMBOL() and pps_init() functions in drivers/pps/pps.c, within the pps_kc_bind() and pps_kc_remove() functions in drivers/pps/kc.c, within the pps_add_offset(), pps_register_source() and pps_event() functions in drivers/pps/kapi.c, within the parport_irq() function in drivers/pps/clients/pps_parport.c, within the pps_tty_dcd_change(), pps_tty_open() and pps_tty_close() functions in drivers/pps/clients/pps-ldisc.c, within the pps_ktimer_exit() and pps_ktimer_init() functions in drivers/pps/clients/pps-ktimer.c, within the pps_gpio_probe() function in drivers/pps/clients/pps-gpio.c. A local user can escalate privileges on the system.
749) Improper locking (CVE-ID: CVE-2024-57974)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the compute_score() and __udp6_lib_lookup() functions in net/ipv6/udp.c, within the udp_ehashfn() and __udp4_lib_lookup() functions in net/ipv4/udp.c. A local user can perform a denial of service (DoS) attack.
750) Use-after-free (CVE-ID: CVE-2024-57900)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the DEFINE_MUTEX() and ila_add_mapping() functions in net/ipv6/ila/ila_xlat.c. A local user can escalate privileges on the system.
751) NULL pointer dereference (CVE-ID: CVE-2024-56702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the SEC() function in tools/testing/selftests/bpf/progs/test_tp_btf_nullable.c, within the reg_btf_record(), check_ptr_to_btf_access(), check_mem_access(), check_func_arg(), btf_check_func_arg_match(), check_kfunc_args(), sanitize_check_bounds(), adjust_ptr_min_max_vals() and convert_ctx_accesses() functions in kernel/bpf/verifier.c, within the btf_ctx_access() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
752) Resource management error (CVE-ID: CVE-2024-56770)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tfifo_reset(), tfifo_enqueue(), netem_enqueue() and netem_dequeue() functions in net/sched/sch_netem.c. A local user can perform a denial of service (DoS) attack.
753) NULL pointer dereference (CVE-ID: CVE-2024-56758)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the relocate_one_folio() function in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.
754) Improper locking (CVE-ID: CVE-2024-56751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ip6_dst_ifdown(), DEFINE_SPINLOCK() and rt6_remove_exception() functions in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
755) Use-after-free (CVE-ID: CVE-2024-56719)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the stmmac_tso_xmit() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can escalate privileges on the system.
756) Double free (CVE-ID: CVE-2024-56718)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the smcr_link_down_cond_sched() and smc_link_down_work() functions in net/smc/smc_core.c. A local user can perform a denial of service (DoS) attack.
757) Improper locking (CVE-ID: CVE-2024-56703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the |() function in tools/testing/selftests/net/ipv6_route_update_soft_lockup.sh, within the fib6_select_path(), ip6_route_mpath_notify(), rt6_nlmsg_size(), rt6_fill_node() and inet6_rt_notify() functions in net/ipv6/route.c, within the fib6_del_route() function in net/ipv6/ip6_fib.c. A local user can perform a denial of service (DoS) attack.
758) Heap-based buffer overflow (CVE-ID: CVE-2025-31115)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the lzma_stream_decoder_mt() function. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
759) Out-of-bounds read (CVE-ID: CVE-2023-40403)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in libxslt. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.
760) Incorrect calculation (CVE-ID: CVE-2025-21687)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the vfio_platform_read_mmio() and vfio_platform_write_mmio() functions in drivers/vfio/platform/vfio_platform_common.c. A local user can perform a denial of service (DoS) attack.
761) Input validation error (CVE-ID: CVE-2024-56720)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sk_msg_shift_left() and BPF_CALL_4() functions in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
762) Out-of-bounds read (CVE-ID: CVE-2024-53147)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the exfat_find() function in fs/exfat/namei.c. A local user can perform a denial of service (DoS) attack.
763) Use-after-free (CVE-ID: CVE-2024-53173)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfs4_open_release() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
764) Improper locking (CVE-ID: CVE-2024-53176)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cifs_dentry_needs_reval() function in fs/smb/client/inode.c, within the init_cifs() and cifs_destroy_netfs() functions in fs/smb/client/cifsfs.c, within the free_cached_dir(), close_all_cached_dirs(), invalidate_all_cached_dirs(), cached_dir_lease_break(), init_cached_dir(), cfids_laundromat_worker(), init_cached_dirs() and free_cached_dirs() functions in fs/smb/client/cached_dir.c. A local user can perform a denial of service (DoS) attack.
765) Use-after-free (CVE-ID: CVE-2024-53177)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the SMB2_query_info_free(), invalidate_all_cached_dirs(), smb2_cached_lease_break(), cached_dir_lease_break() and cfids_laundromat_worker() functions in fs/smb/client/cached_dir.c. A local user can escalate privileges on the system.
766) Memory leak (CVE-ID: CVE-2024-53178)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the find_or_create_cached_dir() and smb2_set_related() functions in fs/smb/client/cached_dir.c. A local user can perform a denial of service (DoS) attack.
767) NULL pointer dereference (CVE-ID: CVE-2024-53226)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hns_roce_set_page() and hns_roce_map_mr_sg() functions in drivers/infiniband/hw/hns/hns_roce_mr.c. A local user can perform a denial of service (DoS) attack.
768) Use-after-free (CVE-ID: CVE-2024-53239)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the usb6fire_chip_abort(), usb6fire_chip_destroy(), usb6fire_chip_probe() and usb6fire_chip_disconnect() functions in sound/usb/6fire/chip.c. A local user can escalate privileges on the system.
769) Buffer overflow (CVE-ID: CVE-2024-56539)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/net/wireless/marvell/mwifiex/fw.h. A local user can perform a denial of service (DoS) attack.
770) Use-after-free (CVE-ID: CVE-2024-56548)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hfsplus_read_wrapper() function in fs/hfsplus/wrapper.c. A local user can escalate privileges on the system.
771) NULL pointer dereference (CVE-ID: CVE-2024-56568)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arm_smmu_probe_device() function in drivers/iommu/arm/arm-smmu/arm-smmu.c. A local user can perform a denial of service (DoS) attack.
772) Improper error handling (CVE-ID: CVE-2024-56579)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the vpu_add_func() function in drivers/media/platform/amphion/vpu_v4l2.c. A local user can perform a denial of service (DoS) attack.
773) Use-after-free (CVE-ID: CVE-2024-56605)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_sock_alloc() function in net/bluetooth/l2cap_sock.c. A local user can escalate privileges on the system.
774) Use-after-free (CVE-ID: CVE-2024-56633)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sock_put() function in net/ipv4/tcp_bpf.c. A local user can escalate privileges on the system.
775) Input validation error (CVE-ID: CVE-2024-56647)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the icmp_route_lookup() function in net/ipv4/icmp.c. A local user can perform a denial of service (DoS) attack.
776) Improper locking (CVE-ID: CVE-2024-57889)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ARRAY_SIZE(), mcp_pinconf_get() and mcp_pinconf_set() functions in drivers/pinctrl/pinctrl-mcp23s08.c. A local user can perform a denial of service (DoS) attack.
777) Improper locking (CVE-ID: CVE-2024-50294)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rxrpc_connect_client_calls() and rxrpc_disconnect_client_call() functions in net/rxrpc/conn_client.c. A local user can perform a denial of service (DoS) attack.
778) Infinite loop (CVE-ID: CVE-2025-21665)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the folio_seek_hole_data() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.
779) Improper locking (CVE-ID: CVE-2025-21684)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DECLARE_BITMAP(), xgpio_set(), xgpio_set_multiple(), xgpio_dir_in(), xgpio_dir_out(), xgpio_irq_mask(), xgpio_irq_unmask(), xgpio_irqhandler() and xgpio_probe() functions in drivers/gpio/gpio-xilinx.c. A local user can perform a denial of service (DoS) attack.
780) Improper locking (CVE-ID: CVE-2025-21681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the do_output() function in net/openvswitch/actions.c. A local user can perform a denial of service (DoS) attack.
781) Out-of-bounds read (CVE-ID: CVE-2025-21680)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_imix_entries() function in net/core/pktgen.c. A local user can perform a denial of service (DoS) attack.
782) Double free (CVE-ID: CVE-2025-21673)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the clean_demultiplex_info() and cifs_put_tcp_session() functions in fs/smb/client/connect.c. A local user can perform a denial of service (DoS) attack.
783) Out-of-bounds read (CVE-ID: CVE-2025-21668)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the imx8mp_blk_ctrl_remove() function in drivers/pmdomain/imx/imx8mp-blk-ctrl.c. A local user can perform a denial of service (DoS) attack.
784) Infinite loop (CVE-ID: CVE-2025-21667)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the iomap_write_delalloc_scan() function in fs/iomap/buffered-io.c. A local user can perform a denial of service (DoS) attack.
785) Out-of-bounds read (CVE-ID: CVE-2025-21647)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cake_ddst(), cake_enqueue() and cake_dequeue() functions in net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.
786) Improper error handling (CVE-ID: CVE-2024-57948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ieee802154_if_remove() function in net/mac802154/iface.c. A local user can perform a denial of service (DoS) attack.
787) NULL pointer dereference (CVE-ID: CVE-2025-21640)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the proc_sctp_do_hmac_alg() function in net/sctp/sysctl.c. A local user can perform a denial of service (DoS) attack.
788) NULL pointer dereference (CVE-ID: CVE-2025-21639)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the proc_sctp_do_hmac_alg() and proc_sctp_do_rto_min() functions in net/sctp/sysctl.c. A local user can perform a denial of service (DoS) attack.
789) NULL pointer dereference (CVE-ID: CVE-2025-21638)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the proc_sctp_do_alpha_beta() function in net/sctp/sysctl.c. A local user can perform a denial of service (DoS) attack.
790) NULL pointer dereference (CVE-ID: CVE-2025-21637)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the proc_sctp_do_auth() function in net/sctp/sysctl.c. A local user can perform a denial of service (DoS) attack.
791) NULL pointer dereference (CVE-ID: CVE-2025-21636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the proc_sctp_do_udp_port() function in net/sctp/sysctl.c. A local user can perform a denial of service (DoS) attack.
792) Improper locking (CVE-ID: CVE-2024-57994)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pfifo_fast_change_tx_queue_len() function in net/sched/sch_generic.c, within the tun_queue_resize() function in drivers/net/tun.c, within the tap_queue_resize() function in drivers/net/tap.c. A local user can perform a denial of service (DoS) attack.
793) Division by zero (CVE-ID: CVE-2024-53123)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the mptcp_recvmsg() and pr_debug() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
794) Reachable assertion (CVE-ID: CVE-2024-50185)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the skb_is_fully_mapped() function in net/mptcp/subflow.c, within the mptcp_check_data_fin() and __mptcp_move_skbs_from_subflow() functions in net/mptcp/protocol.c, within the SNMP_MIB_ITEM() function in net/mptcp/mib.c. A local user can perform a denial of service (DoS) attack.
795) Use-after-free (CVE-ID: CVE-2024-55549)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in xsltGetInheritedNsList. A remote attacker can pass specially crafted input to the application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
796) Memory leak (CVE-ID: CVE-2023-52924)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_rbtree_walk() function in net/netfilter/nft_set_rbtree.c, within the nft_rhash_walk() function in net/netfilter/nft_set_hash.c, within the nf_tables_dump_setelem() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
797) Use-after-free (CVE-ID: CVE-2025-24855)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in numbers.c when handling nested XPath evaluations. A remote attacker can pass specially crafted XML input to the application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
798) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2024-2365)
The vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to software uses a weak SHA-1 Message_Digest algorithm within the IsValidPin() function in io\fabric\sdk\android\services\network\PinningTrustManager.java. An attacker with physical access to the system can bypass SSL pinning protection and intercept traffic sent by the application.
799) Incorrect Resource Transfer Between Spheres (CVE-ID: CVE-2024-29018)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application within external DNS requests from "internal" networks. A remote attacker can gain unauthorized access to sensitive information on the system.
800) Incorrect authorization (CVE-ID: CVE-2024-41110)
The vulnerability allows a remote attacker to bypass authorization checks.
The vulnerability exists due to AuthZ zero length regression. A remote user can bypass authentication and gain elevated privileges.
801) Resource exhaustion (CVE-ID: CVE-2025-22868)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the jws package does not properly control consumption of internal resources when handling malformed tokens. A remote attacker can pass a malformed JWT token to the application, trigger resource exhaustion and perform a denial of service (DoS) attack.
802) Resource exhaustion (CVE-ID: CVE-2025-22869)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources within the ssh package when handling clients that complete the key exchange slowly, or not at all. A remote user can trigger resource exhaustion and perform a denial of service (DoS) attack.
803) Input validation error (CVE-ID: CVE-2024-11168)
The vulnerability allows a remote attacker to bypass security restrictions.
The vulnerability exists due to insufficient validation of bracketed hosts (e.g. []) within the urllib.parse.urlsplit() and urlparse() functions allowing hosts that weren't IPv6 or IPvFuture. A remote attacker can pass specially crafted IP address to the application to bypass implemented IP-based security checks or perform SSRF attacks.
804) Input validation error (CVE-ID: CVE-2025-22870)
The vulnerability allows a remote attacker to alter application's behavior.
The vulnerability exists due to insufficient validation of an IPv6 zone ID as a hostname component, when matching hosts against proxy patterns. For instance the NO_PROXY environment variable is set to "*.example.com", a request to
"[::1%25.example.com]:80` will incorrectly match and not be proxied. A remote attacker can alter application behavior and potentially gain access to sensitive information or functionality.
805) Input validation error (CVE-ID: CVE-2025-27516)
The vulnerability allows a local user to compromise the target system.
The vulnerability exists due to sandbox breakout through attr filter selecting format method. A local user can execute arbitrary code on the system.
806) Out-of-bounds write (CVE-ID: CVE-2025-27363)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can pass a specially crafted font to the application that is using an affected version of the library, trigger an out-of-bounds write and execute arbitrary code on the target system.
807) NULL pointer dereference (CVE-ID: CVE-2025-1632)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in bsdunzip.c. A remote attacker can pass specially crafted archive to the application and perform a denial of service (DoS) attack.
808) Buffer overflow (CVE-ID: CVE-2025-25724)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing .tar files within the list_item_verbose() function in tar/util.c. A remote attacker can create a specially crafted archive, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
809) Input validation error (CVE-ID: CVE-2025-1795)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to insufficient validation of user-supplied input in Lib/email/_header_value_parser.py. A remote attacker can pass specially crafted input to the application and manipulate headers in an email message.
810) Uncontrolled memory allocation (CVE-ID: CVE-2025-26618)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper handling of SFTP packets. A remote attacker can send multiple SFTP packets to the application and consume large amount of memory, resulting in a denial of service.
811) Resource management error (CVE-ID: CVE-2023-52925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nft_pipapo_get(), nft_pipapo_activate() and nft_pipapo_remove() functions in net/netfilter/nft_set_pipapo.c. A local user can perform a denial of service (DoS) attack.
812) Input validation error (CVE-ID: CVE-2024-50142)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the verify_newsa_info() function in net/xfrm/xfrm_user.c. A local user can perform a denial of service (DoS) attack.
813) Use-after-free (CVE-ID: CVE-2024-49884)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_split_extent_at() and ext4_ext_dirty() functions in fs/ext4/extents.c. A local user can escalate privileges on the system.
814) Out-of-bounds read (CVE-ID: CVE-2024-50115)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nested_svm_get_tdp_pdptr() function in arch/x86/kvm/svm/nested.c. A local user can perform a denial of service (DoS) attack.
815) Use-after-free (CVE-ID: CVE-2024-50085)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mptcp_pm_nl_rm_addr_or_subflow() function in net/mptcp/pm_netlink.c. A local user can escalate privileges on the system.
816) Use-after-free (CVE-ID: CVE-2024-50073)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gsm_cleanup_mux() function in drivers/tty/n_gsm.c. A local user can escalate privileges on the system.
817) Incorrect calculation (CVE-ID: CVE-2024-50036)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the dst_destroy() and dst_dev_put() functions in net/core/dst.c. A local user can perform a denial of service (DoS) attack.
818) Double free (CVE-ID: CVE-2024-50029)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the hci_enhanced_setup_sync() function in net/bluetooth/hci_conn.c. A local user can perform a denial of service (DoS) attack.
819) Use-after-free (CVE-ID: CVE-2024-49950)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_connect_req() function in net/bluetooth/l2cap_core.c, within the hci_remote_features_evt() function in net/bluetooth/hci_event.c, within the hci_acldata_packet() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
820) Use-after-free (CVE-ID: CVE-2024-47701)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_find_inline_entry() function in fs/ext4/inline.c. A local user can escalate privileges on the system.
821) Race condition (CVE-ID: CVE-2024-26708)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the subflow_simultaneous_connect() function in net/mptcp/protocol.h. A local user can perform a denial of service (DoS) attack.
822) Resource management error (CVE-ID: CVE-2024-45010)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mptcp_pm_nl_rm_addr_or_subflow(), mptcp_pm_remove_anno_addr(), mptcp_nl_remove_subflow_and_signal_addr(), mptcp_nl_remove_id_zero_address() and mptcp_pm_nl_fullmesh() functions in net/mptcp/pm_netlink.c. A local user can perform a denial of service (DoS) attack.
823) Resource management error (CVE-ID: CVE-2024-45009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mptcp_pm_nl_rm_addr_or_subflow() function in net/mptcp/pm_netlink.c. A local user can perform a denial of service (DoS) attack.
824) Use-after-free (CVE-ID: CVE-2024-44974)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lookup_subflow_by_daddr(), select_local_address(), select_signal_address(), __lookup_addr() and mptcp_pm_create_subflow_or_signal_addr() functions in net/mptcp/pm_netlink.c. A local user can escalate privileges on the system.
825) NULL pointer dereference (CVE-ID: CVE-2024-41055)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/mmzone.h. A local user can perform a denial of service (DoS) attack.
826) Improper locking (CVE-ID: CVE-2024-40980)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reset_per_cpu_data(), trace_drop_common(), net_dm_hw_reset_per_cpu_data(), net_dm_hw_summary_probe() and __net_dm_cpu_data_init() functions in net/core/drop_monitor.c. A local user can perform a denial of service (DoS) attack.
827) Improper locking (CVE-ID: CVE-2024-26810)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vfio_send_intx_eventfd(), vfio_pci_intx_mask(), vfio_pci_intx_unmask_handler(), vfio_pci_set_intx_unmask() and vfio_pci_set_intx_mask() functions in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
828) NULL pointer dereference (CVE-ID: CVE-2024-56577)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_jpegdec_hw_init_irq() and mtk_jpegdec_hw_probe() functions in drivers/media/platform/mediatek/jpeg/mtk_jpeg_dec_hw.c, within the mtk_jpeg_single_core_init() and mtk_jpeg_probe() functions in drivers/media/platform/mediatek/jpeg/mtk_jpeg_core.c. A local user can perform a denial of service (DoS) attack.
829) Use-after-free (CVE-ID: CVE-2024-56584)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the io_init_wq_offload() function in io_uring/tctx.c. A local user can escalate privileges on the system.
830) Improper locking (CVE-ID: CVE-2024-53190)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the efuse_write_1byte() and read_efuse_byte() functions in drivers/net/wireless/realtek/rtlwifi/efuse.c. A local user can perform a denial of service (DoS) attack.
831) Resource exhaustion (CVE-ID: CVE-2023-44487)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improperly control of consumption for internal resources when handling HTTP/2 requests with compressed HEADERS frames. A remote attacker can send a sequence of compressed HEADERS frames followed by RST_STREAM frames and perform a denial of service (DoS) attack, a.k.a. "Rapid Reset".
Note, the vulnerability is being actively exploited in the wild.
832) NULL pointer dereference (CVE-ID: CVE-2025-21675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_lag_port_sel_create() and mlx5_destroy_ttc_table() functions in drivers/net/ethernet/mellanox/mlx5/core/lag/port_sel.c. A local user can perform a denial of service (DoS) attack.
833) Use-after-free (CVE-ID: CVE-2025-21676)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fec_enet_tx() and fec_enet_rx_queue() functions in drivers/net/ethernet/freescale/fec_main.c. A local user can escalate privileges on the system.
834) Improper locking (CVE-ID: CVE-2025-21678)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gtp_newlink() and gtp_net_exit_batch_rtnl() functions in drivers/net/gtp.c. A local user can perform a denial of service (DoS) attack.
835) NULL pointer dereference (CVE-ID: CVE-2025-21682)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bnxt_xdp_set() function in drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c, within the bnxt_set_ring_params(), bnxt_set_rx_skb_mode() and bnxt_init_one() functions in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can perform a denial of service (DoS) attack.
836) Information disclosure (CVE-ID: CVE-2021-31879)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the application does not omit the Authorization header upon a redirect to a different origin. A remote attacker can gain access to credentials for another domain.
837) Resource exhaustion (CVE-ID: CVE-2023-45288)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single HTTP/2 stream. A remote attacker can send specially crafted HTTP/2 requests to the server and perform a denial of service (DoS) attack.838) Inclusion of Sensitive Information in Log Files (CVE-ID: CVE-2024-6104)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to software stores sensitive information into log files. A local user can read the log files and gain access to sensitive data obtain from HTTP requests.
839) Out-of-bounds write (CVE-ID: CVE-2025-24528)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when calculating ulog block size in kadmind. A remote user can trigger an out-of-bounds write and perform a denial of service (DoS) attack.
840) Information disclosure (CVE-ID: CVE-2025-0167)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to application can leak credentials when asked to use a .netrc file for credentials and to follow HTTP redirects. A remote attacker can gain access to sensitive information.
841) Integer overflow (CVE-ID: CVE-2025-0725)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow when handling gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING option using zlib 1.2.0.3 or older. A remote attacker can send specially crafted response to the application, trigger an integer overflow and execute arbitrary code on the target system.
842) Resource exhaustion (CVE-ID: CVE-2024-11187)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when handling DNS zones with numerous records in the Additional section. A remote attacker can trigger resource exhaustion by sending multiple queries to he affected server and perform a denial of service (DoS) attack.
843) Resource management error (CVE-ID: CVE-2024-12705)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the application within the DNS-over-HTTPS feature. A remote attacker can send multiple HTTP/2 requests to the server and perform a denial of service (DoS) attack. The vulnerability affects both authoritative servers and resolvers.
844) Use-after-free (CVE-ID: CVE-2022-49043)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the xmlXIncludeAddNode() function in xinclude.c. A remote attacker can pass specially crafted XML input to the application, trigger a use-after-free error and crash the application or potentially execute arbitrary code.
845) Improper input validation (CVE-ID: CVE-2025-21502)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
846) Out-of-bounds read (CVE-ID: CVE-2024-7347)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the ngx_http_mp4_module when reading mp4 files. A remote attacker can pass a specially crafted file to the web server, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.
Successful exploitation of the vulnerability requires that the server is built with the ngx_http_mp4_module and the "mp4" directive is used in the configuration file.
847) NULL pointer dereference (CVE-ID: CVE-2025-21670)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vsock_bpf_recvmsg() function in net/vmw_vsock/vsock_bpf.c. A local user can perform a denial of service (DoS) attack.
848) Use of insufficiently random values (CVE-ID: CVE-2025-22150)
The vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to the application uses "Math.random()" from the fetch() function to choose the boundary for a "multipart/form-data" request. A remote attacker with ability to intercept traffic can tamper with the requests going to the backend APIs.
849) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2025-23083)
The vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions when handling diagnostics data with diagnostics_channel utility. A remote user can hook the utility to internal workers and gain access to sensitive information.
850) Memory leak (CVE-ID: CVE-2025-23085)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak when a remote peer abruptly closes the socket without sending a GOAWAY notification. A remote attacker can force the application to leak memory and perform denial of service attack.
851) Use-after-free (CVE-ID: CVE-2024-46981)
The vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling Lua script commands. A remote user can pass a specially crafted Lua script to the application and execute arbitrary code on the system..
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
852) Input validation error (CVE-ID: CVE-2024-51741)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when handling ACL selectors. A remote user can create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service.
853) Heap-based buffer overflow (CVE-ID: CVE-2024-12084)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when handling checksum lengths (s2length). A remote attacker can send specially crafted packets to the daemon, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
854) Use of Uninitialized Variable (CVE-ID: CVE-2024-12085)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to information leak when comparing file checksums. A remote attacker can pass specially crafted data to the daemon and read 1 byte of uninitialized memory from stack.
855) Information disclosure (CVE-ID: CVE-2024-12086)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application when handling checksums. A remote attacker can trick the victim into connecting to an attacker-controlled server and enumerate contents of arbitrary files on the client's machine, basically allowing a rouge server to read contents byte-by-byte of any file on the client's system.
This issue occurs when files are being copied from a client to a server.
856) Path traversal (CVE-ID: CVE-2024-12087)
The vulnerability allows a remote server to write files to arbitrary locations on the system.
The vulnerability exists due to input validation error when using "--inc-recursive" option. A remote attacker can can trick the victim into connecting to a rouge rsync server and write arbitrary files to arbitrary locations on the client system.
857) Path traversal (CVE-ID: CVE-2024-12088)
The vulnerability allows a remote server to write files to arbitrary locations on the system.
858) Race condition (CVE-ID: CVE-2024-12747)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a race condition when handling symbolic links. A local user can replace a file with a symbolic link, bypass implemented protection in rsync that prevents software from following symbolic links and read contents of arbitrary files on the system with elevated privileges.
859) Resource management error (CVE-ID: CVE-2024-26924)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nft_pipapo_remove() function in net/netfilter/nft_set_pipapo.c. A local user can perform a denial of service (DoS) attack.
860) Improper locking (CVE-ID: CVE-2024-27397)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __nft_rbtree_insert(), nft_rbtree_deactivate() and nft_rbtree_gc() functions in net/netfilter/nft_set_rbtree.c, within the pipapo_get(), nft_pipapo_get(), nft_pipapo_insert(), pipapo_gc() and pipapo_deactivate() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_key(), nft_rhash_cmp(), nft_rhash_lookup(), nft_rhash_get(), nft_rhash_update(), nft_rhash_insert() and nft_rhash_deactivate() functions in net/netfilter/nft_set_hash.c, within the nft_trans_gc_catchall_sync() and nf_tables_valid_genid() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
861) Improper locking (CVE-ID: CVE-2024-35839)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nf_reject6_fill_skb_dst() and nf_send_reset6() functions in net/ipv6/netfilter/nf_reject_ipv6.c, within the nf_reject_fill_skb_dst() and nf_send_reset() functions in net/ipv4/netfilter/nf_reject_ipv4.c, within the br_nf_pre_routing_finish_ipv6() function in net/bridge/br_netfilter_ipv6.c, within the br_nf_pre_routing_finish_bridge(), br_nf_ipv4_daddr_was_changed(), bridge_parent_rtable(), skb_dst_set_noref(), setup_pre_routing(), br_nf_forward_finish(), ip_sabotage_in() and br_nf_pre_routing_finish_bridge_slow() functions in net/bridge/br_netfilter_hooks.c. A local user can perform a denial of service (DoS) attack.
862) Improper locking (CVE-ID: CVE-2025-21674)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_xfrm_add_state() and mlx5e_xfrm_del_state() functions in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c. A local user can perform a denial of service (DoS) attack.
863) NULL pointer dereference (CVE-ID: CVE-2025-21669)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the virtio_transport_recv_pkt() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.
864) Out-of-bounds read (CVE-ID: CVE-2024-36915)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nfc_llcp_setsockopt() function in net/nfc/llcp_sock.c. A local user can perform a denial of service (DoS) attack.
865) Buffer overflow (CVE-ID: CVE-2024-57936)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/infiniband/hw/bnxt_re/qplib_fp.h. A local user can perform a denial of service (DoS) attack.
866) Memory leak (CVE-ID: CVE-2024-57910)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vcnl4035_trigger_consumer_handler() function in drivers/iio/light/vcnl4035.c. A local user can perform a denial of service (DoS) attack.
867) Memory leak (CVE-ID: CVE-2024-57911)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iio_simple_dummy_trigger_h() function in drivers/iio/dummy/iio_simple_dummy_buffer.c. A local user can perform a denial of service (DoS) attack.
868) Memory leak (CVE-ID: CVE-2024-57912)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the zpa2326_fill_sample_buffer() function in drivers/iio/pressure/zpa2326.c. A local user can perform a denial of service (DoS) attack.
869) Resource management error (CVE-ID: CVE-2024-57913)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the functionfs_bind() function in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.
870) NULL pointer dereference (CVE-ID: CVE-2024-57915)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gserial_disconnect() function in drivers/usb/gadget/function/u_serial.c. A local user can perform a denial of service (DoS) attack.
871) Resource management error (CVE-ID: CVE-2024-57916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pci1xxxx_gpio_irq_handler() function in drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gpio.c. A local user can perform a denial of service (DoS) attack.
872) Input validation error (CVE-ID: CVE-2024-57917)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to an unspecified issue in drivers/base/topology.c. A local user can gain access to sensitive information.
873) Reachable assertion (CVE-ID: CVE-2024-57922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the drivers/gpu/drm/amd/display/dc/dml/dml_inline_defs.h. A local user can perform a denial of service (DoS) attack.
874) Use-after-free (CVE-ID: CVE-2024-57926)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drm_dev_put() function in drivers/gpu/drm/mediatek/mtk_drm_drv.c. A local user can escalate privileges on the system.
875) NULL pointer dereference (CVE-ID: CVE-2024-57929)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the load_ablock() function in drivers/md/persistent-data/dm-array.c. A local user can perform a denial of service (DoS) attack.
876) Improper privilege management (CVE-ID: CVE-2024-57931)
The vulnerability allows a local user to read and manipulate data.
The vulnerability exists due to improperly imposed permissions within the services_compute_xperms_decision() function in security/selinux/ss/services.c. A local user can read and manipulate data.
877) NULL pointer dereference (CVE-ID: CVE-2024-57932)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gve_xdp_xmit() function in drivers/net/ethernet/google/gve/gve_tx.c, within the gve_turndown() function in drivers/net/ethernet/google/gve/gve_main.c. A local user can perform a denial of service (DoS) attack.
878) NULL pointer dereference (CVE-ID: CVE-2024-57933)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gve_xsk_pool_enable(), gve_xsk_pool_disable() and gve_xsk_wakeup() functions in drivers/net/ethernet/google/gve/gve_main.c. A local user can perform a denial of service (DoS) attack.
879) Input validation error (CVE-ID: CVE-2024-57935)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the put_dip_ctx_idx() function in drivers/infiniband/hw/hns/hns_roce_hw_v2.c. A local user can perform a denial of service (DoS) attack.
880) Integer overflow (CVE-ID: CVE-2024-57938)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the sctp_association_init() function in net/sctp/associola.c. A local user can execute arbitrary code.
881) NULL pointer dereference (CVE-ID: CVE-2025-21666)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() and vsock_connectible_has_data() functions in net/vmw_vsock/af_vsock.c. A local user can perform a denial of service (DoS) attack.
882) Use-after-free (CVE-ID: CVE-2025-21652)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the default_operstate() function in net/core/link_watch.c. A local user can escalate privileges on the system.
883) Out-of-bounds read (CVE-ID: CVE-2025-21664)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_first_thin() function in drivers/md/dm-thin.c. A local user can perform a denial of service (DoS) attack.
884) Improper locking (CVE-ID: CVE-2025-21663)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the MAC_SBD_INTR BIT(), tegra_mgbe_resume() and tegra_mgbe_probe() functions in drivers/net/ethernet/stmicro/stmmac/dwmac-tegra.c. A local user can perform a denial of service (DoS) attack.
885) Improper locking (CVE-ID: CVE-2025-21662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cmd_work_handler() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.
886) Use of uninitialized resource (CVE-ID: CVE-2025-21656)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the drivetemp_scsi_command() function in drivers/hwmon/drivetemp.c. A local user can perform a denial of service (DoS) attack.
887) Incorrect calculation (CVE-ID: CVE-2025-21655)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the io_queue_deferred() and io_eventfd_ops() functions in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
888) Out-of-bounds read (CVE-ID: CVE-2025-21653)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the NLA_POLICY_MAX() function in net/sched/cls_flow.c. A local user can perform a denial of service (DoS) attack.
889) Resource management error (CVE-ID: CVE-2025-21651)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the hclge_misc_irq_init(), hclge_init_ae_dev() and hclge_uninit_ae_dev() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.
890) Infinite loop (CVE-ID: CVE-2024-57940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the exfat_readdir() function in fs/exfat/dir.c. A local user can perform a denial of service (DoS) attack.
891) Out-of-bounds read (CVE-ID: CVE-2025-21650)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hclgevf_get_regs_len() and hclgevf_get_regs() functions in drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_regs.c, within the hclge_fetch_pf_reg() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_regs.c. A local user can perform a denial of service (DoS) attack.
892) NULL pointer dereference (CVE-ID: CVE-2025-21649)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hclge_ptp_set_tx_info() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c. A local user can perform a denial of service (DoS) attack.
893) Resource management error (CVE-ID: CVE-2025-21646)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the afs_deliver_yfsvl_get_cell_name() function in fs/afs/vlclient.c, within the afs_vl_get_cell_name() and yfs_check_canonical_cell_name() functions in fs/afs/vl_alias.c. A local user can perform a denial of service (DoS) attack.
894) Resource management error (CVE-ID: CVE-2025-21645)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amd_pmc_suspend_handler() function in drivers/platform/x86/amd/pmc/pmc.c. A local user can perform a denial of service (DoS) attack.
895) Memory leak (CVE-ID: CVE-2025-21632)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ssp_get() function in arch/x86/kernel/fpu/regset.c. A local user can perform a denial of service (DoS) attack.
896) Improper locking (CVE-ID: CVE-2024-57946)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the virtblk_remove() and virtblk_restore() functions in drivers/block/virtio_blk.c. A local user can perform a denial of service (DoS) attack.
897) Resource management error (CVE-ID: CVE-2024-36908)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iocg_pay_debt() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.
898) Buffer overflow (CVE-ID: CVE-2024-39480)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kdb_printf() function in kernel/debug/kdb/kdb_io.c. A local user can escalate privileges on the system.
899) Memory leak (CVE-ID: CVE-2024-57907)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rockchip_saradc_trigger_handler() function in drivers/iio/adc/rockchip_saradc.c. A local user can perform a denial of service (DoS) attack.
900) Integer overflow (CVE-ID: CVE-2024-53151)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the xdr_check_write_chunk() function in net/sunrpc/xprtrdma/svc_rdma_recvfrom.c. A local user can execute arbitrary code.
901) Buffer overflow (CVE-ID: CVE-2024-53126)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the psnet_open_pf_bar() function in drivers/vdpa/solidrun/snet_main.c. A local user can perform a denial of service (DoS) attack.
902) Buffer overflow (CVE-ID: CVE-2024-53127)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dw_mci_init_slot() function in drivers/mmc/host/dw_mmc.c. A local user can perform a denial of service (DoS) attack.
903) NULL pointer dereference (CVE-ID: CVE-2024-53129)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vop_plane_atomic_async_check() function in drivers/gpu/drm/rockchip/rockchip_drm_vop.c. A local user can perform a denial of service (DoS) attack.
904) NULL pointer dereference (CVE-ID: CVE-2024-53130)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nilfs_grab_buffer() function in fs/nilfs2/page.c, within the nilfs_mdt_create_block() function in fs/nilfs2/mdt.c, within the nilfs_gccache_submit_read_data() function in fs/nilfs2/gcinode.c, within the nilfs_btnode_create_block() and nilfs_btnode_submit_block() functions in fs/nilfs2/btnode.c. A local user can perform a denial of service (DoS) attack.
905) NULL pointer dereference (CVE-ID: CVE-2024-53131)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __nilfs_get_page_block() function in fs/nilfs2/page.c. A local user can perform a denial of service (DoS) attack.
906) Use-after-free (CVE-ID: CVE-2024-53133)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dc_state_create_copy() function in drivers/gpu/drm/amd/display/dc/core/dc_state.c. A local user can escalate privileges on the system.
907) Input validation error (CVE-ID: CVE-2024-53134)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the imx93_blk_ctrl_remove() function in drivers/pmdomain/imx/imx93-blk-ctrl.c. A local user can perform a denial of service (DoS) attack.
908) Improper locking (CVE-ID: CVE-2024-53136)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the shmem_getattr() function in mm/shmem.c. A local user can perform a denial of service (DoS) attack.
909) Input validation error (CVE-ID: CVE-2024-53141)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the bitmap_ip_uadt() function in net/netfilter/ipset/ip_set_bitmap_ip.c. A local user can perform a denial of service (DoS) attack.
910) Use of uninitialized resource (CVE-ID: CVE-2024-53142)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the do_name() and do_copy() functions in init/initramfs.c. A local user can perform a denial of service (DoS) attack.
911) Input validation error (CVE-ID: CVE-2024-53144)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_user_confirm_request_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
912) Integer overflow (CVE-ID: CVE-2024-53146)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the decode_cb_compound4res() function in fs/nfsd/nfs4callback.c. A local user can execute arbitrary code.
913) Buffer overflow (CVE-ID: CVE-2024-53148)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the comedi_mmap() function in drivers/comedi/comedi_fops.c. A local user can perform a denial of service (DoS) attack.
914) Out-of-bounds read (CVE-ID: CVE-2024-53150)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the DESC_LENGTH_CHECK(), validate_clock_source() and validate_clock_selector() functions in sound/usb/clock.c. A local user can perform a denial of service (DoS) attack.
915) NULL pointer dereference (CVE-ID: CVE-2024-53154)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the applnco_probe() function in drivers/clk/clk-apple-nco.c. A local user can perform a denial of service (DoS) attack.
916) Division by zero (CVE-ID: CVE-2024-53122)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the mptcp_rcv_space_adjust() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
917) Use-after-free (CVE-ID: CVE-2024-53166)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_choose_req(), bfqq_request_over_limit() and bfq_limit_depth() functions in block/bfq-iosched.c. A local user can escalate privileges on the system.
918) NULL pointer dereference (CVE-ID: CVE-2024-53188)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath12k_dp_cc_cleanup() function in drivers/net/wireless/ath/ath12k/dp.c. A local user can perform a denial of service (DoS) attack.
919) Improper Initialization (CVE-ID: CVE-2024-53180)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the snd_pcm_mmap_data_fault() function in sound/core/pcm_native.c. A local user can perform a denial of service (DoS) attack.
920) Use-after-free (CVE-ID: CVE-2024-53179)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_get_sign_key(), smb2_find_smb_ses_unlocked(), smb2_calc_signature() and smb3_calc_signature() functions in fs/smb/client/smb2transport.c. A local user can escalate privileges on the system.
921) Use-after-free (CVE-ID: CVE-2024-53174)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the c_show() function in net/sunrpc/cache.c. A local user can escalate privileges on the system.
922) Use-after-free (CVE-ID: CVE-2024-53171)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the get_znodes_to_commit() function in fs/ubifs/tnc_commit.c. A local user can escalate privileges on the system.
923) Race condition (CVE-ID: CVE-2024-53169)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the EXPORT_SYMBOL_GPL() function in drivers/nvme/host/core.c. A local user can escalate privileges on the system.
924) Out-of-bounds read (CVE-ID: CVE-2024-53162)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the uof_get_name() function in drivers/crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c. A local user can perform a denial of service (DoS) attack.
925) Use of uninitialized resource (CVE-ID: CVE-2024-53155)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ocfs2_file_write_iter() and ocfs2_file_read_iter() functions in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.
926) Integer overflow (CVE-ID: CVE-2024-53161)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the bluefield_edac_check() function in drivers/edac/bluefield_edac.c. A local user can execute arbitrary code.
927) Race condition within a thread (CVE-ID: CVE-2024-53160)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the krc_count(), schedule_delayed_monitor_work() and kvfree_call_rcu() functions in kernel/rcu/tree.c. A local user can corrupt data.
928) Buffer overflow (CVE-ID: CVE-2024-53159)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the store_target_temp(), store_temp_tolerance() and store_weight_temp() functions in drivers/hwmon/nct6775-core.c. A local user can escalate privileges on the system.
929) Integer underflow (CVE-ID: CVE-2024-53158)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the geni_se_clk_tbl_get() function in drivers/soc/qcom/qcom-geni-se.c. A local user can execute arbitrary code.
930) NULL pointer dereference (CVE-ID: CVE-2024-53157)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the scpi_dvfs_get_info() function in drivers/firmware/arm_scpi.c. A local user can perform a denial of service (DoS) attack.
931) Out-of-bounds read (CVE-ID: CVE-2024-53156)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the htc_connect_service() function in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
932) Resource management error (CVE-ID: CVE-2024-53125)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the find_equal_scalars() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
933) NULL pointer dereference (CVE-ID: CVE-2024-53120)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_tc_ct_entry_add_rule() function in drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c. A local user can perform a denial of service (DoS) attack.
934) Input validation error (CVE-ID: CVE-2024-41042)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nf_tables_rule_release(), nft_chain_validate(), nft_chain_validate_hooks() and nft_validate_register_store() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
935) Improper locking (CVE-ID: CVE-2024-50228)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the shmem_getattr() function in mm/shmem.c. A local user can perform a denial of service (DoS) attack.
936) Use-after-free (CVE-ID: CVE-2024-44934)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the br_multicast_del_port() function in net/bridge/br_multicast.c. A local user can escalate privileges on the system.
937) Resource management error (CVE-ID: CVE-2024-44996)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __vsock_recvmsg() function in net/vmw_vsock/vsock_bpf.c, within the __vsock_dgram_recvmsg(), vsock_connectible_recvmsg() and release_sock() functions in net/vmw_vsock/af_vsock.c. A local user can perform a denial of service (DoS) attack.
938) Improper locking (CVE-ID: CVE-2024-47678)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the icmpv6_mask_allow(), icmpv6_global_allow(), icmpv6_xrlim_allow(), icmp6_send() and icmpv6_echo_reply() functions in net/ipv6/icmp.c, within the __SPIN_LOCK_UNLOCKED(), icmpv4_mask_allow(), icmpv4_global_allow(), icmpv4_xrlim_allow(), icmp_reply() and __icmp_send() functions in net/ipv4/icmp.c. A local user can perform a denial of service (DoS) attack.
939) Use-after-free (CVE-ID: CVE-2024-49854)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_prepare_request() and bfq_init_rq() functions in block/bfq-iosched.c. A local user can escalate privileges on the system.
940) NULL pointer dereference (CVE-ID: CVE-2024-49915)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn32_init_hw() function in drivers/gpu/drm/amd/display/dc/hwss/dcn32/dcn32_hwseq.c. A local user can perform a denial of service (DoS) attack.
941) Integer overflow (CVE-ID: CVE-2024-50016)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the dp_set_test_pattern() function in drivers/gpu/drm/amd/display/dc/link/accessories/link_dp_cts.c. A local user can execute arbitrary code.
942) Integer overflow (CVE-ID: CVE-2024-50018)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the NETDEVICE_SHOW_RW() and napi_defer_hard_irqs_store() functions in net/core/net-sysfs.c, within the netif_elide_gro() function in Documentation/networking/net_cachelines/net_device.rst. A local user can execute arbitrary code.
943) Resource management error (CVE-ID: CVE-2024-50039)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qdisc_skb_cb() function in net/sched/sch_api.c. A local user can perform a denial of service (DoS) attack.
944) Improper locking (CVE-ID: CVE-2024-50047)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the SMB2_negotiate() function in fs/smb/client/smb2pdu.c, within the smb2_get_enc_key(), crypt_message(), smb3_init_transform_rq() and decrypt_raw_data() functions in fs/smb/client/smb2ops.c. A local user can perform a denial of service (DoS) attack.
945) Use of uninitialized resource (CVE-ID: CVE-2024-50143)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the udf_current_aext() function in fs/udf/inode.c. A local user can perform a denial of service (DoS) attack.
946) Use-after-free (CVE-ID: CVE-2024-50154)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the reqsk_queue_unlink() and reqsk_timer_handler() functions in net/ipv4/inet_connection_sock.c. A local user can escalate privileges on the system.
947) Input validation error (CVE-ID: CVE-2024-50202)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nilfs_lookup(), nilfs_do_unlink(), nilfs_rename() and nilfs_get_parent() functions in fs/nilfs2/namei.c, within the nilfs_readdir(), nilfs_find_entry() and nilfs_inode_by_name() functions in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
948) Buffer overflow (CVE-ID: CVE-2024-50203)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the prepare_trampoline() function in arch/arm64/net/bpf_jit_comp.c. A local user can escalate privileges on the system.
949) Improper error handling (CVE-ID: CVE-2024-50211)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the udf_truncate_extents() function in fs/udf/truncate.c, within the udf_try_read_meta() function in fs/udf/partition.c, within the udf_map_block(), udf_extend_file(), udf_delete_aext() and inode_bmap() functions in fs/udf/inode.c, within the udf_fiiter_init() and udf_fiiter_append_blk() functions in fs/udf/directory.c. A local user can perform a denial of service (DoS) attack.
950) Improper error handling (CVE-ID: CVE-2024-50256)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nf_reject6_fill_skb_dst() and nf_send_reset6() functions in net/ipv6/netfilter/nf_reject_ipv6.c. A local user can perform a denial of service (DoS) attack.
951) Memory leak (CVE-ID: CVE-2024-53119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the virtio_transport_recv_listen() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.
952) Out-of-bounds read (CVE-ID: CVE-2024-53099)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bpf_link_show_fdinfo() function in kernel/bpf/syscall.c. A local user can perform a denial of service (DoS) attack.
953) Memory leak (CVE-ID: CVE-2024-53118)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vsock_sk_destruct() function in net/vmw_vsock/af_vsock.c. A local user can perform a denial of service (DoS) attack.
954) Memory leak (CVE-ID: CVE-2024-53117)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the virtio_transport_send_pkt_info() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.
955) NULL pointer dereference (CVE-ID: CVE-2024-53113)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the alloc_pages_bulk_noprof() function in mm/page_alloc.c. A local user can perform a denial of service (DoS) attack.
956) Integer overflow (CVE-ID: CVE-2024-53111)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the mm/mremap.c. A local user can execute arbitrary code.
957) Double free (CVE-ID: CVE-2024-53105)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the __page_cache_release() function in mm/swap.c, within the free_pages_prepare() function in mm/page_alloc.c. A local user can perform a denial of service (DoS) attack.
958) NULL pointer dereference (CVE-ID: CVE-2024-53103)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hvs_destruct() function in net/vmw_vsock/hyperv_transport.c. A local user can perform a denial of service (DoS) attack.
959) Improper locking (CVE-ID: CVE-2024-53090)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the afs_deferred_free_worker(), afs_alloc_call(), afs_put_call(), afs_wake_up_call_waiter() and afs_wake_up_async_call() functions in fs/afs/rxrpc.c. A local user can perform a denial of service (DoS) attack.
960) Out-of-bounds read (CVE-ID: CVE-2024-50262)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the trie_get_next_key() function in kernel/bpf/lpm_trie.c. A local user can perform a denial of service (DoS) attack.
961) NULL pointer dereference (CVE-ID: CVE-2024-53064)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the idpf_init_hard_reset() function in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can perform a denial of service (DoS) attack.
962) NULL pointer dereference (CVE-ID: CVE-2024-53050)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the intel_dp_hdcp2_get_capability() function in drivers/gpu/drm/i915/display/intel_dp_hdcp.c. A local user can perform a denial of service (DoS) attack.
963) Use-after-free (CVE-ID: CVE-2024-50280)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the check_migrations(), destroy(), cache_create() and cache_ctr() functions in drivers/md/dm-cache-target.c. A local user can escalate privileges on the system.
964) Out-of-bounds read (CVE-ID: CVE-2024-50279)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the can_resize() function in drivers/md/dm-cache-target.c. A local user can perform a denial of service (DoS) attack.
965) Out-of-bounds read (CVE-ID: CVE-2024-50278)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_cache_dev_size() and cache_preresume() functions in drivers/md/dm-cache-target.c. A local user can perform a denial of service (DoS) attack.
966) Infinite loop (CVE-ID: CVE-2024-50272)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the filemap_read() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.
967) Memory leak (CVE-ID: CVE-2024-57908)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kmx61_trigger_handler() function in drivers/iio/imu/kmx61.c. A local user can perform a denial of service (DoS) attack.
968) Memory leak (CVE-ID: CVE-2024-57906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ads8688_trigger_handler() function in drivers/iio/adc/ti-ads8688.c. A local user can perform a denial of service (DoS) attack.
969) NULL pointer dereference (CVE-ID: CVE-2024-56587)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the brightness_show() and max_brightness_show() functions in drivers/leds/led-class.c. A local user can perform a denial of service (DoS) attack.
970) NULL pointer dereference (CVE-ID: CVE-2024-56660)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dr_domain_add_vport_cap() function in drivers/net/ethernet/mellanox/mlx5/core/steering/sws/dr_domain.c. A local user can perform a denial of service (DoS) attack.
971) Resource management error (CVE-ID: CVE-2024-56636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the geneve_xmit_skb() function in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.
972) Race condition (CVE-ID: CVE-2024-56637)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the find_set_type() function in net/netfilter/ipset/ip_set_core.c. A local user can escalate privileges on the system.
973) Resource management error (CVE-ID: CVE-2024-56641)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the smc_sk_init(), smc_connect_rdma(), smc_connect_ism() and smc_listen_work() functions in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.
974) Use-after-free (CVE-ID: CVE-2024-56642)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cleanup_bearer() function in net/tipc/udp_media.c. A local user can escalate privileges on the system.
975) Memory leak (CVE-ID: CVE-2024-56643)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dccp_feat_change_recv() function in net/dccp/feat.c. A local user can perform a denial of service (DoS) attack.
976) Memory leak (CVE-ID: CVE-2024-56644)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ip6_negative_advice() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
977) Out-of-bounds read (CVE-ID: CVE-2024-56648)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fill_frame_info() function in net/hsr/hsr_forward.c. A local user can perform a denial of service (DoS) attack.
978) NULL pointer dereference (CVE-ID: CVE-2024-56649)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/net/ethernet/freescale/enetc/enetc.c. A local user can perform a denial of service (DoS) attack.
979) Out-of-bounds read (CVE-ID: CVE-2024-56650)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the led_tg_check() function in net/netfilter/xt_LED.c. A local user can perform a denial of service (DoS) attack.
980) Use-after-free (CVE-ID: CVE-2024-56651)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hi3110_can_ist() function in drivers/net/can/spi/hi311x.c. A local user can escalate privileges on the system.
981) Incorrect calculation (CVE-ID: CVE-2024-56654)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the hci_le_create_big_complete_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
982) Improper error handling (CVE-ID: CVE-2024-56656)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the drivers/net/ethernet/broadcom/bnxt/bnxt.h. A local user can perform a denial of service (DoS) attack.
983) Use-after-free (CVE-ID: CVE-2024-56658)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the LLIST_HEAD(), net_free() and cleanup_net() functions in net/core/net_namespace.c. A local user can escalate privileges on the system.
984) Improper error handling (CVE-ID: CVE-2024-56659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the include/net/lapb.h. A local user can perform a denial of service (DoS) attack.
985) NULL pointer dereference (CVE-ID: CVE-2024-56661)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cleanup_bearer() function in net/tipc/udp_media.c. A local user can perform a denial of service (DoS) attack.
986) NULL pointer dereference (CVE-ID: CVE-2024-56634)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the grgpio_probe() function in drivers/gpio/gpio-grgpio.c. A local user can perform a denial of service (DoS) attack.
987) Out-of-bounds read (CVE-ID: CVE-2024-56662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the acpi_nfit_ctl() function in drivers/acpi/nfit/core.c. A local user can perform a denial of service (DoS) attack.
988) Input validation error (CVE-ID: CVE-2024-56663)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the NLA_POLICY_NESTED_ARRAY() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
989) Use-after-free (CVE-ID: CVE-2024-56664)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sock_map_lookup_sys() function in net/core/sock_map.c. A local user can escalate privileges on the system.
990) Input validation error (CVE-ID: CVE-2024-56665)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the perf_event_detach_bpf_prog() function in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.
991) NULL pointer dereference (CVE-ID: CVE-2024-56670)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gs_start_io() function in drivers/usb/gadget/function/u_serial.c. A local user can perform a denial of service (DoS) attack.
992) Use-after-free (CVE-ID: CVE-2024-56672)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the blkcg_unpin_online() function in block/blk-cgroup.c. A local user can escalate privileges on the system.
993) Use-after-free (CVE-ID: CVE-2024-56675)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the perf_event_detach_bpf_prog() function in kernel/trace/bpf_trace.c. A local user can escalate privileges on the system.
994) Use-after-free (CVE-ID: CVE-2024-56677)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the setup_arch() function in arch/powerpc/kernel/setup-common.c, within the fadump_cma_init() and fadump_reserve_mem() functions in arch/powerpc/kernel/fadump.c. A local user can escalate privileges on the system.
995) Use-after-free (CVE-ID: CVE-2024-56678)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ___do_page_fault() function in arch/powerpc/mm/fault.c. A local user can escalate privileges on the system.
996) Input validation error (CVE-ID: CVE-2024-56679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the otx2_get_max_mtu() function in drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.c. A local user can perform a denial of service (DoS) attack.
997) Improper error handling (CVE-ID: CVE-2024-56681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ahash_hmac_setkey() and ahash_hmac_init() functions in drivers/crypto/bcm/cipher.c. A local user can perform a denial of service (DoS) attack.
998) Input validation error (CVE-ID: CVE-2024-56683)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vc4_hdmi_debugfs_regs() function in drivers/gpu/drm/vc4/vc4_hdmi.c. A local user can perform a denial of service (DoS) attack.
999) Improper locking (CVE-ID: CVE-2024-56687)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the musb_free_request() function in drivers/usb/musb/musb_gadget.c. A local user can perform a denial of service (DoS) attack.
1000) NULL pointer dereference (CVE-ID: CVE-2024-56688)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xs_sock_reset_state_flags() function in net/sunrpc/xprtsock.c. A local user can perform a denial of service (DoS) attack.
1001) Use-after-free (CVE-ID: CVE-2024-56635)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the default_operstate() function in net/core/link_watch.c. A local user can escalate privileges on the system.
1002) Memory leak (CVE-ID: CVE-2024-56632)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvme_stop_keep_alive() function in drivers/nvme/host/tcp.c. A local user can perform a denial of service (DoS) attack.
1003) Resource management error (CVE-ID: CVE-2024-56691)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the wcove_typec_probe() function in drivers/usb/typec/tcpm/wcove.c, within the ARRAY_SIZE(), bxtwc_add_chained_irq_chip() and bxtwc_probe() functions in drivers/mfd/intel_soc_pmic_bxtwc.c. A local user can perform a denial of service (DoS) attack.
1004) Use-after-free (CVE-ID: CVE-2024-56606)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the packet_create() function in net/packet/af_packet.c. A local user can escalate privileges on the system.
1005) NULL pointer dereference (CVE-ID: CVE-2024-56588)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the debugfs_to_reg_name_v3_hw(), debugfs_global_v3_hw_show(), debugfs_axi_v3_hw_show(), debugfs_ras_v3_hw_show(), debugfs_port_v3_hw_show(), debugfs_cq_v3_hw_show(), debugfs_dq_show_slot_v3_hw(), debugfs_iost_v3_hw_show(), debugfs_iost_cache_v3_hw_show(), debugfs_itct_v3_hw_show(), debugfs_itct_cache_v3_hw_show(), debugfs_create_files_v3_hw(), debugfs_release_v3_hw(), debugfs_snapshot_regs_v3_hw(), debugfs_bist_init_v3_hw() and debugfs_init_v3_hw() functions in drivers/scsi/hisi_sas/hisi_sas_v3_hw.c. A local user can perform a denial of service (DoS) attack.
1006) Improper locking (CVE-ID: CVE-2024-56589)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cq_thread_v3_hw() function in drivers/scsi/hisi_sas/hisi_sas_v3_hw.c. A local user can perform a denial of service (DoS) attack.
1007) Input validation error (CVE-ID: CVE-2024-56590)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_tx_work() and hci_acldata_packet() functions in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
1008) Improper locking (CVE-ID: CVE-2024-56592)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the htab_elem_free(), free_htab_elem(), alloc_htab_elem(), htab_map_update_elem(), htab_map_delete_elem() and prealloc_lru_pop() functions in kernel/bpf/hashtab.c. A local user can perform a denial of service (DoS) attack.
1009) NULL pointer dereference (CVE-ID: CVE-2024-56593)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the brcmf_sdiod_sgtable_alloc() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c. A local user can perform a denial of service (DoS) attack.
1010) Improper locking (CVE-ID: CVE-2024-56594)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amdgpu_ttm_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can perform a denial of service (DoS) attack.
1011) Out-of-bounds read (CVE-ID: CVE-2024-56595)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAdjTree() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
1012) Out-of-bounds read (CVE-ID: CVE-2024-56596)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the jfs_readdir() function in fs/jfs/jfs_dtree.c. A local user can perform a denial of service (DoS) attack.
1013) Out-of-bounds read (CVE-ID: CVE-2024-56597)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAllocCtl() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
1014) Out-of-bounds read (CVE-ID: CVE-2024-56598)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dtReadFirst() function in fs/jfs/jfs_dtree.c. A local user can perform a denial of service (DoS) attack.
1015) Use-after-free (CVE-ID: CVE-2024-56600)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the htons() function in net/ipv6/af_inet6.c. A local user can escalate privileges on the system.
1016) Use-after-free (CVE-ID: CVE-2024-56601)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the htons() function in net/ipv4/af_inet.c. A local user can escalate privileges on the system.
1017) Use-after-free (CVE-ID: CVE-2024-56602)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ieee802154_create() function in net/ieee802154/socket.c. A local user can escalate privileges on the system.
1018) Use-after-free (CVE-ID: CVE-2024-56603)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the can_create() function in net/can/af_can.c. A local user can escalate privileges on the system.
1019) Improper locking (CVE-ID: CVE-2024-56607)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ath12k_mac_op_set_bitrate_mask() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.
1020) Use-after-free (CVE-ID: CVE-2024-56631)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sg_release() function in drivers/scsi/sg.c. A local user can escalate privileges on the system.
1021) Use-after-free (CVE-ID: CVE-2024-56619)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_put_page() function in fs/nilfs2/dir.c. A local user can escalate privileges on the system.
1022) Improper error handling (CVE-ID: CVE-2024-56630)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ocfs2_get_init_inode() function in fs/ocfs2/namei.c. A local user can perform a denial of service (DoS) attack.
1023) NULL pointer dereference (CVE-ID: CVE-2024-56629)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the wacom_update_name() function in drivers/hid/wacom_sys.c. A local user can perform a denial of service (DoS) attack.
1024) Resource management error (CVE-ID: CVE-2024-56625)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the can_set_termination() function in drivers/net/can/dev/dev.c. A local user can perform a denial of service (DoS) attack.
1025) Use-after-free (CVE-ID: CVE-2024-56623)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qla2x00_do_dpc() function in drivers/scsi/qla2xxx/qla_os.c. A local user can escalate privileges on the system.
1026) Input validation error (CVE-ID: CVE-2024-56622)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the read_req_latency_avg_show() and write_req_latency_avg_show() functions in drivers/ufs/core/ufs-sysfs.c. A local user can perform a denial of service (DoS) attack.
1027) NULL pointer dereference (CVE-ID: CVE-2024-56620)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ufs_qcom_probe() function in drivers/ufs/host/ufs-qcom.c. A local user can perform a denial of service (DoS) attack.
1028) NULL pointer dereference (CVE-ID: CVE-2024-56617)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the last_level_cache_is_valid(), populate_cache_leaves() and init_level_allocate_ci() functions in drivers/base/cacheinfo.c. A local user can perform a denial of service (DoS) attack.
1029) Out-of-bounds read (CVE-ID: CVE-2024-56608)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dcn21_link_encoder_create() function in drivers/gpu/drm/amd/display/dc/resource/dcn21/dcn21_resource.c. A local user can perform a denial of service (DoS) attack.
1030) Out-of-bounds read (CVE-ID: CVE-2024-56616)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drm_dp_decode_sideband_msg_hdr() function in drivers/gpu/drm/display/drm_dp_mst_topology.c. A local user can perform a denial of service (DoS) attack.
1031) Out-of-bounds read (CVE-ID: CVE-2024-56615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dev_map_alloc(), dev_map_delete_elem() and dev_map_hash_delete_elem() functions in kernel/bpf/devmap.c. A local user can perform a denial of service (DoS) attack.
1032) Out-of-bounds read (CVE-ID: CVE-2024-56614)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the xsk_map_delete_elem() function in net/xdp/xskmap.c. A local user can perform a denial of service (DoS) attack.
1033) NULL pointer dereference (CVE-ID: CVE-2024-56611)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the migrate_to_node() function in mm/mempolicy.c. A local user can perform a denial of service (DoS) attack.
1034) Improper locking (CVE-ID: CVE-2024-56610)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DEFINE_SPINLOCK(), kcsan_skip_report_debugfs(), set_report_filterlist_whitelist(), insert_report_filterlist() and show_info() functions in kernel/kcsan/debugfs.c. A local user can perform a denial of service (DoS) attack.
1035) Improper locking (CVE-ID: CVE-2024-56609)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtw_usb_tx_handler() and rtw_usb_deinit_tx() functions in drivers/net/wireless/realtek/rtw88/usb.c, within the rtw_sdio_deinit_tx() function in drivers/net/wireless/realtek/rtw88/sdio.c. A local user can perform a denial of service (DoS) attack.
1036) Input validation error (CVE-ID: CVE-2024-56690)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pcrypt_aead_encrypt() and pcrypt_aead_decrypt() functions in crypto/pcrypt.c. A local user can perform a denial of service (DoS) attack.
1037) Use-after-free (CVE-ID: CVE-2024-56693)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __setup(), brd_alloc(), brd_cleanup() and brd_init() functions in drivers/block/brd.c. A local user can escalate privileges on the system.
1038) Resource management error (CVE-ID: CVE-2024-57904)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the at91_ts_register() function in drivers/iio/adc/at91_adc.c. A local user can perform a denial of service (DoS) attack.
1039) Improper error handling (CVE-ID: CVE-2024-57838)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch_init_kprobes() function in arch/s390/kernel/kprobes.c, within the SYM_CODE_START() function in arch/s390/kernel/entry.S. A local user can perform a denial of service (DoS) attack.
1040) NULL pointer dereference (CVE-ID: CVE-2024-56777)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sti_gdp_atomic_check() function in drivers/gpu/drm/sti/sti_gdp.c. A local user can perform a denial of service (DoS) attack.
1041) NULL pointer dereference (CVE-ID: CVE-2024-56778)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sti_hqvdp_atomic_check() function in drivers/gpu/drm/sti/sti_hqvdp.c. A local user can perform a denial of service (DoS) attack.
1042) Memory leak (CVE-ID: CVE-2024-56779)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the release_open_stateid(), spin_lock() and nfsd4_process_open2() functions in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.
1043) Improper locking (CVE-ID: CVE-2024-56780)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dquot_writeback_dquots() function in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
1044) Resource management error (CVE-ID: CVE-2024-56787)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the imx8mq_soc_revision_from_atf(), imx8mq_soc_revision(), imx8mm_soc_uid(), kasprintf(), imx8_soc_init() and kfree() functions in drivers/soc/imx/soc-imx8m.c. A local user can perform a denial of service (DoS) attack.
1045) Input validation error (CVE-ID: CVE-2024-57791)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the smc_clc_wait_msg() function in net/smc/smc_clc.c. A local user can perform a denial of service (DoS) attack.
1046) Buffer overflow (CVE-ID: CVE-2024-57792)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the set_charge_current_limit() function in drivers/power/supply/gpio-charger.c. A local user can perform a denial of service (DoS) attack.
1047) Memory leak (CVE-ID: CVE-2024-57793)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the alloc_quote_buf() function in drivers/virt/coco/tdx-guest/tdx-guest.c. A local user can perform a denial of service (DoS) attack.
1048) Use-after-free (CVE-ID: CVE-2024-57795)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rxe_query_port(), rxe_enable_driver(), INIT_RDMA_OBJ_SIZE() and rxe_register_device() functions in drivers/infiniband/sw/rxe/rxe_verbs.c, within the rxe_parent_name(), rxe_net_add() and rxe_port_down() functions in drivers/infiniband/sw/rxe/rxe_net.c, within the rxe_mcast_add() function in drivers/infiniband/sw/rxe/rxe_mcast.c, within the rxe_dealloc(), rxe_init_device_param(), rxe_init_port_param() and rxe_set_mtu() functions in drivers/infiniband/sw/rxe/rxe.c. A local user can escalate privileges on the system.
1049) Use-after-free (CVE-ID: CVE-2024-57798)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drm_dp_mst_up_req_work() and drm_dp_mst_handle_up_req() functions in drivers/gpu/drm/display/drm_dp_mst_topology.c. A local user can escalate privileges on the system.
1050) Use-after-free (CVE-ID: CVE-2024-57801)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlx5_esw_for_each_rep() function in drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c, within the mlx5_esw_ipsec_restore_dest_uplink() function in drivers/net/ethernet/mellanox/mlx5/core/esw/ipsec_fs.c. A local user can escalate privileges on the system.
1051) Use of uninitialized resource (CVE-ID: CVE-2024-57802)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nr_route_frame() function in net/netrom/nr_route.c. A local user can perform a denial of service (DoS) attack.
1052) Buffer overflow (CVE-ID: CVE-2024-57804)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mpi3mr_read_tsu_interval(), mpi3mr_free_mem(), mpi3mr_free_config_dma_memory() and mpi3mr_process_cfg_req() functions in drivers/scsi/mpi3mr/mpi3mr_fw.c. A local user can perform a denial of service (DoS) attack.
1053) Improper error handling (CVE-ID: CVE-2024-57809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the IMX_PCIE_FLAG_HAS_SERDES BIT(), imx_pcie_suspend_noirq() and imx_pcie_resume_noirq() functions in drivers/pci/controller/dwc/pci-imx6.c. A local user can perform a denial of service (DoS) attack.
1054) Use-after-free (CVE-ID: CVE-2024-57849)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cpumsf_pmu_stop() function in arch/s390/kernel/perf_cpum_sf.c. A local user can escalate privileges on the system.
1055) Memory leak (CVE-ID: CVE-2024-56775)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the restore_planes_and_stream_state() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
1056) Integer overflow (CVE-ID: CVE-2024-57890)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the uverbs_request_next_ptr(), ib_uverbs_post_send() and ib_uverbs_unmarshall_recv() functions in drivers/infiniband/core/uverbs_cmd.c. A local user can execute arbitrary code.
1057) Improper locking (CVE-ID: CVE-2024-57903)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sk_setsockopt() function in net/core/sock.c. A local user can perform a denial of service (DoS) attack.
1058) Integer overflow (CVE-ID: CVE-2024-57899)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the ieee80211_mbss_info_change_notify() function in net/mac80211/mesh.c. A local user can execute arbitrary code.
1059) Improper locking (CVE-ID: CVE-2024-57897)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the svm_migrate_copy_to_vram() and svm_migrate_copy_to_ram() functions in drivers/gpu/drm/amd/amdkfd/kfd_migrate.c. A local user can perform a denial of service (DoS) attack.
1060) Use-after-free (CVE-ID: CVE-2024-57896)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the close_ctree() function in fs/btrfs/disk-io.c. A local user can escalate privileges on the system.
1061) Out-of-bounds read (CVE-ID: CVE-2024-57893)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the DEFINE_SPINLOCK() and snd_seq_oss_synth_sysex() functions in sound/core/seq/oss/seq_oss_synth.c. A local user can perform a denial of service (DoS) attack.
1062) Use-after-free (CVE-ID: CVE-2024-57892)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brelse() function in fs/ocfs2/quota_local.c, within the ocfs2_get_next_id() function in fs/ocfs2/quota_global.c. A local user can escalate privileges on the system.
1063) Buffer overflow (CVE-ID: CVE-2024-57888)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the workqueue_softirq_dead(), __flush_workqueue() and start_flush_work() functions in kernel/workqueue.c. A local user can perform a denial of service (DoS) attack.
1064) Buffer overflow (CVE-ID: CVE-2024-57850)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the jffs2_rtime_decompress() function in fs/jffs2/compr_rtime.c. A local user can escalate privileges on the system.
1065) Use-after-free (CVE-ID: CVE-2024-57887)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the adv7533_parse_dt() function in drivers/gpu/drm/bridge/adv7511/adv7533.c, within the adv7511_probe(), i2c_unregister_device() and adv7511_remove() functions in drivers/gpu/drm/bridge/adv7511/adv7511_drv.c. A local user can escalate privileges on the system.
1066) Use-after-free (CVE-ID: CVE-2024-57884)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zone_reclaimable_pages() function in mm/vmscan.c. A local user can escalate privileges on the system.
1067) NULL pointer dereference (CVE-ID: CVE-2024-57882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mptcp_established_options_add_addr() function in net/mptcp/options.c. A local user can perform a denial of service (DoS) attack.
1068) Improper locking (CVE-ID: CVE-2024-57876)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drm_dp_mst_topology_mgr_set_mst(), EXPORT_SYMBOL(), update_msg_rx_state() and drm_dp_mst_hpd_irq_handle_event() functions in drivers/gpu/drm/display/drm_dp_mst_topology.c. A local user can perform a denial of service (DoS) attack.
1069) Memory leak (CVE-ID: CVE-2024-57874)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tagged_addr_ctrl_get() and tagged_addr_ctrl_set() functions in arch/arm64/kernel/ptrace.c. A local user can perform a denial of service (DoS) attack.
1070) Use-after-free (CVE-ID: CVE-2024-57857)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the siw_query_device(), siw_query_port() and siw_query_qp() functions in drivers/infiniband/sw/siw/siw_verbs.c, within the siw_device_create(), siw_netdev_event() and siw_newlink() functions in drivers/infiniband/sw/siw/siw_main.c, within the siw_create_listen() and siw_cep_set_free_and_put() functions in drivers/infiniband/sw/siw/siw_cm.c. A local user can escalate privileges on the system.
1071) NULL pointer dereference (CVE-ID: CVE-2024-56776)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sti_cursor_atomic_check() function in drivers/gpu/drm/sti/sti_cursor.c. A local user can perform a denial of service (DoS) attack.
1072) NULL pointer dereference (CVE-ID: CVE-2024-56774)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_search_slot() function in fs/btrfs/ctree.c. A local user can perform a denial of service (DoS) attack.
1073) Improper locking (CVE-ID: CVE-2024-56694)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sk_psock_strp_data_ready() function in net/core/skmsg.c. A local user can perform a denial of service (DoS) attack.
1074) Input validation error (CVE-ID: CVE-2024-56725)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the otx2_config_priority_flow_ctrl() function in drivers/net/ethernet/marvell/octeontx2/nic/otx2_dcbnl.c. A local user can perform a denial of service (DoS) attack.
1075) NULL pointer dereference (CVE-ID: CVE-2024-56698)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dwc3_prepare_trbs_sg() function in drivers/usb/dwc3/gadget.c. A local user can perform a denial of service (DoS) attack.
1076) NULL pointer dereference (CVE-ID: CVE-2024-56700)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fmc_send_cmd() function in drivers/media/radio/wl128x/fmdrv_common.c. A local user can perform a denial of service (DoS) attack.
1077) Improper locking (CVE-ID: CVE-2024-56701)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dtl_worker_enable() and dtl_worker_disable() functions in arch/powerpc/platforms/pseries/lpar.c, within the dtl_enable() and dtl_disable() functions in arch/powerpc/platforms/pseries/dtl.c. A local user can perform a denial of service (DoS) attack.
1078) Double free (CVE-ID: CVE-2024-56704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the xen_9pfs_front_free() function in net/9p/trans_xen.c. A local user can perform a denial of service (DoS) attack.
1079) Reachable assertion (CVE-ID: CVE-2024-56705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the ia_css_3a_statistics_allocate() function in drivers/staging/media/atomisp/pci/sh_css_params.c. A local user can perform a denial of service (DoS) attack.
1080) Input validation error (CVE-ID: CVE-2024-56707)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the otx2_dmacflt_do_add() and otx2_dmacflt_update() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_dmac_flt.c. A local user can perform a denial of service (DoS) attack.
1081) Buffer overflow (CVE-ID: CVE-2024-56708)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the igen6_register_mci() and igen6_unregister_mcis() functions in drivers/edac/igen6_edac.c. A local user can perform a denial of service (DoS) attack.
1082) Improper locking (CVE-ID: CVE-2024-56709)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the io_queue_iowq() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
1083) Memory leak (CVE-ID: CVE-2024-56712)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the check_memfd_seals(), export_udmabuf() and udmabuf_create() functions in drivers/dma-buf/udmabuf.c. A local user can perform a denial of service (DoS) attack.
1084) Memory leak (CVE-ID: CVE-2024-56715)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ionic_lif_register() function in drivers/net/ethernet/pensando/ionic/ionic_lif.c. A local user can perform a denial of service (DoS) attack.
1085) Incorrect calculation (CVE-ID: CVE-2024-56716)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the nsim_dev_health_break_write() function in drivers/net/netdevsim/health.c. A local user can perform a denial of service (DoS) attack.
1086) Input validation error (CVE-ID: CVE-2024-56722)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the free_srqc() function in drivers/infiniband/hw/hns/hns_roce_srq.c, within the hns_roce_mr_free() function in drivers/infiniband/hw/hns/hns_roce_mr.c, within the set_rwqe_data_seg(), free_mr_modify_rsv_qp(), free_mr_post_send_lp_wqe(), free_mr_send_cmd_to_hw(), hns_roce_v2_set_abs_fields(), hns_roce_v2_modify_qp(), hns_roce_v2_query_qp(), hns_roce_v2_destroy_qp_common(), hns_roce_v2_destroy_qp(), hns_roce_v2_modify_cq() and hns_roce_v2_query_cqc() functions in drivers/infiniband/hw/hns/hns_roce_hw_v2.c, within the hns_roce_table_put() function in drivers/infiniband/hw/hns/hns_roce_hem.c, within the free_cqc() function in drivers/infiniband/hw/hns/hns_roce_cq.c. A local user can perform a denial of service (DoS) attack.
1087) Resource management error (CVE-ID: CVE-2024-56723)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ARRAY_SIZE() and bxtwc_probe() functions in drivers/mfd/intel_soc_pmic_bxtwc.c. A local user can perform a denial of service (DoS) attack.
1088) Resource management error (CVE-ID: CVE-2024-56724)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bxt_wcove_tmu_irq_handler() and bxt_wcove_tmu_probe() functions in drivers/platform/x86/intel/bxtwc_tmu.c, within the ARRAY_SIZE() and bxtwc_probe() functions in drivers/mfd/intel_soc_pmic_bxtwc.c. A local user can perform a denial of service (DoS) attack.
1089) Input validation error (CVE-ID: CVE-2024-56726)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cn10k_alloc_leaf_profile() function in drivers/net/ethernet/marvell/octeontx2/nic/cn10k.c. A local user can perform a denial of service (DoS) attack.
1090) Improper error handling (CVE-ID: CVE-2024-56769)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the MODULE_PARM_DESC() function in drivers/media/dvb-frontends/dib3000mb.c. A local user can perform a denial of service (DoS) attack.
1091) Memory leak (CVE-ID: CVE-2024-56748)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qedf_alloc_and_init_sb() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.
1092) Use-after-free (CVE-ID: CVE-2024-56767)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the at_xdmac_prep_dma_memset() function in drivers/dma/at_xdmac.c. A local user can escalate privileges on the system.
1093) Double free (CVE-ID: CVE-2024-56766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the atmel_pmecc_create_user() function in drivers/mtd/nand/raw/atmel/pmecc.c. A local user can perform a denial of service (DoS) attack.
1094) Use-after-free (CVE-ID: CVE-2024-56765)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vas_mmap_fault() function in arch/powerpc/platforms/book3s/vas-api.c. A local user can escalate privileges on the system.
1095) Resource management error (CVE-ID: CVE-2024-56763)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tracing_cpumask_write() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
1096) Resource management error (CVE-ID: CVE-2024-56760)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __pci_enable_msi_range() function in drivers/pci/msi/msi.c, within the pci_msi_domain_supports() function in drivers/pci/msi/irqdomain.c. A local user can perform a denial of service (DoS) attack.
1097) Use-after-free (CVE-ID: CVE-2024-56759)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_force_cow_block() and btrfs_cow_block() functions in fs/btrfs/ctree.c. A local user can escalate privileges on the system.
1098) Memory leak (CVE-ID: CVE-2024-56747)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qedi_alloc_and_init_sb() function in drivers/scsi/qedi/qedi_main.c. A local user can perform a denial of service (DoS) attack.
1099) Input validation error (CVE-ID: CVE-2024-56727)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the otx2_alloc_mcam_entries() and otx2_mcam_entry_init() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_flows.c. A local user can perform a denial of service (DoS) attack.
1100) Memory leak (CVE-ID: CVE-2024-56746)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sh7760fb_alloc_mem() function in drivers/video/fbdev/sh7760fb.c. A local user can perform a denial of service (DoS) attack.
1101) Memory leak (CVE-ID: CVE-2024-56745)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the reset_method_store() function in drivers/pci/pci.c. A local user can perform a denial of service (DoS) attack.
1102) Memory leak (CVE-ID: CVE-2024-56741)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the policy_unpack_test_unpack_strdup_with_null_name(), policy_unpack_test_unpack_strdup_with_name() and policy_unpack_test_unpack_strdup_out_of_bounds() functions in security/apparmor/policy_unpack_test.c. A local user can perform a denial of service (DoS) attack.
1103) Improper locking (CVE-ID: CVE-2024-56739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtc_timer_do_work() function in drivers/rtc/interface.c. A local user can perform a denial of service (DoS) attack.
1104) Memory leak (CVE-ID: CVE-2024-56729)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the spin_lock() function in fs/smb/client/cached_dir.c. A local user can perform a denial of service (DoS) attack.
1105) Input validation error (CVE-ID: CVE-2024-56728)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the otx2_get_pauseparam() and otx2_set_fecparam() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.