SB2025061221 - SUSE update for the Linux Kernel
Published: June 12, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 157 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2022-3564)
The vulnerability allows an attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the l2cap_reassemble_sdu() function in net/bluetooth/l2cap_core.c. An attacker with physical access to device can trigger a use-after-free error and execute arbitrary code on the system.
2) Memory leak (CVE-ID: CVE-2022-3619)
The vulnerability allows an attacker to perform a DoS attack.
The vulnerability exists due memory leak within the l2cap_recv_acldata() function in net/bluetooth/l2cap_core.c. An attacker with physical proximity to device can force the system to leak memory and perform denial of service attack.
3) Use-after-free (CVE-ID: CVE-2022-3640)
The vulnerability allows an attacker to compromise the affected system.
The vulnerability exists due to a use-after-free error in the 2cap_conn_del() function in net/bluetooth/l2cap_core.c in Linux kernel. An attacker with physical proximity to device can trigger a use-after-free error and execute arbitrary code on the system.
4) Buffer overflow (CVE-ID: CVE-2022-49110)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the EXPORT_SYMBOL_GPL(), DEFINE_MUTEX(), gc_worker_can_early_drop() and gc_worker() functions in net/netfilter/nf_conntrack_core.c. A local user can perform a denial of service (DoS) attack.
5) NULL pointer dereference (CVE-ID: CVE-2022-49139)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hci_sync_conn_complete_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
6) Improper locking (CVE-ID: CVE-2022-49767)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the p9_fd_open() function in net/9p/trans_fd.c. A local user can perform a denial of service (DoS) attack.
7) Out-of-bounds read (CVE-ID: CVE-2022-49769)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the gfs2_check_sb() function in fs/gfs2/ops_fstype.c. A local user can perform a denial of service (DoS) attack.
8) Use-after-free (CVE-ID: CVE-2022-49770)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ceph_update_snap_trace() function in fs/ceph/snap.c. A local user can escalate privileges on the system.
9) Buffer overflow (CVE-ID: CVE-2022-49771)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the list_version_get_needed() and list_versions() functions in drivers/md/dm-ioctl.c. A local user can escalate privileges on the system.
10) Buffer overflow (CVE-ID: CVE-2022-49772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the snd_usbmidi_output_open() function in sound/usb/midi.c. A local user can perform a denial of service (DoS) attack.
11) Buffer overflow (CVE-ID: CVE-2022-49775)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the tcp_cdg_init() and tcp_cdg_release() functions in net/ipv4/tcp_cdg.c. A local user can perform a denial of service (DoS) attack.
12) Buffer overflow (CVE-ID: CVE-2022-49776)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the macvlan_common_setup() function in drivers/net/macvlan.c. A local user can perform a denial of service (DoS) attack.
13) Memory leak (CVE-ID: CVE-2022-49777)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the i8042_probe() and i8042_remove() functions in drivers/input/serio/i8042.c. A local user can perform a denial of service (DoS) attack.
14) Use-after-free (CVE-ID: CVE-2022-49779)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __unregister_kprobe_top() function in kernel/kprobes.c. A local user can escalate privileges on the system.
15) Resource management error (CVE-ID: CVE-2022-49783)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the fpu_clone() function in arch/x86/kernel/fpu/core.c. A local user can perform a denial of service (DoS) attack.
16) Memory leak (CVE-ID: CVE-2022-49787)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amd_probe() function in drivers/mmc/host/sdhci-pci-core.c. A local user can perform a denial of service (DoS) attack.
17) Memory leak (CVE-ID: CVE-2022-49788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qp_notify_peer_local() and qp_notify_peer() functions in drivers/misc/vmw_vmci/vmci_queue_pair.c. A local user can perform a denial of service (DoS) attack.
18) Use-after-free (CVE-ID: CVE-2022-49789)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zfcp_fsf_req_send() function in drivers/s390/scsi/zfcp_fsf.c. A local user can escalate privileges on the system.
19) Buffer overflow (CVE-ID: CVE-2022-49790)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the iforce_init_device() function in drivers/input/joystick/iforce/iforce-main.c. A local user can perform a denial of service (DoS) attack.
20) Out-of-bounds read (CVE-ID: CVE-2022-49792)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sctp_transport_free() function in net/sctp/transport.c, within the sctp_writeable(), sctp_sendmsg_to_asoc(), sctp_sock_rfree() and sctp_wait_for_sndbuf() functions in net/sctp/socket.c. A local user can perform a denial of service (DoS) attack.
21) Memory leak (CVE-ID: CVE-2022-49793)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iio_sysfs_trigger_remove() function in drivers/iio/trigger/iio-trig-sysfs.c. A local user can perform a denial of service (DoS) attack.
22) Memory leak (CVE-ID: CVE-2022-49794)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the at91_adc_allocate_trigger() function in drivers/iio/adc/at91_adc.c. A local user can perform a denial of service (DoS) attack.
23) NULL pointer dereference (CVE-ID: CVE-2022-49796)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the test_gen_kprobe_cmd() and test_gen_kretprobe_cmd() functions in kernel/trace/kprobe_event_gen_test.c. A local user can perform a denial of service (DoS) attack.
24) NULL pointer dereference (CVE-ID: CVE-2022-49797)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the trace_event_file_is_valid() and kprobe_event_gen_test_init() functions in kernel/trace/kprobe_event_gen_test.c. A local user can perform a denial of service (DoS) attack.
25) Resource management error (CVE-ID: CVE-2022-49799)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the register_synth_event() function in kernel/trace/trace_events_synth.c. A local user can perform a denial of service (DoS) attack.
26) Memory leak (CVE-ID: CVE-2022-49800)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the test_gen_synth_cmd() and test_empty_synth_event() functions in kernel/trace/synth_event_gen_test.c. A local user can perform a denial of service (DoS) attack.
27) Memory leak (CVE-ID: CVE-2022-49801)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tracing_release_pipe() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
28) Improper Initialization (CVE-ID: CVE-2022-49802)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the ftrace_add_mod() function in kernel/trace/ftrace.c. A local user can perform a denial of service (DoS) attack.
29) Memory leak (CVE-ID: CVE-2022-49807)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvmet_auth_set_key() function in drivers/nvme/target/auth.c. A local user can perform a denial of service (DoS) attack.
30) Memory leak (CVE-ID: CVE-2022-49809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the x25_lapb_receive_frame() function in net/x25/x25_dev.c. A local user can perform a denial of service (DoS) attack.
31) Improper locking (CVE-ID: CVE-2022-49810)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the netfs_rreq_unmark_after_write() function in fs/netfs/io.c, within the netfs_rreq_unlock_folios() function in fs/netfs/buffered_read.c. A local user can perform a denial of service (DoS) attack.
32) Memory leak (CVE-ID: CVE-2022-49812)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __br_vlan_set_proto() and ntohs() functions in net/bridge/br_vlan.c. A local user can perform a denial of service (DoS) attack.
33) Memory leak (CVE-ID: CVE-2022-49813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ena_init() function in drivers/net/ethernet/amazon/ena/ena_netdev.c. A local user can perform a denial of service (DoS) attack.
34) Resource management error (CVE-ID: CVE-2022-49818)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mISDN_register_device() function in drivers/isdn/mISDN/core.c. A local user can perform a denial of service (DoS) attack.
35) Memory leak (CVE-ID: CVE-2022-49821)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mISDN_dsp_element_register() and device_unregister() functions in drivers/isdn/mISDN/dsp_pipeline.c. A local user can perform a denial of service (DoS) attack.
36) Memory leak (CVE-ID: CVE-2022-49822)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_mount() function in fs/cifs/connect.c. A local user can perform a denial of service (DoS) attack.
37) NULL pointer dereference (CVE-ID: CVE-2022-49823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ata_tdev_add() function in drivers/ata/libata-transport.c. A local user can perform a denial of service (DoS) attack.
38) NULL pointer dereference (CVE-ID: CVE-2022-49824)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ata_tlink_add() function in drivers/ata/libata-transport.c. A local user can perform a denial of service (DoS) attack.
39) NULL pointer dereference (CVE-ID: CVE-2022-49825)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ata_tport_add() function in drivers/ata/libata-transport.c. A local user can perform a denial of service (DoS) attack.
40) NULL pointer dereference (CVE-ID: CVE-2022-49826)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ata_tport_add() function in drivers/ata/libata-transport.c. A local user can perform a denial of service (DoS) attack.
41) NULL pointer dereference (CVE-ID: CVE-2022-49827)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/gpu/drm/drm_internal.h. A local user can perform a denial of service (DoS) attack.
42) Memory leak (CVE-ID: CVE-2022-49830)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drm_dev_init() function in drivers/gpu/drm/drm_drv.c. A local user can perform a denial of service (DoS) attack.
43) NULL pointer dereference (CVE-ID: CVE-2022-49832)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pinctrl_dt_to_map() function in drivers/pinctrl/devicetree.c. A local user can perform a denial of service (DoS) attack.
44) Use-after-free (CVE-ID: CVE-2022-49834)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_remount() function in fs/nilfs2/super.c, within the nilfs_relax_pressure_in_lock(), nilfs_construct_segment(), nilfs_construct_dsync_segment() and nilfs_attach_log_writer() functions in fs/nilfs2/segment.c. A local user can escalate privileges on the system.
45) Memory leak (CVE-ID: CVE-2022-49835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the add_widget_node() function in sound/hda/hdac_sysfs.c. A local user can perform a denial of service (DoS) attack.
46) Memory leak (CVE-ID: CVE-2022-49836)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the siox_device_add() function in drivers/siox/siox-core.c. A local user can perform a denial of service (DoS) attack.
47) NULL pointer dereference (CVE-ID: CVE-2022-49839)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sas_phy_add() function in drivers/scsi/scsi_transport_sas.c. A local user can perform a denial of service (DoS) attack.
48) Resource management error (CVE-ID: CVE-2022-49841)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the drivers/tty/serial/imx.c. A local user can perform a denial of service (DoS) attack.
49) Use-after-free (CVE-ID: CVE-2022-49842)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL() function in sound/soc/soc-core.c. A local user can escalate privileges on the system.
50) Input validation error (CVE-ID: CVE-2022-49845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the j1939_send_one() function in net/can/j1939/main.c. A local user can perform a denial of service (DoS) attack.
51) Out-of-bounds read (CVE-ID: CVE-2022-49846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the udf_find_entry() function in fs/udf/namei.c. A local user can perform a denial of service (DoS) attack.
52) Improper locking (CVE-ID: CVE-2022-49850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kvm_gfn_to_pfn_cache_unmap(), kvm_gfn_to_pfn_cache_init() and kvm_gfn_to_pfn_cache_destroy() functions in virt/kvm/pfncache.c, within the kvm_xen_shared_info_init(), kvm_xen_vcpu_set_attr(), kvm_xen_init_vcpu(), kvm_xen_destroy_vcpu() and kvm_xen_destroy_vm() functions in arch/x86/kvm/xen.c, within the kvm_write_system_time(), kvm_pv_enable_async_pf_int() and kvm_arch_vcpu_create() functions in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
53) Memory leak (CVE-ID: CVE-2022-49853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/net/macvlan.c. A local user can perform a denial of service (DoS) attack.
54) Memory leak (CVE-ID: CVE-2022-49858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the otx2_tx_napi_handler() and otx2_sq_append_skb() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_txrx.c, within the otx2_sq_init() function in drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.c. A local user can perform a denial of service (DoS) attack.
55) Memory leak (CVE-ID: CVE-2022-49860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the k3_udma_glue_request_tx_chn(), k3_udma_glue_request_rx_chn_priv() and k3_udma_glue_request_remote_rx_chn() functions in drivers/dma/ti/k3-udma-glue.c. A local user can perform a denial of service (DoS) attack.
56) Memory leak (CVE-ID: CVE-2022-49861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mv_xor_v2_remove() function in drivers/dma/mv_xor_v2.c. A local user can perform a denial of service attack.
57) NULL pointer dereference (CVE-ID: CVE-2022-49863)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the can_rx_register() function in net/can/af_can.c. A local user can perform a denial of service (DoS) attack.
58) NULL pointer dereference (CVE-ID: CVE-2022-49864)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mutex_unlock() function in drivers/gpu/drm/amd/amdkfd/kfd_migrate.c. A local user can perform a denial of service (DoS) attack.
59) Use of uninitialized resource (CVE-ID: CVE-2022-49865)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ip6addrlbl_putmsg() function in net/ipv6/addrlabel.c. A local user can perform a denial of service (DoS) attack.
60) Input validation error (CVE-ID: CVE-2022-49868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mt7621_pcie_phy_of_xlate() function in drivers/phy/ralink/phy-mt7621-pci.c. A local user can perform a denial of service (DoS) attack.
61) NULL pointer dereference (CVE-ID: CVE-2022-49869)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bnxt_set_coalesce() function in drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c. A local user can perform a denial of service (DoS) attack.
62) Out-of-bounds read (CVE-ID: CVE-2022-49870)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the include/uapi/linux/capability.h. A local user can perform a denial of service (DoS) attack.
63) Memory leak (CVE-ID: CVE-2022-49871)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the local_bh_disable() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
64) Memory leak (CVE-ID: CVE-2022-49874)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mousevsc_probe() function in drivers/hid/hid-hyperv.c. A local user can perform a denial of service (DoS) attack.
65) Improper error handling (CVE-ID: CVE-2022-49879)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the make_indexed_dir() function in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.
66) Infinite loop (CVE-ID: CVE-2022-49880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the ext4_ext_migrate() function in fs/ext4/migrate.c. A local user can perform a denial of service (DoS) attack.
67) Memory leak (CVE-ID: CVE-2022-49881)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the regdb_fw_cb() and query_regdb_file() functions in net/wireless/reg.c. A local user can perform a denial of service (DoS) attack.
68) Integer overflow (CVE-ID: CVE-2022-49885)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the ghes_unmap() function in drivers/acpi/apei/ghes.c. A local user can execute arbitrary code.
69) Memory leak (CVE-ID: CVE-2022-49887)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vdec_probe() function in drivers/staging/media/meson/vdec/vdec.c. A local user can perform a denial of service attack.
70) Improper error handling (CVE-ID: CVE-2022-49888)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the cortex_a76_erratum_1463225_svc_handler() function in arch/arm64/kernel/entry-common.c. A local user can perform a denial of service (DoS) attack.
71) NULL pointer dereference (CVE-ID: CVE-2022-49889)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ring_buffer_wake_waiters() function in kernel/trace/ring_buffer.c. A local user can perform a denial of service (DoS) attack.
72) Memory leak (CVE-ID: CVE-2022-49890)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cap_inode_getsecurity() function in security/commoncap.c. A local user can perform a denial of service (DoS) attack.
73) Memory leak (CVE-ID: CVE-2022-49891)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the test_gen_kprobe_cmd() and test_gen_kretprobe_cmd() functions in kernel/trace/kprobe_event_gen_test.c. A local user can perform a denial of service (DoS) attack.
74) Use-after-free (CVE-ID: CVE-2022-49892)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ftrace_shutdown() function in kernel/trace/ftrace.c. A local user can escalate privileges on the system.
75) Memory leak (CVE-ID: CVE-2022-49900)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the piix4_probe() function in drivers/i2c/busses/i2c-piix4.c. A local user can perform a denial of service (DoS) attack.
76) Memory leak (CVE-ID: CVE-2022-49905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smc_init() and smc_pnet_exit() functions in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.
77) Memory leak (CVE-ID: CVE-2022-49906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __ibmvnic_reset() function in drivers/net/ethernet/ibm/ibmvnic.c. A local user can perform a denial of service (DoS) attack.
78) Memory leak (CVE-ID: CVE-2022-49908)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the l2cap_recv_acldata() function in net/bluetooth/l2cap_core.c. A local user can perform a denial of service (DoS) attack.
79) Use-after-free (CVE-ID: CVE-2022-49909)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_data_channel() function in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
80) Use-after-free (CVE-ID: CVE-2022-49910)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_rx_state_recv(), l2cap_rx() and l2cap_stream_rx() functions in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
81) Memory leak (CVE-ID: CVE-2022-49915)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mISDN_register_device() function in drivers/isdn/mISDN/core.c. A local user can perform a denial of service (DoS) attack.
82) Use of uninitialized resource (CVE-ID: CVE-2022-49916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the rose_transmit_clear_request() function in net/rose/rose_link.c. A local user can perform a denial of service (DoS) attack.
83) Memory leak (CVE-ID: CVE-2022-49922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfcmrvl_i2c_nci_send() function in drivers/nfc/nfcmrvl/i2c.c. A local user can perform a denial of service (DoS) attack.
84) Memory leak (CVE-ID: CVE-2022-49923)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nxp_nci_send() function in drivers/nfc/nxp-nci/core.c. A local user can perform a denial of service (DoS) attack.
85) Memory leak (CVE-ID: CVE-2022-49924)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fdp_nci_close() function in drivers/nfc/fdp/fdp.c. A local user can perform a denial of service (DoS) attack.
86) Improper locking (CVE-ID: CVE-2022-49925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nldev_init() function in drivers/infiniband/core/nldev.c, within the ib_core_init() function in drivers/infiniband/core/device.c. A local user can perform a denial of service (DoS) attack.
87) Memory leak (CVE-ID: CVE-2022-49927)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfs40_init_client() function in fs/nfs/nfs4client.c. A local user can perform a denial of service (DoS) attack.
88) NULL pointer dereference (CVE-ID: CVE-2022-49928)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rpc_sysfs_client_setup(), rpc_sysfs_xprt_switch_setup() and rpc_sysfs_xprt_setup() functions in net/sunrpc/sysfs.c. A local user can perform a denial of service (DoS) attack.
89) NULL pointer dereference (CVE-ID: CVE-2022-49931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sc_disable() function in drivers/infiniband/hw/hfi1/pio.c. A local user can perform a denial of service (DoS) attack.
90) Use-after-free (CVE-ID: CVE-2023-1990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the ndlc_remove() function in drivers/nfc/st-nci/ndlc.c. A local user can trigger a use-after-free error and perform a denial of service (DoS) attack.
91) Memory leak (CVE-ID: CVE-2023-53035)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nilfs_ioctl_wrap_copy() function in fs/nilfs2/ioctl.c. A local user can perform a denial of service (DoS) attack.
92) NULL pointer dereference (CVE-ID: CVE-2023-53038)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_read_object() function in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_sli4_cgn_params_read() function in drivers/scsi/lpfc/lpfc_init.c. A local user can perform a denial of service (DoS) attack.
93) Double free (CVE-ID: CVE-2023-53039)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the void recv_ipc() and ish_dev_init() functions in drivers/hid/intel-ish-hid/ipc/ipc.c. A local user can perform a denial of service (DoS) attack.
94) Buffer overflow (CVE-ID: CVE-2023-53040)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ca8210_skb_tx() function in drivers/net/ieee802154/ca8210.c. A local user can escalate privileges on the system.
95) Improper locking (CVE-ID: CVE-2023-53041)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __qla2x00_abort_all_cmds() function in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
96) NULL pointer dereference (CVE-ID: CVE-2023-53044)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the alloc_dev() function in drivers/md/dm.c, within the dm_stat_in_flight() and dm_stats_init() functions in drivers/md/dm-stats.c. A local user can perform a denial of service (DoS) attack.
97) Improper locking (CVE-ID: CVE-2023-53045)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the g_audio_cleanup() function in drivers/usb/gadget/function/u_audio.c. A local user can perform a denial of service (DoS) attack.
98) NULL pointer dereference (CVE-ID: CVE-2023-53049)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ucsi_init() function in drivers/usb/typec/ucsi/ucsi.c. A local user can perform a denial of service (DoS) attack.
99) Improper locking (CVE-ID: CVE-2023-53051)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the crypt_io_from_node() function in drivers/md/dm-crypt.c. A local user can perform a denial of service (DoS) attack.
100) Improper locking (CVE-ID: CVE-2023-53052)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tconInfoAlloc() and tconInfoFree() functions in fs/cifs/misc.c, within the DECLARE_RWSEM(), dfs_cache_destroy(), dfs_cache_add_refsrv_session() and dfs_cache_remount_fs() functions in fs/cifs/dfs_cache.c, within the get_session(), get_dfs_conn(), __dfs_mount_share() and dfs_mount_share() functions in fs/cifs/dfs.c, within the cifs_mount() and cifs_umount() functions in fs/cifs/connect.c. A local user can perform a denial of service (DoS) attack.
101) Memory leak (CVE-ID: CVE-2023-53054)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dwc2_get_dr_mode(), __dwc2_lowlevel_hw_enable() and __dwc2_lowlevel_hw_disable() functions in drivers/usb/dwc2/platform.c. A local user can perform a denial of service (DoS) attack.
102) NULL pointer dereference (CVE-ID: CVE-2023-53056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla2x00_get_sp_from_handle() and qla25xx_process_bidir_status_iocb() functions in drivers/scsi/qla2xxx/qla_isr.c. A local user can perform a denial of service (DoS) attack.
103) Improper error handling (CVE-ID: CVE-2023-53058)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mlx5_esw_acl_ingress_vport_bond_update() function in drivers/net/ethernet/mellanox/mlx5/core/esw/acl/ingress_ofld.c. A local user can perform a denial of service (DoS) attack.
104) Memory leak (CVE-ID: CVE-2023-53059)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cros_ec_chardev_ioctl_xcmd() function in drivers/platform/chrome/cros_ec_chardev.c. A local user can perform a denial of service (DoS) attack.
105) Improper locking (CVE-ID: CVE-2023-53060)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the igb_remove() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
106) Memory leak (CVE-ID: CVE-2023-53062)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smsc95xx_rx_fixup() function in drivers/net/usb/smsc95xx.c. A local user can perform a denial of service (DoS) attack.
107) Resource management error (CVE-ID: CVE-2023-53064)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iavf_remove() function in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.
108) Out-of-bounds read (CVE-ID: CVE-2023-53065)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the perf_event_bpf_output() function in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.
109) NULL pointer dereference (CVE-ID: CVE-2023-53066)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qed_iov_configure_min_tx_rate() and qed_iov_handle_trust_change() functions in drivers/net/ethernet/qlogic/qed/qed_sriov.c. A local user can perform a denial of service (DoS) attack.
110) Memory leak (CVE-ID: CVE-2023-53068)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lan78xx_rx() function in drivers/net/usb/lan78xx.c. A local user can perform a denial of service (DoS) attack.
111) Use-after-free (CVE-ID: CVE-2023-53075)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lookup_rec() function in kernel/trace/ftrace.c. A local user can escalate privileges on the system.
112) Out-of-bounds read (CVE-ID: CVE-2023-53077)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the CalculateVMAndRowBytes() function in drivers/gpu/drm/amd/display/dc/dml/dcn30/display_mode_vba_30.c. A local user can perform a denial of service (DoS) attack.
113) Memory leak (CVE-ID: CVE-2023-53078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the alua_activate() function in drivers/scsi/device_handler/scsi_dh_alua.c. A local user can perform a denial of service (DoS) attack.
114) NULL pointer dereference (CVE-ID: CVE-2023-53079)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the esw_disable_vport() function in drivers/net/ethernet/mellanox/mlx5/core/eswitch.c. A local user can perform a denial of service (DoS) attack.
115) Buffer overflow (CVE-ID: CVE-2023-53081)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ocfs2_write_end_nolock() function in fs/ocfs2/aops.c. A local user can perform a denial of service (DoS) attack.
116) Use-after-free (CVE-ID: CVE-2023-53084)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drm_gem_shmem_mmap() function in drivers/gpu/drm/drm_gem_shmem_helper.c. A local user can escalate privileges on the system.
117) Buffer overflow (CVE-ID: CVE-2023-53087)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the replace_barrier() and i915_active_add_request() functions in drivers/gpu/drm/i915/i915_active.c. A local user can perform a denial of service (DoS) attack.
118) Infinite loop (CVE-ID: CVE-2023-53089)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the ext4_xattr_inode_iget() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
119) Use-after-free (CVE-ID: CVE-2023-53090)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the alloc_event_waiters() function in drivers/gpu/drm/amd/amdkfd/kfd_events.c. A local user can escalate privileges on the system.
120) NULL pointer dereference (CVE-ID: CVE-2023-53091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ext4_load_journal() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
121) Memory leak (CVE-ID: CVE-2023-53092)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the exynos_generic_icc_probe() function in drivers/interconnect/samsung/exynos.c. A local user can perform a denial of service (DoS) attack.
122) Resource management error (CVE-ID: CVE-2023-53093)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __create_val_field() function in kernel/trace/trace_events_hist.c. A local user can perform a denial of service (DoS) attack.
123) Memory leak (CVE-ID: CVE-2023-53096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the icc_node_destroy() function in drivers/interconnect/core.c. A local user can perform a denial of service (DoS) attack.
124) NULL pointer dereference (CVE-ID: CVE-2023-53098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gpio_ir_recv_probe() and MODULE_DEVICE_TABLE() functions in drivers/media/rc/gpio-ir-recv.c. A local user can perform a denial of service (DoS) attack.
125) Use-after-free (CVE-ID: CVE-2023-53099)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the do_feature_check_call() function in drivers/firmware/xilinx/zynqmp.c. A local user can escalate privileges on the system.
126) Resource management error (CVE-ID: CVE-2023-53100)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
127) Resource management error (CVE-ID: CVE-2023-53101)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the swap_inode_boot_loader() function in fs/ext4/ioctl.c. A local user can perform a denial of service (DoS) attack.
128) Use-after-free (CVE-ID: CVE-2023-53106)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL() function in drivers/nfc/st-nci/ndlc.c. A local user can escalate privileges on the system.
129) Improper locking (CVE-ID: CVE-2023-53108)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the net/iucv/iucv.c. A local user can perform a denial of service (DoS) attack.
130) Use-after-free (CVE-ID: CVE-2023-53111)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the loop_queue_rq() function in drivers/block/loop.c. A local user can escalate privileges on the system.
131) NULL pointer dereference (CVE-ID: CVE-2023-53114)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i40e_init_recovery_mode() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
132) Use-after-free (CVE-ID: CVE-2023-53116)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __nvmet_req_complete() function in drivers/nvme/target/core.c. A local user can escalate privileges on the system.
133) Incorrect calculation (CVE-ID: CVE-2023-53118)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the scsi_host_dev_release() function in drivers/scsi/hosts.c. A local user can perform a denial of service (DoS) attack.
134) NULL pointer dereference (CVE-ID: CVE-2023-53119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pn533_usb_send_frame() function in drivers/nfc/pn533/usb.c. A local user can perform a denial of service (DoS) attack.
135) Use-after-free (CVE-ID: CVE-2023-53123)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pci_bus_resource_n() function in drivers/pci/bus.c, within the zpci_bus_prepare_device() function in arch/s390/pci/pci_bus.c, within the __alloc_res() and zpci_setup_bus_resources() functions in arch/s390/pci/pci.c. A local user can escalate privileges on the system.
136) NULL pointer dereference (CVE-ID: CVE-2023-53124)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mpt3sas_transport_port_add() function in drivers/scsi/mpt3sas/mpt3sas_transport.c. A local user can perform a denial of service (DoS) attack.
137) Memory leak (CVE-ID: CVE-2023-53125)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smsc75xx_rx_fixup() function in drivers/net/usb/smsc75xx.c. A local user can perform a denial of service (DoS) attack.
138) Memory leak (CVE-ID: CVE-2023-53131)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the svc_start_kthreads() and svc_stop_kthreads() functions in net/sunrpc/svc.c. A local user can perform a denial of service (DoS) attack.
139) Buffer overflow (CVE-ID: CVE-2023-53134)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bnxt_alloc_ring(), bnxt_free_tpa_info() and bnxt_alloc_tpa_info() functions in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can perform a denial of service (DoS) attack.
140) Improper locking (CVE-ID: CVE-2023-53137)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_rename() and ext4_journal_stop() functions in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.
141) Out-of-bounds read (CVE-ID: CVE-2023-53139)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fdp_nci_i2c_read_device_properties() and dev_dbg() functions in drivers/nfc/fdp/i2c.c. A local user can perform a denial of service (DoS) attack.
142) Memory leak (CVE-ID: CVE-2023-53140)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the scsi_remove_host() and scsi_host_dev_release() functions in drivers/scsi/hosts.c. A local user can perform a denial of service (DoS) attack.
143) Buffer overflow (CVE-ID: CVE-2023-53142)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ice_get_module_eeprom() function in drivers/net/ethernet/intel/ice/ice_ethtool.c. A local user can escalate privileges on the system.
144) Input validation error (CVE-ID: CVE-2023-53143)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ext4_getfsmap_datadev() function in fs/ext4/fsmap.c. A local user can perform a denial of service (DoS) attack.
145) Use-after-free (CVE-ID: CVE-2023-53145)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btsdio_remove() function in drivers/bluetooth/btsdio.c. A local user can escalate privileges on the system.
146) Use-after-free (CVE-ID: CVE-2024-53168)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xs_create_sock() function in net/sunrpc/xprtsock.c, within the svc_create_socket() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.
147) Use-after-free (CVE-ID: CVE-2024-56558)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the e_show() function in fs/nfsd/export.c. A local user can escalate privileges on the system.
148) Use-after-free (CVE-ID: CVE-2025-21888)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlx5_free_priv_descs() function in drivers/infiniband/hw/mlx5/mr.c. A local user can escalate privileges on the system.
149) Use-after-free (CVE-ID: CVE-2025-21999)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the proc_get_inode() function in fs/proc/inode.c, within the proc_create_reg(), proc_create_seq_private() and proc_create_single_data() functions in fs/proc/generic.c. A local user can escalate privileges on the system.
150) Resource management error (CVE-ID: CVE-2025-22056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nft_tunnel_obj_geneve_init() and nft_tunnel_opts_dump() functions in net/netfilter/nft_tunnel.c. A local user can perform a denial of service (DoS) attack.
151) Use-after-free (CVE-ID: CVE-2025-22060)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mvpp2_prs_hw_write(), mvpp2_prs_init_from_hw(), mvpp2_prs_flow_find(), mvpp2_prs_mac_drop_all_set(), mvpp2_prs_mac_promisc_set(), mvpp2_prs_dsa_tag_set(), mvpp2_prs_dsa_tag_ethertype_set(), mvpp2_prs_vlan_find(), mvpp2_prs_vlan_add(), mvpp2_prs_double_vlan_find(), mvpp2_prs_double_vlan_add(), mvpp2_prs_mac_init(), mvpp2_prs_vlan_init(), mvpp2_prs_vid_range_find(), mvpp2_prs_vid_entry_add(), mvpp2_prs_vid_entry_remove(), mvpp2_prs_vid_remove_all(), mvpp2_prs_vid_disable_filtering(), mvpp2_prs_vid_enable_filtering(), mvpp2_prs_default_init(), mvpp2_prs_mac_da_range_find(), mvpp2_prs_mac_da_accept(), mvpp2_prs_mac_del_all(), mvpp2_prs_tag_mode_set(), mvpp2_prs_add_flow(), mvpp2_prs_def_flow() and mvpp2_prs_hits() functions in drivers/net/ethernet/marvell/mvpp2/mvpp2_prs.c, within the mvpp2_probe() function in drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c. A local user can escalate privileges on the system.
152) Integer underflow (CVE-ID: CVE-2025-23138)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the watch_queue_set_size() function in kernel/watch_queue.c. A local user can execute arbitrary code.
153) NULL pointer dereference (CVE-ID: CVE-2025-23145)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the subflow_hmac_valid() and subflow_syn_recv_sock() functions in net/mptcp/subflow.c. A local user can perform a denial of service (DoS) attack.
154) Use-after-free (CVE-ID: CVE-2025-37785)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __ext4_check_dir_entry() function in fs/ext4/dir.c. A local user can escalate privileges on the system.
155) Input validation error (CVE-ID: CVE-2025-37789)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the validate_set() function in net/openvswitch/flow_netlink.c. A local user can perform a denial of service (DoS) attack.
156) Input validation error (CVE-ID: CVE-2025-37948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pr_fmt(), build_plt(), build_epilogue() and bpf_int_jit_compile() functions in arch/arm64/net/bpf_jit_comp.c, within the this_cpu_set_vectors() function in arch/arm64/kernel/proton-pack.c. A local user can perform a denial of service (DoS) attack.
157) Input validation error (CVE-ID: CVE-2025-37963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the build_bhb_mitigation() function in arch/arm64/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.