SB2025061747 - SUSE update for the Linux Kernel
Published: June 17, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 169 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2020-36791)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tcindex_set_parms() function in net/sched/cls_tcindex.c. A local user can perform a denial of service (DoS) attack.
2) Input validation error (CVE-ID: CVE-2021-20320)
The vulnerability allows a local user to gain access to sensitive information.
A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem.
3) Memory leak (CVE-ID: CVE-2021-4159)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due memory leak in Linux kernel EBPF verifier when handling internal data structures. A local user with permissions to insert eBPF code to the kernel can force the kernel to leak internal kernel memory details and bypass mitigations, related to exploitation protection.
4) Buffer overflow (CVE-ID: CVE-2021-47170)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the proc_bulk() and proc_do_submiturb() functions in drivers/usb/core/devio.c. A local user can perform a denial of service (DoS) attack.
5) Use-after-free (CVE-ID: CVE-2021-47670)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pcan_usb_fd_decode_canmsg() and pcan_usb_fd_decode_status() functions in drivers/net/can/usb/peak_usb/pcan_usb_fd.c. A local user can escalate privileges on the system.
6) Use-after-free (CVE-ID: CVE-2022-3564)
The vulnerability allows an attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the l2cap_reassemble_sdu() function in net/bluetooth/l2cap_core.c. An attacker with physical access to device can trigger a use-after-free error and execute arbitrary code on the system.
7) Improper error handling (CVE-ID: CVE-2022-48875)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the drv_ampdu_action() function in net/mac80211/driver-ops.c, within the ieee80211_tx_ba_session_handle_start() function in net/mac80211/agg-tx.c. A local user can perform a denial of service (DoS) attack.
8) NULL pointer dereference (CVE-ID: CVE-2022-49139)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hci_sync_conn_complete_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
9) Out-of-bounds read (CVE-ID: CVE-2022-49145)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the acpi_cppc_processor_probe() function in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.
10) Use-after-free (CVE-ID: CVE-2022-49168)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_repair_one_sector() function in fs/btrfs/extent_io.c. A local user can escalate privileges on the system.
11) Memory leak (CVE-ID: CVE-2022-49190)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the DEFINE_RWLOCK() and __initcall() functions in kernel/resource.c. A local user can perform a denial of service (DoS) attack.
12) Memory leak (CVE-ID: CVE-2022-49212)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the atmel_nand_controller_init() function in drivers/mtd/nand/atmel/nand-controller.c. A local user can perform a denial of service (DoS) attack.
13) Memory leak (CVE-ID: CVE-2022-49216)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tegra_dsi_ganged_probe() function in drivers/gpu/drm/tegra/dsi.c. A local user can perform a denial of service (DoS) attack.
14) Use of uninitialized resource (CVE-ID: CVE-2022-49235)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the htc_issue_send() and htc_connect_service() functions in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
15) Use of uninitialized resource (CVE-ID: CVE-2022-49248)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the fcp_avc_transaction() function in sound/firewire/fcp.c. A local user can perform a denial of service (DoS) attack.
16) Memory leak (CVE-ID: CVE-2022-49253)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the s2250_probe() and i2c_unregister_device() functions in drivers/media/usb/go7007/s2250-board.c. A local user can perform a denial of service (DoS) attack.
17) Integer overflow (CVE-ID: CVE-2022-49320)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the zynqmp_dma_alloc_chan_resources() function in drivers/dma/xilinx/zynqmp_dma.c. A local user can execute arbitrary code.
18) Improper Initialization (CVE-ID: CVE-2022-49326)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the rtl8180_tx() function in drivers/net/wireless/realtek/rtl818x/rtl8180/dev.c. A local user can perform a denial of service (DoS) attack.
19) Improper locking (CVE-ID: CVE-2022-49371)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __device_attach() function in drivers/base/dd.c. A local user can perform a denial of service (DoS) attack.
20) Memory leak (CVE-ID: CVE-2022-49382)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rockchip_grf_init() function in drivers/soc/rockchip/grf.c. A local user can perform a denial of service (DoS) attack.
21) Memory leak (CVE-ID: CVE-2022-49396)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_qmp_reset_control_put() and qcom_qmp_phy_create() functions in drivers/phy/qualcomm/phy-qcom-qmp.c. A local user can perform a denial of service (DoS) attack.
22) Improper locking (CVE-ID: CVE-2022-49420)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the compute_score() and __udp_v6_is_mcast_sock() functions in net/ipv6/udp.c, within the WRITE_ONCE() and ip6_datagram_send_ctl() functions in net/ipv6/datagram.c. A local user can perform a denial of service (DoS) attack.
23) Improper locking (CVE-ID: CVE-2022-49441)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tty_buffer_alloc() function in drivers/tty/tty_buffer.c. A local user can perform a denial of service (DoS) attack.
24) NULL pointer dereference (CVE-ID: CVE-2022-49445)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sh_pfc_map_resources() function in drivers/pinctrl/renesas/core.c. A local user can perform a denial of service (DoS) attack.
25) Resource management error (CVE-ID: CVE-2022-49460)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rk3399_dmcfreq_remove() function in drivers/devfreq/rk3399_dmc.c. A local user can perform a denial of service (DoS) attack.
26) Memory leak (CVE-ID: CVE-2022-49467)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mdp5_crtc_cursor_set() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_crtc.c. A local user can perform a denial of service (DoS) attack.
27) Use-after-free (CVE-ID: CVE-2022-49474)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sco_sock_connect() function in net/bluetooth/sco.c. A local user can escalate privileges on the system.
28) NULL pointer dereference (CVE-ID: CVE-2022-49491)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vop_bind() function in drivers/gpu/drm/rockchip/rockchip_drm_vop.c. A local user can perform a denial of service (DoS) attack.
29) Out-of-bounds read (CVE-ID: CVE-2022-49503)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath9k_rx_prepare() function in drivers/net/wireless/ath/ath9k/htc_drv_txrx.c. A local user can perform a denial of service (DoS) attack.
30) Out-of-bounds read (CVE-ID: CVE-2022-49592)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dwmac4_map_mtl_dma() function in drivers/net/ethernet/stmicro/stmmac/dwmac4_core.c. A local user can perform a denial of service (DoS) attack.
31) Use-after-free (CVE-ID: CVE-2022-49625)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efx_ef10_try_update_nic_stats_vf() function in drivers/net/ethernet/sfc/ef10.c. A local user can escalate privileges on the system.
32) Buffer overflow (CVE-ID: CVE-2022-49635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the pot_hole() function in drivers/gpu/drm/i915/selftests/i915_gem_gtt.c. A local user can perform a denial of service (DoS) attack.
33) Memory leak (CVE-ID: CVE-2022-49652)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ti_dra7_xbar_route_allocate() function in drivers/dma/ti/dma-crossbar.c. A local user can perform a denial of service (DoS) attack.
34) Memory leak (CVE-ID: CVE-2022-49715)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gic_populate_ppi_partitions() function in drivers/irqchip/irq-gic-v3.c. A local user can perform a denial of service (DoS) attack.
35) Integer overflow (CVE-ID: CVE-2022-49728)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the __ip6_append_data(), ip6_append_data() and EXPORT_SYMBOL_GPL() functions in net/ipv6/ip6_output.c. A local user can execute arbitrary code.
36) Memory leak (CVE-ID: CVE-2022-49729)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfcmrvl_play_deferred() function in drivers/nfc/nfcmrvl/usb.c. A local user can perform a denial of service (DoS) attack.
37) Improper locking (CVE-ID: CVE-2022-49751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the w1_process() function in drivers/w1/w1.c. A local user can perform a denial of service (DoS) attack.
38) Use-after-free (CVE-ID: CVE-2022-49761)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the run_one_delayed_ref() and btrfs_run_delayed_refs_for_head() functions in fs/btrfs/extent-tree.c. A local user can escalate privileges on the system.
39) Out-of-bounds read (CVE-ID: CVE-2022-49769)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the gfs2_check_sb() function in fs/gfs2/ops_fstype.c. A local user can perform a denial of service (DoS) attack.
40) Buffer overflow (CVE-ID: CVE-2022-49771)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the list_version_get_needed() and list_versions() functions in drivers/md/dm-ioctl.c. A local user can escalate privileges on the system.
41) Buffer overflow (CVE-ID: CVE-2022-49772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the snd_usbmidi_output_open() function in sound/usb/midi.c. A local user can perform a denial of service (DoS) attack.
42) Buffer overflow (CVE-ID: CVE-2022-49775)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the tcp_cdg_init() and tcp_cdg_release() functions in net/ipv4/tcp_cdg.c. A local user can perform a denial of service (DoS) attack.
43) Buffer overflow (CVE-ID: CVE-2022-49776)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the macvlan_common_setup() function in drivers/net/macvlan.c. A local user can perform a denial of service (DoS) attack.
44) Memory leak (CVE-ID: CVE-2022-49787)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amd_probe() function in drivers/mmc/host/sdhci-pci-core.c. A local user can perform a denial of service (DoS) attack.
45) Memory leak (CVE-ID: CVE-2022-49788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qp_notify_peer_local() and qp_notify_peer() functions in drivers/misc/vmw_vmci/vmci_queue_pair.c. A local user can perform a denial of service (DoS) attack.
46) Use-after-free (CVE-ID: CVE-2022-49789)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zfcp_fsf_req_send() function in drivers/s390/scsi/zfcp_fsf.c. A local user can escalate privileges on the system.
47) Memory leak (CVE-ID: CVE-2022-49813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ena_init() function in drivers/net/ethernet/amazon/ena/ena_netdev.c. A local user can perform a denial of service (DoS) attack.
48) Resource management error (CVE-ID: CVE-2022-49818)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mISDN_register_device() function in drivers/isdn/mISDN/core.c. A local user can perform a denial of service (DoS) attack.
49) Memory leak (CVE-ID: CVE-2022-49821)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mISDN_dsp_element_register() and device_unregister() functions in drivers/isdn/mISDN/dsp_pipeline.c. A local user can perform a denial of service (DoS) attack.
50) Memory leak (CVE-ID: CVE-2022-49822)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_mount() function in fs/cifs/connect.c. A local user can perform a denial of service (DoS) attack.
51) NULL pointer dereference (CVE-ID: CVE-2022-49826)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ata_tport_add() function in drivers/ata/libata-transport.c. A local user can perform a denial of service (DoS) attack.
52) Memory leak (CVE-ID: CVE-2022-49829)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drm_sched_entity_kill_jobs_cb() and drm_sched_entity_kill_jobs() functions in drivers/gpu/drm/scheduler/sched_entity.c. A local user can perform a denial of service (DoS) attack.
53) NULL pointer dereference (CVE-ID: CVE-2022-49832)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pinctrl_dt_to_map() function in drivers/pinctrl/devicetree.c. A local user can perform a denial of service (DoS) attack.
54) Memory leak (CVE-ID: CVE-2022-49835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the add_widget_node() function in sound/hda/hdac_sysfs.c. A local user can perform a denial of service (DoS) attack.
55) Use-after-free (CVE-ID: CVE-2022-49840)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bpf_test_init() function in net/bpf/test_run.c. A local user can escalate privileges on the system.
56) Use-after-free (CVE-ID: CVE-2022-49842)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL() function in sound/soc/soc-core.c. A local user can escalate privileges on the system.
57) Out-of-bounds read (CVE-ID: CVE-2022-49846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the udf_find_entry() function in fs/udf/namei.c. A local user can perform a denial of service (DoS) attack.
58) Memory leak (CVE-ID: CVE-2022-49853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/net/macvlan.c. A local user can perform a denial of service (DoS) attack.
59) Memory leak (CVE-ID: CVE-2022-49861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mv_xor_v2_remove() function in drivers/dma/mv_xor_v2.c. A local user can perform a denial of service attack.
60) Use of uninitialized resource (CVE-ID: CVE-2022-49862)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the iforce_init_device() function in drivers/input/joystick/iforce/iforce-main.c. A local user can perform a denial of service (DoS) attack.
61) Use of uninitialized resource (CVE-ID: CVE-2022-49865)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ip6addrlbl_putmsg() function in net/ipv6/addrlabel.c. A local user can perform a denial of service (DoS) attack.
62) Memory leak (CVE-ID: CVE-2022-49871)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the local_bh_disable() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
63) Resource management error (CVE-ID: CVE-2022-49872)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the skb_segment() function in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.
64) Memory leak (CVE-ID: CVE-2022-49874)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mousevsc_probe() function in drivers/hid/hid-hyperv.c. A local user can perform a denial of service (DoS) attack.
65) Resource management error (CVE-ID: CVE-2022-49877)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tcp_bpf_send_verdict() function in net/ipv4/tcp_bpf.c. A local user can perform a denial of service (DoS) attack.
66) Infinite loop (CVE-ID: CVE-2022-49880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the ext4_ext_migrate() function in fs/ext4/migrate.c. A local user can perform a denial of service (DoS) attack.
67) NULL pointer dereference (CVE-ID: CVE-2022-49889)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ring_buffer_wake_waiters() function in kernel/trace/ring_buffer.c. A local user can perform a denial of service (DoS) attack.
68) Use-after-free (CVE-ID: CVE-2022-49892)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ftrace_shutdown() function in kernel/trace/ftrace.c. A local user can escalate privileges on the system.
69) Improper error handling (CVE-ID: CVE-2022-49898)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the btrfs_free_tree_block() function in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.
70) Memory leak (CVE-ID: CVE-2022-49906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __ibmvnic_reset() function in drivers/net/ethernet/ibm/ibmvnic.c. A local user can perform a denial of service (DoS) attack.
71) Out-of-bounds read (CVE-ID: CVE-2022-49907)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __mdiobus_register() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.
72) Use-after-free (CVE-ID: CVE-2022-49909)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_data_channel() function in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
73) Use-after-free (CVE-ID: CVE-2022-49910)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_rx_state_recv(), l2cap_rx() and l2cap_stream_rx() functions in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
74) Memory leak (CVE-ID: CVE-2022-49913)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the prelim_release() and cond_resched() functions in fs/btrfs/backref.c. A local user can perform a denial of service (DoS) attack.
75) Memory leak (CVE-ID: CVE-2022-49914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the unode_aux_to_inode_list(), resolve_indirect_refs() and free_leaf_list() functions in fs/btrfs/backref.c. A local user can perform a denial of service (DoS) attack.
76) Memory leak (CVE-ID: CVE-2022-49915)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mISDN_register_device() function in drivers/isdn/mISDN/core.c. A local user can perform a denial of service (DoS) attack.
77) Memory leak (CVE-ID: CVE-2022-49922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfcmrvl_i2c_nci_send() function in drivers/nfc/nfcmrvl/i2c.c. A local user can perform a denial of service (DoS) attack.
78) Memory leak (CVE-ID: CVE-2022-49923)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nxp_nci_send() function in drivers/nfc/nxp-nci/core.c. A local user can perform a denial of service (DoS) attack.
79) Memory leak (CVE-ID: CVE-2022-49924)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fdp_nci_close() function in drivers/nfc/fdp/fdp.c. A local user can perform a denial of service (DoS) attack.
80) Improper locking (CVE-ID: CVE-2022-49925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nldev_init() function in drivers/infiniband/core/nldev.c, within the ib_core_init() function in drivers/infiniband/core/device.c. A local user can perform a denial of service (DoS) attack.
81) Memory leak (CVE-ID: CVE-2022-49927)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfs40_init_client() function in fs/nfs/nfs4client.c. A local user can perform a denial of service (DoS) attack.
82) NULL pointer dereference (CVE-ID: CVE-2022-49931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sc_disable() function in drivers/infiniband/hw/hfi1/pio.c. A local user can perform a denial of service (DoS) attack.
83) Memory leak (CVE-ID: CVE-2023-1074)
The vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak in Linux kernel Stream Control Transmission Protocol. A local user can start a malicious network service and then connect to remotely, forcing the kernel to leak memory.
84) Use-after-free (CVE-ID: CVE-2023-1989)
The vulnerability allows a local user to escalate privileges on the system.
The
vulnerability exists due to a use-after-free error within the btsdio_remove() function in driversluetoothtsdio.c. A local user can trigger a
use-after-free error and escalate privileges on the system.
85) Use-after-free (CVE-ID: CVE-2023-1990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the ndlc_remove() function in drivers/nfc/st-nci/ndlc.c. A local user can trigger a use-after-free error and perform a denial of service (DoS) attack.
86) Buffer overflow (CVE-ID: CVE-2023-52868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the thermal_zone_bind_cooling_device() function in drivers/thermal/thermal_core.c. A local user can perform a denial of service (DoS) attack.
87) Use-after-free (CVE-ID: CVE-2023-52975)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL() and iscsi_session_teardown() functions in drivers/scsi/libiscsi.c, within the iscsi_sw_tcp_session_destroy() function in drivers/scsi/iscsi_tcp.c. A local user can escalate privileges on the system.
88) Out-of-bounds read (CVE-ID: CVE-2023-52988)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the add_secret_dac_path() function in sound/pci/hda/patch_via.c. A local user can perform a denial of service (DoS) attack.
89) Memory leak (CVE-ID: CVE-2023-52989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ioctl_send_response() function in drivers/firewire/core-cdev.c. A local user can perform a denial of service (DoS) attack.
90) NULL pointer dereference (CVE-ID: CVE-2023-52993)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_ISA_irqs() function in arch/x86/kernel/irqinit.c, within the make_8259A_irq() function in arch/x86/kernel/i8259.c. A local user can perform a denial of service (DoS) attack.
91) Double free (CVE-ID: CVE-2023-53039)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the void recv_ipc() and ish_dev_init() functions in drivers/hid/intel-ish-hid/ipc/ipc.c. A local user can perform a denial of service (DoS) attack.
92) Improper locking (CVE-ID: CVE-2023-53041)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __qla2x00_abort_all_cmds() function in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
93) NULL pointer dereference (CVE-ID: CVE-2023-53044)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the alloc_dev() function in drivers/md/dm.c, within the dm_stat_in_flight() and dm_stats_init() functions in drivers/md/dm-stats.c. A local user can perform a denial of service (DoS) attack.
94) Improper locking (CVE-ID: CVE-2023-53045)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the g_audio_cleanup() function in drivers/usb/gadget/function/u_audio.c. A local user can perform a denial of service (DoS) attack.
95) Improper locking (CVE-ID: CVE-2023-53051)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the crypt_io_from_node() function in drivers/md/dm-crypt.c. A local user can perform a denial of service (DoS) attack.
96) NULL pointer dereference (CVE-ID: CVE-2023-53056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla2x00_get_sp_from_handle() and qla25xx_process_bidir_status_iocb() functions in drivers/scsi/qla2xxx/qla_isr.c. A local user can perform a denial of service (DoS) attack.
97) Improper locking (CVE-ID: CVE-2023-53060)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the igb_remove() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
98) Memory leak (CVE-ID: CVE-2023-53062)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smsc95xx_rx_fixup() function in drivers/net/usb/smsc95xx.c. A local user can perform a denial of service (DoS) attack.
99) NULL pointer dereference (CVE-ID: CVE-2023-53066)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qed_iov_configure_min_tx_rate() and qed_iov_handle_trust_change() functions in drivers/net/ethernet/qlogic/qed/qed_sriov.c. A local user can perform a denial of service (DoS) attack.
100) Memory leak (CVE-ID: CVE-2023-53068)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lan78xx_rx() function in drivers/net/usb/lan78xx.c. A local user can perform a denial of service (DoS) attack.
101) Use-after-free (CVE-ID: CVE-2023-53075)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lookup_rec() function in kernel/trace/ftrace.c. A local user can escalate privileges on the system.
102) Memory leak (CVE-ID: CVE-2023-53078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the alua_activate() function in drivers/scsi/device_handler/scsi_dh_alua.c. A local user can perform a denial of service (DoS) attack.
103) NULL pointer dereference (CVE-ID: CVE-2023-53079)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the esw_disable_vport() function in drivers/net/ethernet/mellanox/mlx5/core/eswitch.c. A local user can perform a denial of service (DoS) attack.
104) Buffer overflow (CVE-ID: CVE-2023-53080)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the xdp_umem_account_pages() and xdp_umem_reg() functions in net/xdp/xdp_umem.c. A local user can perform a denial of service (DoS) attack.
105) NULL pointer dereference (CVE-ID: CVE-2023-53094)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpuart_dma_rx_free(), lpuart32_startup(), lpuart_set_termios(), lpuart32_set_termios() and lpuart_suspend() functions in drivers/tty/serial/fsl_lpuart.c. A local user can perform a denial of service (DoS) attack.
106) Resource management error (CVE-ID: CVE-2023-53100)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
107) Resource management error (CVE-ID: CVE-2023-53101)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the swap_inode_boot_loader() function in fs/ext4/ioctl.c. A local user can perform a denial of service (DoS) attack.
108) Improper locking (CVE-ID: CVE-2023-53103)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the eth_hw_addr_random() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
109) Use-after-free (CVE-ID: CVE-2023-53106)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL() function in drivers/nfc/st-nci/ndlc.c. A local user can escalate privileges on the system.
110) Improper locking (CVE-ID: CVE-2023-53108)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the net/iucv/iucv.c. A local user can perform a denial of service (DoS) attack.
111) Improper locking (CVE-ID: CVE-2023-53109)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the LL_RESERVED_SPACE() function in net/ipv6/ip6_tunnel.c, within the ip_md_tunnel_xmit() and ip_tunnel_xmit() functions in net/ipv4/ip_tunnel.c. A local user can perform a denial of service (DoS) attack.
112) NULL pointer dereference (CVE-ID: CVE-2023-53114)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i40e_init_recovery_mode() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
113) NULL pointer dereference (CVE-ID: CVE-2023-53119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pn533_usb_send_frame() function in drivers/nfc/pn533/usb.c. A local user can perform a denial of service (DoS) attack.
114) Input validation error (CVE-ID: CVE-2023-53121)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tcp_make_synack() function in net/ipv4/tcp_output.c. A local user can perform a denial of service (DoS) attack.
115) NULL pointer dereference (CVE-ID: CVE-2023-53124)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mpt3sas_transport_port_add() function in drivers/scsi/mpt3sas/mpt3sas_transport.c. A local user can perform a denial of service (DoS) attack.
116) Memory leak (CVE-ID: CVE-2023-53125)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smsc75xx_rx_fixup() function in drivers/net/usb/smsc75xx.c. A local user can perform a denial of service (DoS) attack.
117) Memory leak (CVE-ID: CVE-2023-53131)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the svc_start_kthreads() and svc_stop_kthreads() functions in net/sunrpc/svc.c. A local user can perform a denial of service (DoS) attack.
118) Out-of-bounds read (CVE-ID: CVE-2023-53139)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fdp_nci_i2c_read_device_properties() and dev_dbg() functions in drivers/nfc/fdp/i2c.c. A local user can perform a denial of service (DoS) attack.
119) Memory leak (CVE-ID: CVE-2023-53140)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the scsi_remove_host() and scsi_host_dev_release() functions in drivers/scsi/hosts.c. A local user can perform a denial of service (DoS) attack.
120) Input validation error (CVE-ID: CVE-2023-53141)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ila_xlat_nl_cmd_get_mapping() function in net/ipv6/ila/ila_xlat.c. A local user can perform a denial of service (DoS) attack.
121) Use-after-free (CVE-ID: CVE-2023-53145)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btsdio_remove() function in drivers/bluetooth/btsdio.c. A local user can escalate privileges on the system.
122) Improper locking (CVE-ID: CVE-2024-26740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mirred_egress_to_ingress_tcp_test() function in tools/testing/selftests/net/forwarding/tc_actions.sh, within the is_mirred_nested() and tcf_mirred_to_dev() functions in net/sched/act_mirred.c. A local user can perform a denial of service (DoS) attack.
123) Use-after-free (CVE-ID: CVE-2024-26804)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tnl_update_pmtu(), ip_md_tunnel_xmit() and ip_tunnel_xmit() functions in net/ipv4/ip_tunnel.c. A local user can escalate privileges on the system.
124) Improper locking (CVE-ID: CVE-2024-27010)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qdisc_alloc() function in net/sched/sch_generic.c, within the qdisc_run_end() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
125) Improper Initialization (CVE-ID: CVE-2024-45021)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the memcg_write_event_control() function in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.
126) Incorrect calculation (CVE-ID: CVE-2024-46751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the btrfs_item_ptr() and spin_lock() functions in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.
127) Improper error handling (CVE-ID: CVE-2024-46752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the update_ref_for_cow() function in fs/btrfs/ctree.c. A local user can perform a denial of service (DoS) attack.
128) Use-after-free (CVE-ID: CVE-2024-50106)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the destroy_delegation(), nfsd4_revoke_states(), nfs4_laundromat(), nfsd4_free_stateid() and nfsd4_delegreturn() functions in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.
129) Use-after-free (CVE-ID: CVE-2024-53168)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xs_create_sock() function in net/sunrpc/xprtsock.c, within the svc_create_socket() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.
130) Use-after-free (CVE-ID: CVE-2024-56633)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sock_put() function in net/ipv4/tcp_bpf.c. A local user can escalate privileges on the system.
131) Memory leak (CVE-ID: CVE-2024-56779)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the release_open_stateid(), spin_lock() and nfsd4_process_open2() functions in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.
132) Buffer overflow (CVE-ID: CVE-2025-21648)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nf_ct_alloc_hashtable() function in net/netfilter/nf_conntrack_core.c. A local user can perform a denial of service (DoS) attack.
133) Resource management error (CVE-ID: CVE-2025-21702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pfifo_tail_enqueue() function in net/sched/sch_fifo.c. A local user can perform a denial of service (DoS) attack.
134) Buffer overflow (CVE-ID: CVE-2025-21704)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the acm_process_notification() and acm_ctrl_irq() functions in drivers/usb/class/cdc-acm.c. A local user can escalate privileges on the system.
135) Input validation error (CVE-ID: CVE-2025-21787)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the team_nl_options_set_doit() function in drivers/net/team/team_core.c. A local user can perform a denial of service (DoS) attack.
136) NULL pointer dereference (CVE-ID: CVE-2025-21814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ptp_getcycles64() and ptp_clock_register() functions in drivers/ptp/ptp_clock.c. A local user can perform a denial of service (DoS) attack.
137) Use-after-free (CVE-ID: CVE-2025-21969)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_get_ident(), l2cap_send_cmd(), l2cap_conn_del(), l2cap_conn_free(), l2cap_recv_reset() and l2cap_recv_acldata() functions in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
138) Resource management error (CVE-ID: CVE-2025-22021)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nf_sk_lookup_slow_v6() function in net/ipv6/netfilter/nf_socket_ipv6.c. A local user can perform a denial of service (DoS) attack.
139) Memory leak (CVE-ID: CVE-2025-22025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfs4_alloc_open_stateid() and nfsd_break_one_deleg() functions in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.
140) NULL pointer dereference (CVE-ID: CVE-2025-22027)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the streamzap_disconnect() function in drivers/media/rc/streamzap.c. A local user can perform a denial of service (DoS) attack.
141) NULL pointer dereference (CVE-ID: CVE-2025-22050)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.
142) Memory leak (CVE-ID: CVE-2025-22058)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the udp_skb_has_head_state(), udp_rmem_release(), EXPORT_SYMBOL_GPL() and first_packet_length() functions in net/ipv4/udp.c. A local user can perform a denial of service (DoS) attack.
143) Use-after-free (CVE-ID: CVE-2025-22060)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mvpp2_prs_hw_write(), mvpp2_prs_init_from_hw(), mvpp2_prs_flow_find(), mvpp2_prs_mac_drop_all_set(), mvpp2_prs_mac_promisc_set(), mvpp2_prs_dsa_tag_set(), mvpp2_prs_dsa_tag_ethertype_set(), mvpp2_prs_vlan_find(), mvpp2_prs_vlan_add(), mvpp2_prs_double_vlan_find(), mvpp2_prs_double_vlan_add(), mvpp2_prs_mac_init(), mvpp2_prs_vlan_init(), mvpp2_prs_vid_range_find(), mvpp2_prs_vid_entry_add(), mvpp2_prs_vid_entry_remove(), mvpp2_prs_vid_remove_all(), mvpp2_prs_vid_disable_filtering(), mvpp2_prs_vid_enable_filtering(), mvpp2_prs_default_init(), mvpp2_prs_mac_da_range_find(), mvpp2_prs_mac_da_accept(), mvpp2_prs_mac_del_all(), mvpp2_prs_tag_mode_set(), mvpp2_prs_add_flow(), mvpp2_prs_def_flow() and mvpp2_prs_hits() functions in drivers/net/ethernet/marvell/mvpp2/mvpp2_prs.c, within the mvpp2_probe() function in drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c. A local user can escalate privileges on the system.
144) NULL pointer dereference (CVE-ID: CVE-2025-22063)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the calipso_sock_getattr() and calipso_sock_setattr() functions in net/ipv6/calipso.c. A local user can perform a denial of service (DoS) attack.
145) Out-of-bounds read (CVE-ID: CVE-2025-22104)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vnic_add_client_data(), send_login(), handle_query_ip_offload_rsp() and handle_login_rsp() functions in drivers/net/ethernet/ibm/ibmvnic.c. A local user can perform a denial of service (DoS) attack.
146) NULL pointer dereference (CVE-ID: CVE-2025-23136)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the int3402_thermal_probe() function in drivers/thermal/intel/int340x_thermal/int3402_thermal.c. A local user can perform a denial of service (DoS) attack.
147) Use-after-free (CVE-ID: CVE-2025-23150)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the do_split() function in fs/ext4/namei.c. A local user can escalate privileges on the system.
148) Improper locking (CVE-ID: CVE-2025-23161)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vmd_pci_read(), vmd_pci_write() and vmd_probe() functions in drivers/pci/controller/vmd.c. A local user can perform a denial of service (DoS) attack.
149) Out-of-bounds read (CVE-ID: CVE-2025-37749)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ppp_sync_txmunge() function in drivers/net/ppp/ppp_synctty.c. A local user can perform a denial of service (DoS) attack.
150) Out-of-bounds read (CVE-ID: CVE-2025-37752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sfq_change() function in net/sched/sch_sfq.c. A local user can perform a denial of service (DoS) attack.
151) Out-of-bounds read (CVE-ID: CVE-2025-37780)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the isofs_fh_to_parent() function in fs/isofs/export.c. A local user can perform a denial of service (DoS) attack.
152) Out-of-bounds read (CVE-ID: CVE-2025-37782)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hfs_bnode_read_key() function in fs/hfsplus/bnode.c, within the hfs_bnode_read_key() function in fs/hfs/bnode.c. A local user can perform a denial of service (DoS) attack.
153) Input validation error (CVE-ID: CVE-2025-37789)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the validate_set() function in net/openvswitch/flow_netlink.c. A local user can perform a denial of service (DoS) attack.
154) NULL pointer dereference (CVE-ID: CVE-2025-37794)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ieee80211_do_stop() function in net/mac80211/iface.c. A local user can perform a denial of service (DoS) attack.
155) Memory leak (CVE-ID: CVE-2025-37796)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the at76_disconnect() function in drivers/net/wireless/atmel/at76c50x-usb.c. A local user can perform a denial of service (DoS) attack.
156) Input validation error (CVE-ID: CVE-2025-37797)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hfsc_change_class() function in net/sched/sch_hfsc.c. A local user can perform a denial of service (DoS) attack.
157) Input validation error (CVE-ID: CVE-2025-37798)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qdisc_bstats_update() function in net/sched/sch_fq_codel.c, within the codel_qdisc_dequeue() function in net/sched/sch_codel.c. A local user can perform a denial of service (DoS) attack.
158) Input validation error (CVE-ID: CVE-2025-37823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hfsc_dequeue() function in net/sched/sch_hfsc.c. A local user can perform a denial of service (DoS) attack.
159) Resource management error (CVE-ID: CVE-2025-37833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the niu_try_msix() function in drivers/net/ethernet/sun/niu.c. A local user can perform a denial of service (DoS) attack.
160) NULL pointer dereference (CVE-ID: CVE-2025-37852)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amd_powerplay_create() function in drivers/gpu/drm/amd/pm/powerplay/amd_powerplay.c. A local user can perform a denial of service (DoS) attack.
161) Improper locking (CVE-ID: CVE-2025-37871)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfsd_break_one_deleg() function in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.
162) Incorrect calculation (CVE-ID: CVE-2025-37879)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the p9_client_read_once(), p9_client_write(), EXPORT_SYMBOL_GPL() and p9_client_readdir() functions in net/9p/client.c. A local user can perform a denial of service (DoS) attack.
163) Resource management error (CVE-ID: CVE-2025-37932)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the htb_qlen_notify() function in net/sched/sch_htb.c. A local user can perform a denial of service (DoS) attack.
164) Input validation error (CVE-ID: CVE-2025-37948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pr_fmt(), build_plt(), build_epilogue() and bpf_int_jit_compile() functions in arch/arm64/net/bpf_jit_comp.c, within the this_cpu_set_vectors() function in arch/arm64/kernel/proton-pack.c. A local user can perform a denial of service (DoS) attack.
165) Improper locking (CVE-ID: CVE-2025-37949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xs_suspend_exit(), xs_send(), xs_wait_for_reply(), xenbus_dev_request_and_reply() and xs_talkv() functions in drivers/xen/xenbus/xenbus_xs.c, within the xenbus_dev_queue_reply() function in drivers/xen/xenbus/xenbus_dev_frontend.c, within the process_msg() and process_writes() functions in drivers/xen/xenbus/xenbus_comms.c. A local user can perform a denial of service (DoS) attack.
166) NULL pointer dereference (CVE-ID: CVE-2025-37953)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the htb_add_to_wait_tree(), htb_activate(), htb_qlen_notify(), htb_delete() and htb_change_class() functions in net/sched/sch_htb.c. A local user can perform a denial of service (DoS) attack.
167) Input validation error (CVE-ID: CVE-2025-37963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the build_bhb_mitigation() function in arch/arm64/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.
168) Use-after-free (CVE-ID: CVE-2025-37989)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the phy_led_triggers_register() and phy_led_triggers_unregister() functions in drivers/net/phy/phy_led_triggers.c. A local user can escalate privileges on the system.
169) Improper locking (CVE-ID: CVE-2025-38637)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the skbprio_enqueue() and skbprio_dequeue() functions in net/sched/sch_skbprio.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.