SB2026022474 - SUSE update for the Linux Kernel
Published: February 24, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 380 secuirty vulnerabilities.
1) Memory leak (CVE-ID: CVE-2022-0854)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due memory leak in the Linux kernel’s DMA subsystem when processing DMA_FROM_DEVICE calls. A local user can trigger a memory leak error and read random memory from the kernel space.
2) Memory leak (CVE-ID: CVE-2022-48853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the Documentation/DMA-attributes.txt, include/linux/dma-mapping.h, lib/swiotlb.c. A local user can perform a denial of service (DoS) attack.
3) Race condition within a thread (CVE-ID: CVE-2022-49604)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the ip_mtu_from_fib_result() function in net/ipv4/route.c. A local user can corrupt data.
4) Improper locking (CVE-ID: CVE-2022-49943)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the usb_gadget_disconnect(), gadget_bind_driver(), gadget_unbind_driver(), soft_connect_store() and function_show() functions in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.
5) Use-after-free (CVE-ID: CVE-2022-49980)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the usb_udc_uevent() function in drivers/usb/gadget/udc/core.c. A local user can escalate privileges on the system.
6) Buffer overflow (CVE-ID: CVE-2022-50232)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYM_FUNC_START_LOCAL() function in arch/arm64/kernel/head.S. A local user can perform a denial of service (DoS) attack.
7) Improper error handling (CVE-ID: CVE-2022-50614)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the pci_endpoint_test_msi_irq() function in drivers/misc/pci_endpoint_test.c. A local user can perform a denial of service (DoS) attack.
8) Memory leak (CVE-ID: CVE-2022-50615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the snr_uncore_mmio_map() function in arch/x86/events/intel/uncore_snbep.c. A local user can perform a denial of service (DoS) attack.
9) Memory leak (CVE-ID: CVE-2022-50617)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the psm_init_power_state_table() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/pp_psm.c. A local user can perform a denial of service (DoS) attack.
10) Memory leak (CVE-ID: CVE-2022-50618)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the meson_mmc_probe() function in drivers/mmc/host/meson-gx-mmc.c. A local user can perform a denial of service (DoS) attack.
11) Memory leak (CVE-ID: CVE-2022-50619)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kfd_mem_dmamap_userptr() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c. A local user can perform a denial of service (DoS) attack.
12) Memory leak (CVE-ID: CVE-2022-50622)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_fc_record_modified_inode() function in fs/ext4/fast_commit.c. A local user can perform a denial of service (DoS) attack.
13) Integer overflow (CVE-ID: CVE-2022-50623)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the dfl_feature_ioctl_set_irq() function in drivers/fpga/dfl.c. A local user can execute arbitrary code.
14) Improper error handling (CVE-ID: CVE-2022-50625)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the pl011_dma_rx_callback() function in drivers/tty/serial/amba-pl011.c. A local user can perform a denial of service (DoS) attack.
15) Memory leak (CVE-ID: CVE-2022-50626)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dvb_usb_adapter_init() function in drivers/media/usb/dvb-usb/dvb-usb-init.c. A local user can perform a denial of service (DoS) attack.
16) Memory leak (CVE-ID: CVE-2022-50629)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rsi_coex_attach() function in drivers/net/wireless/rsi/rsi_91x_coex.c. A local user can perform a denial of service (DoS) attack.
17) Use-after-free (CVE-ID: CVE-2022-50630)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hugetlb_handle_userfault(), hugetlb_no_page() and hugetlb_fault() functions in mm/hugetlb.c. A local user can escalate privileges on the system.
18) Memory leak (CVE-ID: CVE-2022-50633)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dwc3_qcom_interconnect_init() function in drivers/usb/dwc3/dwc3-qcom.c. A local user can perform a denial of service (DoS) attack.
19) NULL pointer dereference (CVE-ID: CVE-2022-50635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arch_prepare_kprobe() function in arch/powerpc/kernel/kprobes.c. A local user can perform a denial of service (DoS) attack.
20) Improper locking (CVE-ID: CVE-2022-50636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pci_device_is_present() function in drivers/pci/pci.c. A local user can perform a denial of service (DoS) attack.
21) Improper error handling (CVE-ID: CVE-2022-50638)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the swap_inode_boot_loader() function in fs/ext4/ioctl.c. A local user can perform a denial of service (DoS) attack.
22) Buffer overflow (CVE-ID: CVE-2022-50640)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the sdio_release_func() function in drivers/mmc/core/sdio_bus.c. A local user can escalate privileges on the system.
23) Memory leak (CVE-ID: CVE-2022-50641)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ssi_probe() function in drivers/hsi/controllers/omap_ssi_core.c. A local user can perform a denial of service (DoS) attack.
24) Memory leak (CVE-ID: CVE-2022-50643)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_copy_file_range() function in fs/cifs/cifsfs.c. A local user can perform a denial of service (DoS) attack.
25) Memory leak (CVE-ID: CVE-2022-50644)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the of_dra7_atl_clk_probe() function in drivers/clk/ti/clk-dra7-atl.c. A local user can perform a denial of service (DoS) attack.
26) Memory leak (CVE-ID: CVE-2022-50646)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hpsa_init_one() function in drivers/scsi/hpsa.c. A local user can perform a denial of service (DoS) attack.
27) Out-of-bounds read (CVE-ID: CVE-2022-50649)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the adp5061_get_chg_type() function in drivers/power/supply/adp5061.c. A local user can perform a denial of service (DoS) attack.
28) Improper locking (CVE-ID: CVE-2022-50652)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the uio_dmem_genirq_irqcontrol() function in drivers/uio/uio_dmem_genirq.c. A local user can perform a denial of service (DoS) attack.
29) Memory leak (CVE-ID: CVE-2022-50653)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the atmci_init_slot() function in drivers/mmc/host/atmel-mci.c. A local user can perform a denial of service (DoS) attack.
30) Out-of-bounds read (CVE-ID: CVE-2022-50656)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the pn533_poll_dep_complete() and pn533_in_dep_link_up_complete() functions in drivers/nfc/pn533/pn533.c. A local user can perform a denial of service (DoS) attack.
31) Memory leak (CVE-ID: CVE-2022-50658)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_cpufreq_krait_name_version() function in drivers/cpufreq/qcom-cpufreq-nvmem.c. A local user can perform a denial of service (DoS) attack.
32) Memory leak (CVE-ID: CVE-2022-50660)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ipw_wdev_init() function in drivers/net/wireless/intel/ipw2x00/ipw2200.c. A local user can perform a denial of service (DoS) attack.
33) Memory leak (CVE-ID: CVE-2022-50661)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the put_task_stack() and copy_process() functions in kernel/fork.c. A local user can perform a denial of service (DoS) attack.
34) Memory leak (CVE-ID: CVE-2022-50662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hns_roce_alloc_mr() function in drivers/infiniband/hw/hns/hns_roce_mr.c. A local user can perform a denial of service (DoS) attack.
35) Memory leak (CVE-ID: CVE-2022-50664)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm3510_download_firmware() function in drivers/media/dvb-frontends/bcm3510.c. A local user can perform a denial of service (DoS) attack.
36) Use-after-free (CVE-ID: CVE-2022-50666)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the siw_create_qp() and siw_destroy_qp() functions in drivers/infiniband/sw/siw/siw_verbs.c. A local user can escalate privileges on the system.
37) Improper locking (CVE-ID: CVE-2022-50668)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/linux/mbcache.h. A local user can perform a denial of service (DoS) attack.
38) Memory leak (CVE-ID: CVE-2022-50669)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ocxl_file_register_afu() function in drivers/misc/ocxl/file.c. A local user can perform a denial of service (DoS) attack.
39) Memory leak (CVE-ID: CVE-2022-50670)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the omap_hsmmc_probe() function in drivers/mmc/host/omap_hsmmc.c. A local user can perform a denial of service (DoS) attack.
40) NULL pointer dereference (CVE-ID: CVE-2022-50671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rxe_qp_destroy() function in drivers/infiniband/sw/rxe/rxe_qp.c. A local user can perform a denial of service (DoS) attack.
41) Memory leak (CVE-ID: CVE-2022-50672)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the zynqmp_ipi_mbox_probe() and zynqmp_ipi_free_mboxes() functions in drivers/mailbox/zynqmp-ipi-mailbox.c. A local user can perform a denial of service (DoS) attack.
42) Use-after-free (CVE-ID: CVE-2022-50673)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_truncate() function in fs/ext4/inode.c. A local user can escalate privileges on the system.
43) Input validation error (CVE-ID: CVE-2022-50675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mte_restore_tags() function in arch/arm64/mm/mteswap.c. A local user can perform a denial of service (DoS) attack.
44) Use-after-free (CVE-ID: CVE-2022-50677)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the _ipmi_destroy_user() function in drivers/char/ipmi/ipmi_msghandler.c. A local user can escalate privileges on the system.
45) Use-after-free (CVE-ID: CVE-2022-50678)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcmf_pno_set_random() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/pno.c. A local user can escalate privileges on the system.
46) Memory leak (CVE-ID: CVE-2022-50679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/net/ethernet/intel/i40e/i40e_xsk.h. A local user can perform a denial of service (DoS) attack.
47) Use-after-free (CVE-ID: CVE-2022-50697)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mrp_join_timer(), mrp_periodic_timer(), mrp_init_applicant() and mrp_uninit_applicant() functions in net/802/mrp.c. A local user can escalate privileges on the system.
48) Improper error handling (CVE-ID: CVE-2022-50698)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the da7219_register_dai_clks() function in sound/soc/codecs/da7219.c. A local user can perform a denial of service (DoS) attack.
49) Improper locking (CVE-ID: CVE-2022-50699)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the security/selinux/ss/sidtab.h. A local user can perform a denial of service (DoS) attack.
50) Reachable assertion (CVE-ID: CVE-2022-50700)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the drivers/net/wireless/ath/ath10k/hw.h. A local user can perform a denial of service (DoS) attack.
51) Memory leak (CVE-ID: CVE-2022-50702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vdpasim_net_init() function in drivers/vdpa/vdpa_sim/vdpa_sim_net.c. A local user can perform a denial of service (DoS) attack.
52) Memory leak (CVE-ID: CVE-2022-50703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_smsm_probe() function in drivers/soc/qcom/smsm.c. A local user can perform a denial of service (DoS) attack.
53) Use-after-free (CVE-ID: CVE-2022-50704)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the usb_gadget_disconnect() function in drivers/usb/gadget/udc/core.c. A local user can escalate privileges on the system.
54) Use of uninitialized resource (CVE-ID: CVE-2022-50709)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ath9k_htc_txcompletion_cb() and ath9k_htc_rx_msg() functions in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
55) NULL pointer dereference (CVE-ID: CVE-2022-50715)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the raid1_run() function in drivers/md/raid1.c. A local user can perform a denial of service (DoS) attack.
56) Use-after-free (CVE-ID: CVE-2022-50716)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ar5523_cmd_tx_cb() and ar5523_cmd() functions in drivers/net/wireless/ath/ar5523/ar5523.c. A local user can escalate privileges on the system.
57) Out-of-bounds read (CVE-ID: CVE-2022-50717)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nvmet_tcp_handle_h2c_data_pdu() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.
58) Memory leak (CVE-ID: CVE-2022-50718)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_device_resume_display_audio() and amdgpu_device_suspend_display_audio() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
59) Buffer overflow (CVE-ID: CVE-2022-50719)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the line6_midi_transmit() function in sound/usb/line6/midi.c. A local user can escalate privileges on the system.
60) NULL pointer dereference (CVE-ID: CVE-2022-50722)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the imgu_subdev_get_selection() function in drivers/staging/media/ipu3/ipu3-v4l2.c. A local user can perform a denial of service (DoS) attack.
61) Memory leak (CVE-ID: CVE-2022-50724)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the regulator_register() function in drivers/regulator/core.c. A local user can perform a denial of service (DoS) attack.
62) Use-after-free (CVE-ID: CVE-2022-50726)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the include/linux/mlx5/driver.h. A local user can escalate privileges on the system.
63) Memory leak (CVE-ID: CVE-2022-50727)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the efct_device_init() function in drivers/scsi/elx/efct/efct_driver.c. A local user can perform a denial of service (DoS) attack.
64) Improper Initialization (CVE-ID: CVE-2022-50728)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the lcs_txbuffer_cb() and __lcs_start_xmit() functions in drivers/s390/net/lcs.c. A local user can perform a denial of service (DoS) attack.
65) Use-after-free (CVE-ID: CVE-2022-50730)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_evict_inode() function in fs/ext4/inode.c. A local user can escalate privileges on the system.
66) NULL pointer dereference (CVE-ID: CVE-2022-50731)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the akcipher_default_op() and crypto_register_akcipher() functions in crypto/akcipher.c. A local user can perform a denial of service (DoS) attack.
67) Use-after-free (CVE-ID: CVE-2022-50732)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ieee80211_rx() function in drivers/staging/rtl8192u/ieee80211/ieee80211_rx.c. A local user can escalate privileges on the system.
68) Use of uninitialized resource (CVE-ID: CVE-2022-50733)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the idmouse_create_image() function in drivers/usb/misc/idmouse.c. A local user can perform a denial of service (DoS) attack.
69) NULL pointer dereference (CVE-ID: CVE-2022-50735)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mt76u_status_worker() function in drivers/net/wireless/mediatek/mt76/usb.c. A local user can perform a denial of service (DoS) attack.
70) Out-of-bounds read (CVE-ID: CVE-2022-50736)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the siw_copy_inline_sgl() function in drivers/infiniband/sw/siw/siw_verbs.c. A local user can perform a denial of service (DoS) attack.
71) Memory leak (CVE-ID: CVE-2022-50740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath9k_hif_usb_dealloc_tx_urbs() function in drivers/net/wireless/ath/ath9k/hif_usb.c. A local user can perform a denial of service (DoS) attack.
72) Memory leak (CVE-ID: CVE-2022-50742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the afu_ioctl() function in drivers/misc/ocxl/file.c. A local user can perform a denial of service (DoS) attack.
73) Improper locking (CVE-ID: CVE-2022-50744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_rx_monitor_report() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.
74) Use-after-free (CVE-ID: CVE-2022-50745)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tegra_csi_channel_alloc() and tegra_csi_channels_cleanup() functions in drivers/staging/media/tegra-video/csi.c. A local user can escalate privileges on the system.
75) Out-of-bounds read (CVE-ID: CVE-2022-50747)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hfs_asc2mac() function in fs/hfs/trans.c. A local user can perform a denial of service (DoS) attack.
76) Integer overflow (CVE-ID: CVE-2022-50749)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the encode_comp_t() function in kernel/acct.c. A local user can execute arbitrary code.
77) Memory leak (CVE-ID: CVE-2022-50750)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the st7701_dsi_probe() function in drivers/gpu/drm/panel/panel-sitronix-st7701.c. A local user can perform a denial of service (DoS) attack.
78) Memory leak (CVE-ID: CVE-2022-50751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the configfs_create_dir() and configfs_create_link() functions in fs/configfs/dir.c. A local user can perform a denial of service (DoS) attack.
79) Improper locking (CVE-ID: CVE-2022-50752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the raid5_read_one_chunk() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.
80) Memory leak (CVE-ID: CVE-2022-50754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the multi_transaction_new() function in security/apparmor/apparmorfs.c. A local user can perform a denial of service (DoS) attack.
81) Improper locking (CVE-ID: CVE-2022-50755)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the udf_rename() function in fs/udf/namei.c. A local user can perform a denial of service (DoS) attack.
82) Buffer overflow (CVE-ID: CVE-2022-50756)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nvme_dbbuf_update_and_check_event() function in drivers/nvme/host/pci.c. A local user can escalate privileges on the system.
83) Input validation error (CVE-ID: CVE-2022-50757)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the video_start_streaming() function in drivers/media/platform/qcom/camss/camss-video.c. A local user can perform a denial of service (DoS) attack.
84) Memory leak (CVE-ID: CVE-2022-50758)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the device_init_td0_ring() function in drivers/staging/vt6655/device_main.c. A local user can perform a denial of service (DoS) attack.
85) Memory leak (CVE-ID: CVE-2022-50760)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_atrm_get_bios() function in drivers/gpu/drm/amd/amdgpu/amdgpu_bios.c. A local user can perform a denial of service (DoS) attack.
86) Memory leak (CVE-ID: CVE-2022-50761)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xen_init_lock_cpu() and xen_uninit_lock_cpu() functions in arch/x86/xen/spinlock.c. A local user can perform a denial of service (DoS) attack.
87) Integer overflow (CVE-ID: CVE-2022-50763)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the process_tar_file() and ucode_load() functions in drivers/crypto/marvell/octeontx/otx_cptpf_ucode.c. A local user can execute arbitrary code.
88) Use-after-free (CVE-ID: CVE-2022-50767)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ufx_free(), ufx_release_urb_work(), ufx_free_framebuffer_work(), ufx_ops_release(), ufx_usb_probe() and ufx_usb_disconnect() functions in drivers/video/fbdev/smscufx.c. A local user can escalate privileges on the system.
89) Memory leak (CVE-ID: CVE-2022-50769)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mxcmci_probe() function in drivers/mmc/host/mxcmmc.c. A local user can perform a denial of service (DoS) attack.
90) Memory leak (CVE-ID: CVE-2022-50770)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ocfs2_fill_super() and ocfs2_mount_volume() functions in fs/ocfs2/super.c. A local user can perform a denial of service (DoS) attack.
91) NULL pointer dereference (CVE-ID: CVE-2022-50773)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_mts64_interrupt() function in sound/drivers/mts64.c. A local user can perform a denial of service (DoS) attack.
92) Use-after-free (CVE-ID: CVE-2022-50774)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qat_alg_free_bufl() and qat_alg_sgl_to_bufl() functions in drivers/crypto/qat/qat_common/qat_algs.c. A local user can escalate privileges on the system.
93) Memory leak (CVE-ID: CVE-2022-50776)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the st_of_quadfs_setup() function in drivers/clk/st/clkgen-fsyn.c. A local user can perform a denial of service (DoS) attack.
94) Memory leak (CVE-ID: CVE-2022-50777)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xgmiitorgmii_probe() function in drivers/net/phy/xilinx_gmii2rgmii.c. A local user can perform a denial of service (DoS) attack.
95) Memory leak (CVE-ID: CVE-2022-50779)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the orangefs_kernel_debug_init() and orangefs_prepare_debugfs_help_string() functions in fs/orangefs/orangefs-debugfs.c. A local user can perform a denial of service (DoS) attack.
96) Out-of-bounds read (CVE-ID: CVE-2022-50781)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vega20_odn_edit_dpm_table() function in drivers/gpu/drm/amd/powerplay/hwmgr/vega20_hwmgr.c. A local user can perform a denial of service (DoS) attack.
97) Improper error handling (CVE-ID: CVE-2022-50782)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the vfs_setup_quota_inode() function in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
98) Memory leak (CVE-ID: CVE-2022-50809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xhci_alloc_dbc() function in drivers/usb/host/xhci-dbgcap.c. A local user can perform a denial of service (DoS) attack.
99) Out-of-bounds read (CVE-ID: CVE-2022-50814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sgl_sge_nr_set() function in drivers/crypto/hisilicon/zip/zip_crypto.c. A local user can perform a denial of service (DoS) attack.
100) NULL pointer dereference (CVE-ID: CVE-2022-50819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the begin_cpu_udmabuf() function in drivers/dma-buf/udmabuf.c. A local user can perform a denial of service (DoS) attack.
101) Memory leak (CVE-ID: CVE-2022-50821)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gss_read_proxy_verf() function in net/sunrpc/auth_gss/svcauth_gss.c. A local user can perform a denial of service (DoS) attack.
102) Memory leak (CVE-ID: CVE-2022-50822)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rdma_restrack_del() function in drivers/infiniband/core/restrack.c. A local user can perform a denial of service (DoS) attack.
103) Memory leak (CVE-ID: CVE-2022-50823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tegra114_clock_init() function in drivers/clk/tegra/clk-tegra114.c. A local user can perform a denial of service (DoS) attack.
104) Memory leak (CVE-ID: CVE-2022-50824)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the check_acpi_tpm2() function in drivers/char/tpm/tpm_tis.c. A local user can perform a denial of service (DoS) attack.
105) NULL pointer dereference (CVE-ID: CVE-2022-50826)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the imgu_subdev_set_fmt(), imgu_subdev_get_selection() and imgu_subdev_set_selection() functions in drivers/staging/media/ipu3/ipu3-v4l2.c. A local user can perform a denial of service (DoS) attack.
106) Memory leak (CVE-ID: CVE-2022-50827)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_create_port() function in drivers/scsi/lpfc/lpfc_init.c. A local user can perform a denial of service (DoS) attack.
107) Use-after-free (CVE-ID: CVE-2022-50828)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zynqmp_get_clock_info() function in drivers/clk/zynqmp/clkc.c. A local user can escalate privileges on the system.
108) Memory leak (CVE-ID: CVE-2022-50829)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath9k_hif_usb_reg_in_cb() function in drivers/net/wireless/ath/ath9k/hif_usb.c. A local user can perform a denial of service (DoS) attack.
109) Memory leak (CVE-ID: CVE-2022-50830)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hd44780_probe() function in drivers/auxdisplay/hd44780.c. A local user can perform a denial of service (DoS) attack.
110) Memory leak (CVE-ID: CVE-2022-50832)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wilc_mac_xmit() function in drivers/net/wireless/microchip/wilc1000/netdev.c. A local user can perform a denial of service (DoS) attack.
111) Memory leak (CVE-ID: CVE-2022-50834)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfc_genl_se_io() and nfc_genl_vendor_cmd() functions in net/nfc/netlink.c. A local user can perform a denial of service (DoS) attack.
112) Memory leak (CVE-ID: CVE-2022-50835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fc_do_one_pass() function in fs/jbd2/recovery.c. A local user can perform a denial of service (DoS) attack.
113) Memory leak (CVE-ID: CVE-2022-50836)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_add_sysmon_subdev() function in drivers/remoteproc/qcom_sysmon.c. A local user can perform a denial of service (DoS) attack.
114) Memory leak (CVE-ID: CVE-2022-50839)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the jbd2_fc_wait_bufs() function in fs/jbd2/journal.c. A local user can perform a denial of service (DoS) attack.
115) Use-after-free (CVE-ID: CVE-2022-50840)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snic_tgt_create() function in drivers/scsi/snic/snic_disc.c. A local user can escalate privileges on the system.
116) NULL pointer dereference (CVE-ID: CVE-2022-50842)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the virtio_gpu_cmd_transfer_to_host_2d() function in drivers/gpu/drm/virtio/virtgpu_vq.c. A local user can perform a denial of service (DoS) attack.
117) Use-after-free (CVE-ID: CVE-2022-50843)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the clone_dtr() function in drivers/md/dm-clone-target.c. A local user can escalate privileges on the system.
118) Improper Initialization (CVE-ID: CVE-2022-50844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the pp_set_fine_grain_clk_vol() function in drivers/gpu/drm/amd/pm/powerplay/amd_powerplay.c. A local user can perform a denial of service (DoS) attack.
119) Memory leak (CVE-ID: CVE-2022-50845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_xattr_inode_create() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
120) Memory leak (CVE-ID: CVE-2022-50846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the via_sd_probe() function in drivers/mmc/host/via-sdmmc.c. A local user can perform a denial of service (DoS) attack.
121) Memory leak (CVE-ID: CVE-2022-50848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dio_init() function in drivers/dio/dio.c. A local user can perform a denial of service (DoS) attack.
122) Improper error handling (CVE-ID: CVE-2022-50849)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the persistent_ram_vmap() function in fs/pstore/ram_core.c. A local user can perform a denial of service (DoS) attack.
123) Improper locking (CVE-ID: CVE-2022-50850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the function in drivers/scsi/ipr.c. A local user can perform a denial of service (DoS) attack.
124) Improper locking (CVE-ID: CVE-2022-50851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DEFINE_IDA(), vhost_vdpa_remove_as(), vhost_vdpa_unlocked_ioctl(), vhost_vdpa_pa_unmap(), vhost_vdpa_va_unmap() and vhost_vdpa_unmap() functions in drivers/vhost/vdpa.c. A local user can perform a denial of service (DoS) attack.
125) Memory leak (CVE-ID: CVE-2022-50853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the _nfs4_discover_trunking() function in fs/nfs/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
126) Memory leak (CVE-ID: CVE-2022-50856)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_ses_add_channel() function in fs/cifs/sess.c. A local user can perform a denial of service (DoS) attack.
127) Memory leak (CVE-ID: CVE-2022-50858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the alcor_pci_sdmmc_drv_probe() function in drivers/mmc/host/alcor.c. A local user can perform a denial of service (DoS) attack.
128) Memory leak (CVE-ID: CVE-2022-50859)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smb3_validate_negotiate() function in fs/cifs/smb2pdu.c. A local user can perform a denial of service (DoS) attack.
129) Memory leak (CVE-ID: CVE-2022-50860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the alloc_ns() function in security/apparmor/policy_ns.c. A local user can perform a denial of service (DoS) attack.
130) Memory leak (CVE-ID: CVE-2022-50861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfsaclsvc_encode_getaclres() function in fs/nfsd/nfs2acl.c. A local user can perform a denial of service (DoS) attack.
131) Out-of-bounds read (CVE-ID: CVE-2022-50864)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nilfs_store_log_cursor(), load_nilfs() and init_nilfs() functions in fs/nilfs2/the_nilfs.c. A local user can perform a denial of service (DoS) attack.
132) NULL pointer dereference (CVE-ID: CVE-2022-50866)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the filter() function in sound/soc/pxa/mmp-pcm.c. A local user can perform a denial of service (DoS) attack.
133) Memory leak (CVE-ID: CVE-2022-50868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mod_init() and mod_exit() functions in drivers/char/hw_random/amd-rng.c. A local user can perform a denial of service (DoS) attack.
134) Improper locking (CVE-ID: CVE-2022-50870)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtas_halt(), rtas_os_term() and rtas_initialize() functions in arch/powerpc/kernel/rtas.c. A local user can perform a denial of service (DoS) attack.
135) Memory leak (CVE-ID: CVE-2022-50872)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the realtime_counter_init() function in arch/arm/mach-omap2/timer.c. A local user can perform a denial of service (DoS) attack.
136) Out-of-bounds read (CVE-ID: CVE-2022-50876)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rxstate() function in drivers/usb/musb/musb_gadget.c. A local user can perform a denial of service (DoS) attack.
137) NULL pointer dereference (CVE-ID: CVE-2022-50878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lt9611_connector_init() function in drivers/gpu/drm/bridge/lontium-lt9611.c. A local user can perform a denial of service (DoS) attack.
138) Use-after-free (CVE-ID: CVE-2022-50880)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath10k_peer_delete(), ath10k_peer_cleanup() and ath10k_sta_state() functions in drivers/net/wireless/ath/ath10k/mac.c. A local user can escalate privileges on the system.
139) Use-after-free (CVE-ID: CVE-2022-50881)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath9k_htc_disconnect_device() function in drivers/net/wireless/ath/ath9k/htc_drv_init.c. A local user can escalate privileges on the system.
140) Memory leak (CVE-ID: CVE-2022-50882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the uvc_gpio_parse() function in drivers/media/usb/uvc/uvc_driver.c. A local user can perform a denial of service (DoS) attack.
141) NULL pointer dereference (CVE-ID: CVE-2022-50884)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drm_copy_field() function in drivers/gpu/drm/drm_ioctl.c. A local user can perform a denial of service (DoS) attack.
142) NULL pointer dereference (CVE-ID: CVE-2022-50885)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rxe_qp_do_cleanup() function in drivers/infiniband/sw/rxe/rxe_qp.c. A local user can perform a denial of service (DoS) attack.
143) Memory leak (CVE-ID: CVE-2022-50886)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the toshsd_probe() function in drivers/mmc/host/toshsd.c. A local user can perform a denial of service (DoS) attack.
144) Memory leak (CVE-ID: CVE-2022-50887)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the regulator_dev_lookup() function in drivers/regulator/core.c. A local user can perform a denial of service (DoS) attack.
145) NULL pointer dereference (CVE-ID: CVE-2022-50888)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the q6v5_wcss_init_mmio() function in drivers/remoteproc/qcom_q6v5_wcss.c. A local user can perform a denial of service (DoS) attack.
146) Use-after-free (CVE-ID: CVE-2022-50889)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dm_integrity_dtr() function in drivers/md/dm-integrity.c. A local user can escalate privileges on the system.
147) Integer overflow (CVE-ID: CVE-2023-23559)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the rndis_query_oid() function in drivers/net/wireless/rndis_wlan.c. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
148) Input validation error (CVE-ID: CVE-2023-52433)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __nft_rbtree_insert() function in net/netfilter/nft_set_rbtree.c. A local user can perform a denial of service (DoS) attack.
149) Improper locking (CVE-ID: CVE-2023-52923)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nft_rbtree_cmp(), __nft_rbtree_lookup(), nft_rbtree_get(), nft_rbtree_gc_elem(), nft_rbtree_activate(), nft_rbtree_flush() and nft_rbtree_gc() functions in net/netfilter/nft_set_rbtree.c, within the pipapo_drop(), pipapo_gc() and nft_pipapo_activate() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_cmp(), nft_rhash_activate(), nft_rhash_flush(), nft_rhash_deactivate(), nft_rhash_gc() and nft_rhash_destroy() functions in net/netfilter/nft_set_hash.c. A local user can perform a denial of service (DoS) attack.
150) Use-after-free (CVE-ID: CVE-2023-53178)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zswap_writeback_entry() function in mm/zswap.c. A local user can escalate privileges on the system.
151) Resource management error (CVE-ID: CVE-2023-53215)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the load_balance() function in kernel/sched/fair.c. A local user can perform a denial of service (DoS) attack.
152) Out-of-bounds read (CVE-ID: CVE-2023-53254)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cache_shared_cpu_map_setup() and cache_shared_cpu_map_remove() functions in drivers/base/cacheinfo.c. A local user can perform a denial of service (DoS) attack.
153) Memory leak (CVE-ID: CVE-2023-53407)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pxa_init_debugfs() function in drivers/usb/gadget/udc/pxa27x_udc.c. A local user can perform a denial of service (DoS) attack.
154) Memory leak (CVE-ID: CVE-2023-53412)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm63xx_udc_init_debugfs() function in drivers/usb/gadget/udc/bcm63xx_udc.c. A local user can perform a denial of service (DoS) attack.
155) Memory leak (CVE-ID: CVE-2023-53417)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the create_debug_file() function in drivers/usb/host/sl811-hcd.c. A local user can perform a denial of service (DoS) attack.
156) Memory leak (CVE-ID: CVE-2023-53418)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the create_debug_file() function in drivers/usb/gadget/udc/lpc32xx_udc.c. A local user can perform a denial of service (DoS) attack.
157) Memory leak (CVE-ID: CVE-2023-53743)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci_register_host_bridge() function in drivers/pci/probe.c. A local user can perform a denial of service (DoS) attack.
158) Memory leak (CVE-ID: CVE-2023-53744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the am33xx_pm_probe() function in drivers/soc/ti/pm33xx.c. A local user can perform a denial of service (DoS) attack.
159) Memory leak (CVE-ID: CVE-2023-53746)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vfio_ap_queue_dev_remove() function in drivers/s390/crypto/vfio_ap_drv.c. A local user can perform a denial of service (DoS) attack.
160) Use-after-free (CVE-ID: CVE-2023-53747)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vcs_write() function in drivers/tty/vt/vc_screen.c. A local user can escalate privileges on the system.
161) Use-after-free (CVE-ID: CVE-2023-53751)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cifs_chan_is_iface_active() and cifs_try_adding_channels() functions in fs/cifs/sess.c. A local user can escalate privileges on the system.
162) Memory leak (CVE-ID: CVE-2023-53754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_sli4_pci_mem_setup() function in drivers/scsi/lpfc/lpfc_init.c. A local user can perform a denial of service (DoS) attack.
163) NULL pointer dereference (CVE-ID: CVE-2023-53755)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pt_issue_pending() function in drivers/dma/ptdma/ptdma-dmaengine.c. A local user can perform a denial of service (DoS) attack.
164) Resource management error (CVE-ID: CVE-2023-53761)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the usbtmc_ioctl_request() function in drivers/usb/class/usbtmc.c. A local user can perform a denial of service (DoS) attack.
165) NULL pointer dereference (CVE-ID: CVE-2023-53766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the txBegin() function in fs/jfs/jfs_txnmgr.c. A local user can perform a denial of service (DoS) attack.
166) Use-after-free (CVE-ID: CVE-2023-53781)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __smc_create() function in net/smc/af_smc.c. A local user can escalate privileges on the system.
167) Division by zero (CVE-ID: CVE-2023-53783)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the calc_lcoefs() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.
168) NULL pointer dereference (CVE-ID: CVE-2023-53786)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the parse_features() function in drivers/md/dm-flakey.c. A local user can perform a denial of service (DoS) attack.
169) Out-of-bounds read (CVE-ID: CVE-2023-53788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tuning_ctl_set() function in sound/pci/hda/patch_ca0132.c. A local user can perform a denial of service (DoS) attack.
170) Memory leak (CVE-ID: CVE-2023-53792)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvme_ctrl_dhchap_ctrl_secret_store() function in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
171) Use-after-free (CVE-ID: CVE-2023-53794)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_reconnect_server() function in fs/smb/client/smb2pdu.c. A local user can escalate privileges on the system.
172) Memory leak (CVE-ID: CVE-2023-53802)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath9k_htc_fw_panic_report() and ath9k_htc_rx_msg() functions in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
173) Out-of-bounds read (CVE-ID: CVE-2023-53803)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ses_enclosure_data_process() function in drivers/scsi/ses.c. A local user can perform a denial of service (DoS) attack.
174) Use-after-free (CVE-ID: CVE-2023-53804)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_evict_inode() function in fs/nilfs2/inode.c. A local user can escalate privileges on the system.
175) Memory leak (CVE-ID: CVE-2023-53808)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mwifiex_histogram_read() function in drivers/net/wireless/marvell/mwifiex/debugfs.c. A local user can perform a denial of service (DoS) attack.
176) Improper locking (CVE-ID: CVE-2023-53811)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the irdma_save_msix_info() function in drivers/infiniband/hw/irdma/hw.c. A local user can perform a denial of service (DoS) attack.
177) Memory leak (CVE-ID: CVE-2023-53814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci_register_host_bridge() function in drivers/pci/probe.c. A local user can perform a denial of service (DoS) attack.
178) Memory leak (CVE-ID: CVE-2023-53818)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the zynq_early_slcr_init() function in arch/arm/mach-zynq/slcr.c. A local user can perform a denial of service (DoS) attack.
179) Out-of-bounds read (CVE-ID: CVE-2023-53819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_vm_bo_map() and amdgpu_vm_bo_replace_map() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can perform a denial of service (DoS) attack.
180) Infinite loop (CVE-ID: CVE-2023-53820)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the loop_set_status_from_info() function in drivers/block/loop.c. A local user can perform a denial of service (DoS) attack.
181) Use-after-free (CVE-ID: CVE-2023-53827)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_disconnect_req() and l2cap_disconnect_rsp() functions in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
182) Memory leak (CVE-ID: CVE-2023-53830)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the current_value_show() function in drivers/platform/x86/think-lmi.c. A local user can perform a denial of service (DoS) attack.
183) NULL pointer dereference (CVE-ID: CVE-2023-53832)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the raid10_sync_request() function in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
184) NULL pointer dereference (CVE-ID: CVE-2023-53834)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ina2xx_probe() function in drivers/iio/adc/ina2xx-adc.c. A local user can perform a denial of service (DoS) attack.
185) NULL pointer dereference (CVE-ID: CVE-2023-53837)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_drm_uninit() function in drivers/gpu/drm/msm/msm_drv.c. A local user can perform a denial of service (DoS) attack.
186) Out-of-bounds read (CVE-ID: CVE-2023-53840)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the xdbc_bulk_write() function in drivers/usb/early/xhci-dbc.c. A local user can perform a denial of service (DoS) attack.
187) Memory leak (CVE-ID: CVE-2023-53842)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wcd_mbhc_init() and EXPORT_SYMBOL() functions in sound/soc/codecs/wcd-mbhc-v2.c. A local user can perform a denial of service (DoS) attack.
188) Memory leak (CVE-ID: CVE-2023-53844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ttm_bo_swapout() function in drivers/gpu/drm/ttm/ttm_bo.c. A local user can perform a denial of service (DoS) attack.
189) Improper locking (CVE-ID: CVE-2023-53845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_bmap_lookup_at_level() function in fs/nilfs2/bmap.c. A local user can perform a denial of service (DoS) attack.
190) Use of uninitialized resource (CVE-ID: CVE-2023-53847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the alauda_get_media_status() and alauda_init_media() functions in drivers/usb/storage/alauda.c. A local user can perform a denial of service (DoS) attack.
191) Memory leak (CVE-ID: CVE-2023-53850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iavf_free_rss() and iavf_reset_task() functions in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.
192) Memory leak (CVE-ID: CVE-2023-53852)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvme_ctrl_dhchap_secret_store() function in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
193) Memory leak (CVE-ID: CVE-2023-53858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the s3c24xx_serial_getclk() function in drivers/tty/serial/samsung_tty.c. A local user can perform a denial of service (DoS) attack.
194) Improper error handling (CVE-ID: CVE-2023-53862)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the __hfs_bnode_create() function in fs/hfs/bnode.c. A local user can perform a denial of service (DoS) attack.
195) Reachable assertion (CVE-ID: CVE-2023-53866)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the soc_compr_open_fe(), soc_compr_free_fe() and soc_compr_set_params_fe() functions in sound/soc/soc-compress.c. A local user can perform a denial of service (DoS) attack.
196) Improper locking (CVE-ID: CVE-2023-53990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cifs_close_deferred_file(), cifs_close_all_deferred_files() and cifs_close_deferred_file_under_dentry() functions in fs/cifs/misc.c. A local user can perform a denial of service (DoS) attack.
197) NULL pointer dereference (CVE-ID: CVE-2023-53991)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpu_rm_get_assigned_resources() function in drivers/gpu/drm/msm/disp/dpu1/dpu_rm.c. A local user can perform a denial of service (DoS) attack.
198) Incorrect calculation (CVE-ID: CVE-2023-53996)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the amd_enc_cache_flush_required(), amd_enc_status_change_finish(), early_set_memory_enc_dec() and early_set_memory_encrypted() functions in arch/x86/mm/mem_encrypt_amd.c. A local user can perform a denial of service (DoS) attack.
199) Race condition (CVE-ID: CVE-2023-53998)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the request_entropy() and virtio_read() functions in drivers/char/hw_random/virtio-rng.c. A local user can escalate privileges on the system.
200) Memory leak (CVE-ID: CVE-2023-54001)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the r8712_xmit_resource_alloc() function in drivers/staging/rtl8712/xmit_linux.c. A local user can perform a denial of service (DoS) attack.
201) Memory leak (CVE-ID: CVE-2023-54003)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the _rdma_create_ah() function in drivers/infiniband/core/verbs.c. A local user can perform a denial of service (DoS) attack.
202) NULL pointer dereference (CVE-ID: CVE-2023-54007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vmci_host_close() function in drivers/misc/vmw_vmci/vmci_host.c. A local user can perform a denial of service (DoS) attack.
203) Memory leak (CVE-ID: CVE-2023-54009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cdns_i2c_master_xfer() function in drivers/i2c/busses/i2c-cadence.c. A local user can perform a denial of service (DoS) attack.
204) NULL pointer dereference (CVE-ID: CVE-2023-54010)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the acpi_db_display_objects() function in drivers/acpi/acpica/dbnames.c. A local user can perform a denial of service (DoS) attack.
205) NULL pointer dereference (CVE-ID: CVE-2023-54014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla2x00_process_els() function in drivers/scsi/qla2xxx/qla_bsg.c. A local user can perform a denial of service (DoS) attack.
206) Use-after-free (CVE-ID: CVE-2023-54015)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlx5_devcom_register_device() function in drivers/net/ethernet/mellanox/mlx5/core/lib/devcom.c. A local user can escalate privileges on the system.
207) NULL pointer dereference (CVE-ID: CVE-2023-54018)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_hdmi_init() function in drivers/gpu/drm/msm/hdmi/hdmi.c. A local user can perform a denial of service (DoS) attack.
208) Use-after-free (CVE-ID: CVE-2023-54019)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the update_triggers(), psi_show(), psi_trigger_create(), psi_trigger_destroy(), psi_trigger_poll() and psi_write() functions in kernel/sched/psi.c. A local user can escalate privileges on the system.
209) Memory leak (CVE-ID: CVE-2023-54020)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/dma/sf-pdma/sf-pdma.h. A local user can perform a denial of service (DoS) attack.
210) Integer underflow (CVE-ID: CVE-2023-54021)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the ext4_mb_normalize_request() function in fs/ext4/mballoc.c. A local user can execute arbitrary code.
211) Memory leak (CVE-ID: CVE-2023-54024)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kvm_vm_ioctl_unregister_coalesced_mmio() function in virt/kvm/coalesced_mmio.c. A local user can perform a denial of service (DoS) attack.
212) Resource management error (CVE-ID: CVE-2023-54025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rsi_shutdown() function in drivers/net/wireless/rsi/rsi_91x_sdio.c. A local user can perform a denial of service (DoS) attack.
213) Use-after-free (CVE-ID: CVE-2023-54026)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the _allocate_opp_table() function in drivers/opp/core.c. A local user can escalate privileges on the system.
214) Improper locking (CVE-ID: CVE-2023-54028)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rxe_qp_do_cleanup() function in drivers/infiniband/sw/rxe/rxe_qp.c. A local user can perform a denial of service (DoS) attack.
215) Memory leak (CVE-ID: CVE-2023-54036)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rtl8xxxu_c2hcmd_callback() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c. A local user can perform a denial of service (DoS) attack.
216) Out-of-bounds read (CVE-ID: CVE-2023-54039)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the j1939_tp_tx_dat_new() function in net/can/j1939/transport.c. A local user can perform a denial of service (DoS) attack.
217) Memory leak (CVE-ID: CVE-2023-54040)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ice_vc_add_fdir_fltr() function in drivers/net/ethernet/intel/ice/ice_virtchnl_fdir.c. A local user can perform a denial of service (DoS) attack.
218) Use-after-free (CVE-ID: CVE-2023-54042)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vas_deallocate_window() function in arch/powerpc/platforms/pseries/vas.c. A local user can escalate privileges on the system.
219) Improper locking (CVE-ID: CVE-2023-54045)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __audit_inode_child() function in kernel/auditsc.c. A local user can perform a denial of service (DoS) attack.
220) Use-after-free (CVE-ID: CVE-2023-54046)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the essiv_aead_done() and essiv_aead_crypt() functions in crypto/essiv.c. A local user can escalate privileges on the system.
221) Double free (CVE-ID: CVE-2023-54048)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the drivers/infiniband/hw/bnxt_re/qplib_fp.h. A local user can perform a denial of service (DoS) attack.
222) NULL pointer dereference (CVE-ID: CVE-2023-54049)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qcom_glink_alloc_channel() function in drivers/rpmsg/qcom_glink_native.c. A local user can perform a denial of service (DoS) attack.
223) Memory leak (CVE-ID: CVE-2023-54050)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the copy_znode(), add_idx_dirt() and dirty_cow_znode() functions in fs/ubifs/tnc.c. A local user can perform a denial of service (DoS) attack.
224) NULL pointer dereference (CVE-ID: CVE-2023-54051)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/virtio_net.h. A local user can perform a denial of service (DoS) attack.
225) NULL pointer dereference (CVE-ID: CVE-2023-54053)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iwl_pci_remove() function in drivers/net/wireless/intel/iwlwifi/pcie/drv.c. A local user can perform a denial of service (DoS) attack.
226) Memory leak (CVE-ID: CVE-2023-54055)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the irdma_create_hmc_objs() function in drivers/infiniband/hw/irdma/hw.c. A local user can perform a denial of service (DoS) attack.
227) NULL pointer dereference (CVE-ID: CVE-2023-54058)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ffa_device_remove() function in drivers/firmware/arm_ffa/bus.c. A local user can perform a denial of service (DoS) attack.
228) Memory leak (CVE-ID: CVE-2023-54064)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ssif_info_find() function in drivers/char/ipmi/ipmi_ssif.c. A local user can perform a denial of service (DoS) attack.
229) Input validation error (CVE-ID: CVE-2023-54072)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the do_free_pages() function in sound/core/pcm_memory.c. A local user can perform a denial of service (DoS) attack.
230) Use-after-free (CVE-ID: CVE-2023-54076)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_find_smb_ses_unlocked() function in fs/smb/client/smb2transport.c. A local user can escalate privileges on the system.
231) Memory leak (CVE-ID: CVE-2023-54078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the max9286_v4l2_register() function in drivers/media/i2c/max9286.c. A local user can perform a denial of service (DoS) attack.
232) Resource management error (CVE-ID: CVE-2023-54079)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/linux/power/bq27xxx_battery.h. A local user can perform a denial of service (DoS) attack.
233) Use-after-free (CVE-ID: CVE-2023-54083)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tegra_xusb_port_unregister() function in drivers/phy/tegra/xusb.c. A local user can escalate privileges on the system.
234) Use-after-free (CVE-ID: CVE-2023-54084)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_dg00x_stream_init_duplex() function in sound/firewire/digi00x/digi00x-stream.c. A local user can escalate privileges on the system.
235) Out-of-bounds read (CVE-ID: CVE-2023-54090)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ixgbe_sw_init() and ixgbe_xdp_setup() functions in drivers/net/ethernet/intel/ixgbe/ixgbe_main.c. A local user can perform a denial of service (DoS) attack.
236) Memory leak (CVE-ID: CVE-2023-54091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drm_client_target_cloned() function in drivers/gpu/drm/drm_client_modeset.c. A local user can perform a denial of service (DoS) attack.
237) Input validation error (CVE-ID: CVE-2023-54092)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the s390_replace_asce() function in arch/s390/mm/gmap.c. A local user can perform a denial of service (DoS) attack.
238) Out-of-bounds read (CVE-ID: CVE-2023-54095)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fail_iommu_bus_notify() function in arch/powerpc/kernel/iommu.c. A local user can perform a denial of service (DoS) attack.
239) Improper locking (CVE-ID: CVE-2023-54096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sdw_modify_slave_status() and sdw_handle_slave_status() functions in drivers/soundwire/bus.c. A local user can perform a denial of service (DoS) attack.
240) Memory leak (CVE-ID: CVE-2023-54097)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the function in drivers/regulator/stm32-pwr.c. A local user can perform a denial of service (DoS) attack.
241) NULL pointer dereference (CVE-ID: CVE-2023-54098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the intel_gvt_debugfs_init() function in drivers/gpu/drm/i915/gvt/debugfs.c. A local user can perform a denial of service (DoS) attack.
242) Use-after-free (CVE-ID: CVE-2023-54100)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __qedi_remove() function in drivers/scsi/qedi/qedi_main.c. A local user can escalate privileges on the system.
243) Memory leak (CVE-ID: CVE-2023-54102)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_debugfs_lockstat_write() function in drivers/scsi/lpfc/lpfc_debugfs.c. A local user can perform a denial of service (DoS) attack.
244) Out-of-bounds read (CVE-ID: CVE-2023-54104)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fun_exec_op() function in drivers/mtd/nand/raw/fsl_upm.c. A local user can perform a denial of service (DoS) attack.
245) Resource management error (CVE-ID: CVE-2023-54108)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qla_nvme_release_fcp_cmd_kref(), qla_nvme_release_ls_cmd_kref() and qla_nvme_ls_req() functions in drivers/scsi/qla2xxx/qla_nvme.c. A local user can perform a denial of service (DoS) attack.
246) Memory leak (CVE-ID: CVE-2023-54110)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rndis_query() function in drivers/net/usb/rndis_host.c. A local user can perform a denial of service (DoS) attack.
247) Memory leak (CVE-ID: CVE-2023-54111)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rockchip_pinctrl_parse_groups() function in drivers/pinctrl/pinctrl-rockchip.c. A local user can perform a denial of service (DoS) attack.
248) Memory leak (CVE-ID: CVE-2023-54115)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nonstatic_release_resource_db() function in drivers/pcmcia/rsrc_nonstatic.c. A local user can perform a denial of service (DoS) attack.
249) Improper error handling (CVE-ID: CVE-2023-54118)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the sc16is7xx_probe() function in drivers/tty/serial/sc16is7xx.c. A local user can perform a denial of service (DoS) attack.
250) Input validation error (CVE-ID: CVE-2023-54119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the inotify_handle_inode_event() function in fs/notify/inotify/inotify_fsnotify.c. A local user can perform a denial of service (DoS) attack.
251) Use-after-free (CVE-ID: CVE-2023-54120)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hidp_set_timer() function in net/bluetooth/hidp/core.c. A local user can escalate privileges on the system.
252) NULL pointer dereference (CVE-ID: CVE-2023-54122)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpu_crtc_reset() function in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c. A local user can perform a denial of service (DoS) attack.
253) Memory leak (CVE-ID: CVE-2023-54123)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the setup_geo(), setup_conf() and raid10_run() functions in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
254) Improper locking (CVE-ID: CVE-2023-54126)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the safexcel_probe_generic() function in drivers/crypto/inside-secure/safexcel.c. A local user can perform a denial of service (DoS) attack.
255) Double free (CVE-ID: CVE-2023-54127)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the dbUnmount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
256) Memory leak (CVE-ID: CVE-2023-54130)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hfs_write_inode() function in fs/hfs/inode.c. A local user can perform a denial of service (DoS) attack.
257) Memory leak (CVE-ID: CVE-2023-54131)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rt2x00lib_remove_hw() function in drivers/net/wireless/ralink/rt2x00/rt2x00dev.c. A local user can perform a denial of service (DoS) attack.
258) Memory leak (CVE-ID: CVE-2023-54136)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sprd_rx_free_buf() and sprd_probe() functions in drivers/tty/serial/sprd_serial.c. A local user can perform a denial of service (DoS) attack.
259) Buffer overflow (CVE-ID: CVE-2023-54140)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nilfs_load_inode_block() function in fs/nilfs2/inode.c. A local user can perform a denial of service (DoS) attack.
260) Use-after-free (CVE-ID: CVE-2023-54142)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __gtp_encap_destroy() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
261) Memory leak (CVE-ID: CVE-2023-54146)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the crash_load_segments() function in arch/x86/kernel/crash.c. A local user can perform a denial of service (DoS) attack.
262) Out-of-bounds read (CVE-ID: CVE-2023-54150)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_gpio_i2c_info() function in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
263) Memory leak (CVE-ID: CVE-2023-54153)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __ext4_fill_super() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
264) NULL pointer dereference (CVE-ID: CVE-2023-54156)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efx_ef10_fini_nic() and efx_ef10_update_stats_pf() functions in drivers/net/ethernet/sfc/ef10.c. A local user can perform a denial of service (DoS) attack.
265) Improper locking (CVE-ID: CVE-2023-54159)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the advance_enq_gpd(), qmu_done_tx() and qmu_done_rx() functions in drivers/usb/mtu3/mtu3_qmu.c. A local user can perform a denial of service (DoS) attack.
266) Out-of-bounds read (CVE-ID: CVE-2023-54166)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the igc_clean_all_tx_rings(), igc_down() and igc_enable_rx_ring() functions in drivers/net/ethernet/intel/igc/igc_main.c. A local user can perform a denial of service (DoS) attack.
267) Buffer overflow (CVE-ID: CVE-2023-54168)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the set_user_sq_size() function in drivers/infiniband/hw/mlx4/qp.c. A local user can perform a denial of service (DoS) attack.
268) Input validation error (CVE-ID: CVE-2023-54170)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the construct_alloc_key() function in security/keys/request_key.c. A local user can perform a denial of service (DoS) attack.
269) Memory leak (CVE-ID: CVE-2023-54171)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tracing_release_pipe() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
270) NULL pointer dereference (CVE-ID: CVE-2023-54173)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the DEFINE_PER_CPU() and bpf_event_output() functions in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.
271) Resource management error (CVE-ID: CVE-2023-54177)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the invalidate_dquots() function in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
272) Out-of-bounds read (CVE-ID: CVE-2023-54179)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qla2x00_create_host() function in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
273) Memory leak (CVE-ID: CVE-2023-54183)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the v4l2_fwnode_parse_link() function in drivers/media/v4l2-core/v4l2-fwnode.c. A local user can perform a denial of service (DoS) attack.
274) Use-after-free (CVE-ID: CVE-2023-54186)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pin_assignment_show() function in drivers/usb/typec/altmodes/displayport.c. A local user can escalate privileges on the system.
275) NULL pointer dereference (CVE-ID: CVE-2023-54189)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the persistent_ram_new() function in fs/pstore/ram_core.c. A local user can perform a denial of service (DoS) attack.
276) Memory leak (CVE-ID: CVE-2023-54190)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the of_led_get() function in drivers/leds/led-class.c. A local user can perform a denial of service (DoS) attack.
277) Use-after-free (CVE-ID: CVE-2023-54197)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btsdio_remove() function in drivers/bluetooth/btsdio.c. A local user can escalate privileges on the system.
278) Out-of-bounds read (CVE-ID: CVE-2023-54198)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tty_driver_lookup_tty() function in drivers/tty/tty_io.c. A local user can perform a denial of service (DoS) attack.
279) Use-after-free (CVE-ID: CVE-2023-54199)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the adreno_gpu_init() function in drivers/gpu/drm/msm/adreno/adreno_gpu.c. A local user can escalate privileges on the system.
280) Use-after-free (CVE-ID: CVE-2023-54201)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efa_destroy_qp() and efa_destroy_cq() functions in drivers/infiniband/hw/efa/efa_verbs.c. A local user can escalate privileges on the system.
281) Use-after-free (CVE-ID: CVE-2023-54202)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the i915_perf_add_config_ioctl() function in drivers/gpu/drm/i915/i915_perf.c. A local user can escalate privileges on the system.
282) Memory leak (CVE-ID: CVE-2023-54205)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the stm32_pctrl_get_irq_domain() function in drivers/pinctrl/stm32/pinctrl-stm32.c. A local user can perform a denial of service (DoS) attack.
283) Memory leak (CVE-ID: CVE-2023-54208)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ov5675_init_controls() function in drivers/media/i2c/ov5675.c. A local user can perform a denial of service (DoS) attack.
284) Resource management error (CVE-ID: CVE-2023-54211)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __ftrace_event_enable_disable() function in kernel/trace/trace_events.c. A local user can perform a denial of service (DoS) attack.
285) Resource management error (CVE-ID: CVE-2023-54213)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sisusb_probe() function in drivers/usb/misc/sisusbvga/sisusbvga.c. A local user can perform a denial of service (DoS) attack.
286) Use-after-free (CVE-ID: CVE-2023-54214)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_sock_alloc_skb_cb() function in net/bluetooth/l2cap_sock.c. A local user can escalate privileges on the system.
287) Improper locking (CVE-ID: CVE-2023-54219)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the isert_wait_conn() function in drivers/infiniband/ulp/isert/ib_isert.c. A local user can perform a denial of service (DoS) attack.
288) Memory leak (CVE-ID: CVE-2023-54230)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amba_device_release() function in drivers/amba/bus.c. A local user can perform a denial of service (DoS) attack.
289) Improper locking (CVE-ID: CVE-2023-54236)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the net_failover_select_queue() function in drivers/net/net_failover.c. A local user can perform a denial of service (DoS) attack.
290) Division by zero (CVE-ID: CVE-2023-54242)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the bfqq_request_over_limit() function in block/bfq-iosched.c. A local user can perform a denial of service (DoS) attack.
291) Use-after-free (CVE-ID: CVE-2023-54243)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __do_replace() function in net/ipv6/netfilter/ip6_tables.c. A local user can escalate privileges on the system.
292) Input validation error (CVE-ID: CVE-2023-54244)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the acpi_ec_remove_query_handlers() function in drivers/acpi/ec.c. A local user can perform a denial of service (DoS) attack.
293) Out-of-bounds read (CVE-ID: CVE-2023-54245)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tx_macro_mclk_enable(), tx_macro_enable_dec(), tx_macro_hw_params() and tx_macro_digital_mute() functions in sound/soc/codecs/lpass-tx-macro.c. A local user can perform a denial of service (DoS) attack.
294) Memory leak (CVE-ID: CVE-2023-54252)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tlmi_analyze() function in drivers/platform/x86/think-lmi.c. A local user can perform a denial of service (DoS) attack.
295) Memory leak (CVE-ID: CVE-2023-54260)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the _smbd_get_connection() function in fs/cifs/smbdirect.c. A local user can perform a denial of service (DoS) attack.
296) NULL pointer dereference (CVE-ID: CVE-2023-54264)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the alloc_branch() function in fs/sysv/itree.c. A local user can perform a denial of service (DoS) attack.
297) Memory leak (CVE-ID: CVE-2023-54266)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the m920x_i2c_xfer() function in drivers/media/usb/dvb-usb/m920x.c. A local user can perform a denial of service (DoS) attack.
298) Reachable assertion (CVE-ID: CVE-2023-54269)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the svc_defer() function in net/sunrpc/svc_xprt.c. A local user can perform a denial of service (DoS) attack.
299) Use-after-free (CVE-ID: CVE-2023-54270)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smsusb_stop_streaming() function in drivers/media/usb/siano/smsusb.c. A local user can escalate privileges on the system.
300) NULL pointer dereference (CVE-ID: CVE-2023-54271)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blkcg_activate_policy() function in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
301) NULL pointer dereference (CVE-ID: CVE-2023-54274)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the srpt_format_guid() and srpt_refresh_port() functions in drivers/infiniband/ulp/srpt/ib_srpt.c. A local user can perform a denial of service (DoS) attack.
302) Memory leak (CVE-ID: CVE-2023-54275)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath11k_peer_rx_frag_setup() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can perform a denial of service (DoS) attack.
303) Improper locking (CVE-ID: CVE-2023-54277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dlfb_usb_probe() and dlfb_alloc_urb_list() functions in drivers/video/fbdev/udlfb.c. A local user can perform a denial of service (DoS) attack.
304) Use-after-free (CVE-ID: CVE-2023-54280)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the target_share_matches_server() and __tree_connect_dfs_target() functions in fs/cifs/dfs.c. A local user can escalate privileges on the system.
305) Integer underflow (CVE-ID: CVE-2023-54284)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the write_ts_to_decoder() function in drivers/staging/media/deprecated/saa7146/av7110/av7110_av.c. A local user can execute arbitrary code.
306) Buffer overflow (CVE-ID: CVE-2023-54286)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the iwlagn_send_sta_key() function in drivers/net/wireless/intel/iwlwifi/dvm/sta.c. A local user can escalate privileges on the system.
307) NULL pointer dereference (CVE-ID: CVE-2023-54287)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the imx_uart_probe() function in drivers/tty/serial/imx.c. A local user can perform a denial of service (DoS) attack.
308) NULL pointer dereference (CVE-ID: CVE-2023-54289)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qedf_alloc_global_queues() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.
309) Improper locking (CVE-ID: CVE-2023-54292)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the irdma_free_cqp_request(), irdma_free_pending_cqp_request() and irdma_wait_event() functions in drivers/infiniband/hw/irdma/utils.c. A local user can perform a denial of service (DoS) attack.
310) Use-after-free (CVE-ID: CVE-2023-54293)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bch_root_node_dirty_init() function in drivers/md/bcache/writeback.c. A local user can escalate privileges on the system.
311) Memory leak (CVE-ID: CVE-2023-54294)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the raid10_run() function in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
312) Out-of-bounds read (CVE-ID: CVE-2023-54295)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the spi_nor_init_non_uniform_erase_map() and spi_nor_parse_4bait() functions in drivers/mtd/spi-nor/sfdp.c. A local user can perform a denial of service (DoS) attack.
313) NULL pointer dereference (CVE-ID: CVE-2023-54298)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the MODULE_DEVICE_TABLE() function in drivers/thermal/intel_quark_dts_thermal.c. A local user can perform a denial of service (DoS) attack.
314) NULL pointer dereference (CVE-ID: CVE-2023-54299)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/usb/typec_altmode.h. A local user can perform a denial of service (DoS) attack.
315) Input validation error (CVE-ID: CVE-2023-54300)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ath9k_wmi_ctrl_rx() function in drivers/net/wireless/ath/ath9k/wmi.c. A local user can perform a denial of service (DoS) attack.
316) Memory leak (CVE-ID: CVE-2023-54301)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the brcmuart_probe() function in drivers/tty/serial/8250/8250_bcm7271.c. A local user can perform a denial of service (DoS) attack.
317) Improper locking (CVE-ID: CVE-2023-54302)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the irdma_wait_event() function in drivers/infiniband/hw/irdma/utils.c. A local user can perform a denial of service (DoS) attack.
318) NULL pointer dereference (CVE-ID: CVE-2023-54304)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the meson_sm_probe() function in drivers/firmware/meson/meson_sm.c. A local user can perform a denial of service (DoS) attack.
319) Input validation error (CVE-ID: CVE-2023-54305)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ext4_xattr_inode_create() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
320) Buffer overflow (CVE-ID: CVE-2023-54309)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the function in drivers/char/tpm/tpm_vtpm_proxy.c. A local user can escalate privileges on the system.
321) Improper locking (CVE-ID: CVE-2023-54311)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_finish_convert_inline_dir() and ext4_convert_inline_data_nolock() functions in fs/ext4/inline.c. A local user can perform a denial of service (DoS) attack.
322) NULL pointer dereference (CVE-ID: CVE-2023-54315)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pnv_pci_sriov_disable() function in arch/powerpc/platforms/powernv/pci-sriov.c. A local user can perform a denial of service (DoS) attack.
323) Buffer overflow (CVE-ID: CVE-2023-54317)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the corrupt_bio_data() function in drivers/md/dm-flakey.c. A local user can perform a denial of service (DoS) attack.
324) Memory leak (CVE-ID: CVE-2023-54319)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the atmel_pinctrl_probe() function in drivers/pinctrl/pinctrl-at91-pio4.c. A local user can perform a denial of service (DoS) attack.
325) NULL pointer dereference (CVE-ID: CVE-2023-54321)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the device_add() function in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.
326) Out-of-bounds read (CVE-ID: CVE-2023-54325)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qat_alg_skcipher_init_com() function in drivers/crypto/qat/qat_common/qat_algs.c. A local user can perform a denial of service (DoS) attack.
327) Use-after-free (CVE-ID: CVE-2023-54326)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pci_endpoint_test_remove() function in drivers/misc/pci_endpoint_test.c. A local user can escalate privileges on the system.
328) Input validation error (CVE-ID: CVE-2024-26581)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in net/netfilter/nft_set_rbtree.c. A locla user can perform a denial of service (DoS) attack.
329) Race condition (CVE-ID: CVE-2024-26832)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the zswap_writeback_entry() function in mm/zswap.c. A local user can escalate privileges on the system.
330) Resource management error (CVE-ID: CVE-2024-28956)
The vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to an error in the hardware support for prediction-domain isolation dubbed "Indirect Target Selection". A malicious guest can infer the contents of arbitrary host memory, including memory assigned to other guests.
331) Information exposure through microarchitectural state after transient execution (CVE-ID: CVE-2024-36348)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information leak. A local user process can infer the control registers speculatively even if UMIP[3] feature is enabled, potentially resulting in information leakage.
332) Information exposure through microarchitectural state after transient execution (CVE-ID: CVE-2024-36349)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information leak. A local user process can infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.
333) Information exposure through microarchitectural state after transient execution (CVE-ID: CVE-2024-36350)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information leak. A local user can obtain sensitive data from previous stores.
334) Information exposure through microarchitectural state after transient execution (CVE-ID: CVE-2024-36357)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information leak. A local user can obtain sensitive data from the L1D cache.
335) Use-after-free (CVE-ID: CVE-2024-44987)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_send_skb() function in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.
336) Memory leak (CVE-ID: CVE-2024-46854)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dpaa_start_xmit() function in drivers/net/ethernet/freescale/dpaa/dpaa_eth.c. A local user can perform a denial of service (DoS) attack.
337) Use of uninitialized resource (CVE-ID: CVE-2024-50143)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the udf_current_aext() function in fs/udf/inode.c. A local user can perform a denial of service (DoS) attack.
338) Resource management error (CVE-ID: CVE-2024-54031)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/net/netfilter/nf_tables.h. A local user can perform a denial of service (DoS) attack.
339) NULL pointer dereference (CVE-ID: CVE-2025-21658)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the scrub_find_fill_first_stripe() function in fs/btrfs/scrub.c. A local user can perform a denial of service (DoS) attack.
340) Buffer overflow (CVE-ID: CVE-2025-21738)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ata_pio_sector() function in drivers/ata/libata-sff.c. A local user can perform a denial of service (DoS) attack.
341) Use-after-free (CVE-ID: CVE-2025-21760)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_nd_hdr() and ndisc_send_skb() functions in net/ipv6/ndisc.c. A local user can escalate privileges on the system.
342) Use-after-free (CVE-ID: CVE-2025-21764)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ndisc_alloc_skb() function in net/ipv6/ndisc.c. A local user can escalate privileges on the system.
343) Input validation error (CVE-ID: CVE-2025-21765)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ip6_default_advmss() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
344) Input validation error (CVE-ID: CVE-2025-21766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the out: kfree_skb_reason() and __ip_rt_update_pmtu() functions in net/ipv4/route.c. A local user can perform a denial of service (DoS) attack.
345) Buffer overflow (CVE-ID: CVE-2025-38068)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the lzo1x_1_do_compress() and lzogeneric1x_1_compress() functions in lib/lzo/lzo1x_compress.c, within the obj-$() function in lib/lzo/Makefile, within the __lzo_compress() function in crypto/lzo.c, within the __lzorle_compress() function in crypto/lzo-rle.c. A local user can perform a denial of service (DoS) attack.
346) Use-after-free (CVE-ID: CVE-2025-38129)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the page_pool_ethtool_stats_get(), page_pool_return_page() and page_pool_scrub() functions in net/core/page_pool.c. A local user can escalate privileges on the system.
347) Out-of-bounds read (CVE-ID: CVE-2025-38159)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rtw_coex_tdma_timer_base() function in drivers/net/wireless/realtek/rtw88/coex.c. A local user can perform a denial of service (DoS) attack.
348) Out-of-bounds read (CVE-ID: CVE-2025-38375)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mergeable_ctx_to_truesize(), virtnet_get_headroom(), xdp_linearize_page(), receive_small_xdp() and mergeable_xdp_get_buf() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
349) Memory leak (CVE-ID: CVE-2025-38563)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the perf_mmap_pfn_mkwrite() function in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.
350) Memory leak (CVE-ID: CVE-2025-38565)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mutex_unlock() and vm_flags_set() functions in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.
351) NULL pointer dereference (CVE-ID: CVE-2025-38684)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ets_qdisc_change() function in net/sched/sch_ets.c. A local user can perform a denial of service (DoS) attack.
352) Use-after-free (CVE-ID: CVE-2025-39977)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the function in kernel/futex/requeue.c. A local user can escalate privileges on the system.
353) Input validation error (CVE-ID: CVE-2025-40019)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the essiv_aead_crypt() function in crypto/essiv.c. A local user can perform a denial of service (DoS) attack.
354) Use-after-free (CVE-ID: CVE-2025-40044)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the udf_current_aext() function in fs/udf/inode.c. A local user can escalate privileges on the system.
355) Use-after-free (CVE-ID: CVE-2025-40139)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smc_clc_msg_hdr_valid(), smc_clc_prfx_set4_rcu() and smc_clc_prfx_set() functions in net/smc/smc_clc.c. A local user can escalate privileges on the system.
356) Improper locking (CVE-ID: CVE-2025-40215)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __xfrm_state_destroy(), __xfrm_state_delete(), xfrm_state_flush(), xfrm_flush_gc() and xfrm_state_fini() functions in net/xfrm/xfrm_state.c. A local user can perform a denial of service (DoS) attack.
357) Improper locking (CVE-ID: CVE-2025-40220)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fuse_file_release() function in fs/fuse/file.c. A local user can perform a denial of service (DoS) attack.
358) Incorrect calculation (CVE-ID: CVE-2025-40233)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the __ocfs2_move_extents_range() function in fs/ocfs2/move_extents.c. A local user can perform a denial of service (DoS) attack.
359) Memory leak (CVE-ID: CVE-2025-40256)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xfrm_state_free(), xfrm_state_gc_destroy() and __xfrm_state_destroy() functions in net/xfrm/xfrm_state.c. A local user can perform a denial of service (DoS) attack.
360) Use-after-free (CVE-ID: CVE-2025-40257)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mptcp_remove_anno_list_by_saddr(), mptcp_pm_del_add_timer() and mptcp_pm_free_anno_list() functions in net/mptcp/pm.c. A local user can escalate privileges on the system.
361) Use-after-free (CVE-ID: CVE-2025-40258)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mptcp_reset_rtx_timer() function in net/mptcp/protocol.c. A local user can escalate privileges on the system.
362) Out-of-bounds read (CVE-ID: CVE-2025-40277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vmw_cmd_check() function in drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c. A local user can perform a denial of service (DoS) attack.
363) Use-after-free (CVE-ID: CVE-2025-40280)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tipc_net_finalize_work() function in net/tipc/net.c. A local user can escalate privileges on the system.
364) Input validation error (CVE-ID: CVE-2025-40300)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vcpu_enter_guest() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
365) Out-of-bounds read (CVE-ID: CVE-2025-40331)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the inet_diag_msg_sctpladdrs_fill() function in net/sctp/diag.c. A local user can perform a denial of service (DoS) attack.
366) Buffer overflow (CVE-ID: CVE-2025-68183)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ima_protect_xattr(), ima_reset_appraise_flags(), ima_inode_setxattr() and ima_inode_set_acl() functions in security/integrity/ima/ima_appraise.c. A local user can perform a denial of service (DoS) attack.
367) Out-of-bounds read (CVE-ID: CVE-2025-68284)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the handle_auth_session_key() function in net/ceph/auth_x.c. A local user can perform a denial of service (DoS) attack.
368) Use-after-free (CVE-ID: CVE-2025-68285)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the monmap_show() and osdmap_show() functions in net/ceph/debugfs.c. A local user can escalate privileges on the system.
369) Resource management error (CVE-ID: CVE-2025-68312)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the function in drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.
370) Improper locking (CVE-ID: CVE-2025-68732)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the syncpt_release() and host1x_syncpt_put() functions in drivers/gpu/host1x/syncpt.c. A local user can perform a denial of service (DoS) attack.
371) NULL pointer dereference (CVE-ID: CVE-2025-68813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __ip_vs_get_out_rt() function in net/netfilter/ipvs/ip_vs_xmit.c. A local user can perform a denial of service (DoS) attack.
372) Resource management error (CVE-ID: CVE-2025-71085)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the calipso_skbuff_setattr() function in net/ipv6/calipso.c. A local user can perform a denial of service (DoS) attack.
373) Double free (CVE-ID: CVE-2025-71089)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the iommu_sva_bind_device() function in drivers/iommu/iommu-sva.c. A local user can perform a denial of service (DoS) attack.
374) Out-of-bounds read (CVE-ID: CVE-2025-71112)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hclge_set_vlan_filter() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.
375) Out-of-bounds read (CVE-ID: CVE-2025-71116)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the decode_pool() function in net/ceph/osdmap.c. A local user can perform a denial of service (DoS) attack.
376) NULL pointer dereference (CVE-ID: CVE-2025-71120)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gss_read_proxy_verf() function in net/sunrpc/auth_gss/svcauth_gss.c. A local user can perform a denial of service (DoS) attack.
377) Use-after-free (CVE-ID: CVE-2026-22999)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qfq_change_class() function in net/sched/sch_qfq.c. A local user can escalate privileges on the system.
378) Use-after-free (CVE-ID: CVE-2026-23001)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the macvlan_hash_lookup_source(), macvlan_hash_add_source(), macvlan_hash_add(), macvlan_flush_sources(), macvlan_forward_source() and macvlan_fill_info_macaddr() functions in drivers/net/macvlan.c. A local user can escalate privileges on the system.
379) Use-after-free (CVE-ID: CVE-2026-23074)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the teql_qdisc_init() function in net/sched/sch_teql.c. A local user can escalate privileges on the system.
380) Use-after-free (CVE-ID: CVE-2026-23089)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the parse_audio_unit() function in sound/usb/mixer.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.