SB2025033112 - Dell SmartFabric Storage Software update for third-party components
Published: March 31, 2025 Updated: May 20, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 711 secuirty vulnerabilities.
1) Improper error handling (CVE-ID: CVE-2024-41034)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nilfs_dotdot() function in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
2) Use-after-free (CVE-ID: CVE-2024-40947)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smack_post_notification() function in security/smack/smack_lsm.c, within the selinux_audit_rule_free() and selinux_audit_rule_init() functions in security/selinux/ss/services.c, within the security_key_getsecurity() function in security/security.c, within the ima_free_rule(), ima_lsm_copy_rule(), ima_lsm_update_rule() and ima_lsm_rule_init() functions in security/integrity/ima/ima_policy.c, within the aa_audit_rule_free() and aa_audit_rule_init() functions in security/apparmor/audit.c, within the audit_data_to_entry() and audit_dupe_lsm_field() functions in kernel/auditfilter.c. A local user can escalate privileges on the system.
3) Resource management error (CVE-ID: CVE-2024-41007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tcp_rtx_probe0_timed_out() function in net/ipv4/tcp_timer.c. A local user can perform a denial of service (DoS) attack.
4) Input validation error (CVE-ID: CVE-2024-41009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __aligned(), bpf_ringbuf_alloc(), bpf_ringbuf_restore_from_rec() and __bpf_ringbuf_reserve() functions in kernel/bpf/ringbuf.c. A local user can perform a denial of service (DoS) attack.
5) Use-after-free (CVE-ID: CVE-2024-41012)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fcntl_setlk() function in fs/locks.c. A local user can escalate privileges on the system.
6) Input validation error (CVE-ID: CVE-2024-41015)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ocfs2_check_dir_entry(), ocfs2_search_dirblock(), __ocfs2_delete_entry(), __ocfs2_add_entry(), ocfs2_dir_foreach_blk_id(), ocfs2_dir_foreach_blk_el(), ocfs2_find_dir_space_id() and ocfs2_find_dir_space_el() functions in fs/ocfs2/dir.c. A local user can perform a denial of service (DoS) attack.
7) Input validation error (CVE-ID: CVE-2024-41017)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __jfs_getxattr() and jfs_listxattr() functions in fs/jfs/xattr.c. A local user can perform a denial of service (DoS) attack.
8) Improper locking (CVE-ID: CVE-2024-41020)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fcntl_setlk64() function in fs/locks.c. A local user can perform a denial of service (DoS) attack.
9) Improper error handling (CVE-ID: CVE-2024-41022)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the sdma_v4_0_process_trap_irq() function in drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c. A local user can perform a denial of service (DoS) attack.
10) Input validation error (CVE-ID: CVE-2024-41035)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the usb_parse_endpoint() function in drivers/usb/core/config.c. A local user can perform a denial of service (DoS) attack.
11) NULL pointer dereference (CVE-ID: CVE-2024-36938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/skmsg.h. A local user can perform a denial of service (DoS) attack.
12) Use-after-free (CVE-ID: CVE-2024-41040)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the net/sched/act_ct.c. A local user can escalate privileges on the system.
13) Resource management error (CVE-ID: CVE-2024-41041)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sock_set_flag() and spin_unlock() functions in net/ipv4/udp.c. A local user can perform a denial of service (DoS) attack.
14) Input validation error (CVE-ID: CVE-2024-41044)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ppp_read() and ppp_write() functions in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.
15) Double free (CVE-ID: CVE-2024-41046)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ltq_etop_free_channel() function in drivers/net/ethernet/lantiq_etop.c. A local user can perform a denial of service (DoS) attack.
16) Use-after-free (CVE-ID: CVE-2024-41049)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the posix_lock_inode() function in fs/locks.c. A local user can escalate privileges on the system.
17) NULL pointer dereference (CVE-ID: CVE-2024-41055)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/mmzone.h. A local user can perform a denial of service (DoS) attack.
18) Use of uninitialized resource (CVE-ID: CVE-2024-41059)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the hfsplus_listxattr() function in fs/hfsplus/xattr.c. A local user can perform a denial of service (DoS) attack.
19) Improper locking (CVE-ID: CVE-2024-41063)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hci_unregister_dev() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
20) Out-of-bounds read (CVE-ID: CVE-2024-39487)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bond_option_arp_ip_targets_set() function in drivers/net/bonding/bond_options.c. A local user can perform a denial of service (DoS) attack.
21) NULL pointer dereference (CVE-ID: CVE-2024-36901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ip6_output() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.
22) Memory leak (CVE-ID: CVE-2024-41065)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the alloc_dispatch_log_kmem_cache() function in arch/powerpc/platforms/pseries/setup.c. A local user can perform a denial of service (DoS) attack.
23) Resource management error (CVE-ID: CVE-2024-27065)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nf_tables_updtable() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
24) NULL pointer dereference (CVE-ID: CVE-2024-27044)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn10_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c. A local user can perform a denial of service (DoS) attack.
25) Buffer overflow (CVE-ID: CVE-2024-27045)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the dp_dsc_clock_en_read() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can escalate privileges on the system.
26) NULL pointer dereference (CVE-ID: CVE-2024-27046)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfp_fl_lag_do_work() function in drivers/net/ethernet/netronome/nfp/flower/lag_conf.c. A local user can perform a denial of service (DoS) attack.
27) NULL pointer dereference (CVE-ID: CVE-2024-27047)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the phy_get_internal_delay() function in drivers/net/phy/phy_device.c. A local user can perform a denial of service (DoS) attack.
28) NULL pointer dereference (CVE-ID: CVE-2024-27051)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the brcm_avs_is_firmware_loaded() function in drivers/cpufreq/brcmstb-avs-cpufreq.c. A local user can perform a denial of service (DoS) attack.
29) Use-after-free (CVE-ID: CVE-2024-27052)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rtl8xxxu_stop() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c. A local user can escalate privileges on the system.
30) Improper locking (CVE-ID: CVE-2024-27053)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the wilc_parse_join_bss_param() function in drivers/staging/wilc1000/wilc_hif.c. A local user can perform a denial of service (DoS) attack.
31) Division by zero (CVE-ID: CVE-2024-27059)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the isd200_dump_driveid(), isd200_get_inquiry_data() and isd200_init_info() functions in drivers/usb/storage/isd200.c. A local user can perform a denial of service (DoS) attack.
32) Memory leak (CVE-ID: CVE-2024-27073)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the budget_av_attach() function in drivers/media/pci/ttpci/budget-av.c. A local user can perform a denial of service (DoS) attack.
33) Reachable assertion (CVE-ID: CVE-2024-36484)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the __inet_accept() function in net/ipv4/af_inet.c. A local user can perform a denial of service (DoS) attack.
34) Memory leak (CVE-ID: CVE-2024-27074)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the go7007_load_encoder() function in drivers/media/usb/go7007/go7007-driver.c. A local user can perform a denial of service (DoS) attack.
35) Stack-based buffer overflow (CVE-ID: CVE-2024-27075)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to stack overflow within the stv0367_writeregs() function in drivers/media/dvb-frontends/stv0367.c. A local user can perform a denial of service (DoS) attack.
36) Memory leak (CVE-ID: CVE-2024-27076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ipu_csc_scaler_release() function in drivers/staging/media/imx/imx-media-csc-scaler.c. A local user can perform a denial of service (DoS) attack.
37) Memory leak (CVE-ID: CVE-2024-27077)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the v4l2_m2m_register_entity() function in drivers/media/v4l2-core/v4l2-mem2mem.c. A local user can perform a denial of service (DoS) attack.
38) Memory leak (CVE-ID: CVE-2024-27078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tpg_alloc() function in drivers/media/common/v4l2-tpg/v4l2-tpg-core.c. A local user can perform a denial of service (DoS) attack.
39) Memory leak (CVE-ID: CVE-2024-27388)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gssx_dec_option_array() function in net/sunrpc/auth_gss/gss_rpc_xdr.c. A local user can perform a denial of service (DoS) attack.
40) Resource management error (CVE-ID: CVE-2024-27437)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vfio_intx_set_signal() function in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
41) Use-after-free (CVE-ID: CVE-2022-48666)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __scsi_remove_device() function in drivers/scsi/scsi_sysfs.c, within the scsi_alloc_sdev() function in drivers/scsi/scsi_scan.c, within the scsi_mq_setup_tags() function in drivers/scsi/scsi_lib.c, within the scsi_remove_host(), scsi_add_host_with_dma() and scsi_host_dev_release() functions in drivers/scsi/hosts.c. A local user can escalate privileges on the system.
42) Improper locking (CVE-ID: CVE-2024-41064)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the eeh_pe_bus_get() function in arch/powerpc/kernel/eeh_pe.c. A local user can perform a denial of service (DoS) attack.
43) Resource management error (CVE-ID: CVE-2024-41068)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sclp_init() function in drivers/s390/char/sclp.c. A local user can perform a denial of service (DoS) attack.
44) NULL pointer dereference (CVE-ID: CVE-2024-27038)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_core_get() function in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
45) Memory leak (CVE-ID: CVE-2024-42236)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the usb_string_copy() function in drivers/usb/gadget/configfs.c. A local user can perform a denial of service (DoS) attack.
46) Improper locking (CVE-ID: CVE-2024-42153)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the wait_reset(), i2c_pnx_master_xmit(), i2c_pnx_master_rcv(), i2c_pnx_interrupt(), i2c_pnx_timeout(), i2c_pnx_xfer() and i2c_pnx_probe() functions in drivers/i2c/busses/i2c-pnx.c. A local user can perform a denial of service (DoS) attack.
47) Input validation error (CVE-ID: CVE-2024-42154)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sizeof() function in net/ipv4/tcp_metrics.c. A local user can perform a denial of service (DoS) attack.
48) Input validation error (CVE-ID: CVE-2024-42157)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pkey_unlocked_ioctl() function in drivers/s390/crypto/pkey_api.c. A local user can perform a denial of service (DoS) attack.
49) Use of uninitialized resource (CVE-ID: CVE-2024-42161)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the tools/lib/bpf/bpf_core_read.h. A local user can perform a denial of service (DoS) attack.
50) Integer overflow (CVE-ID: CVE-2024-42223)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the tda10048_set_if() function in drivers/media/dvb-frontends/tda10048.c. A local user can execute arbitrary code.
51) Improper error handling (CVE-ID: CVE-2024-42224)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mv88e6xxx_default_mdio_bus() function in drivers/net/dsa/mv88e6xxx/chip.c. A local user can perform a denial of service (DoS) attack.
52) Buffer overflow (CVE-ID: CVE-2024-42229)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the setkey_unaligned() function in crypto/cipher.c, within the setkey_unaligned() function in crypto/aead.c. A local user can perform a denial of service (DoS) attack.
53) Use-after-free (CVE-ID: CVE-2024-42232)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the delayed_work() and EXPORT_SYMBOL() functions in net/ceph/mon_client.c. A local user can escalate privileges on the system.
54) Input validation error (CVE-ID: CVE-2024-42244)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mos7840_port_remove() function in drivers/usb/serial/mos7840.c. A local user can perform a denial of service (DoS) attack.
55) Out-of-bounds read (CVE-ID: CVE-2024-42148)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/net/ethernet/broadcom/bnx2x/bnx2x.h. A local user can perform a denial of service (DoS) attack.
56) Resource management error (CVE-ID: CVE-2024-42247)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the swap_endian() function in drivers/net/wireguard/allowedips.c. A local user can perform a denial of service (DoS) attack.
57) Resource exhaustion (CVE-ID: CVE-2021-3669)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to measuring usage of the shared memory does not scale with large shared memory segment counts. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
58) Use-after-free (CVE-ID: CVE-2022-48733)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_wait_delalloc_flush() and btrfs_commit_transaction() functions in fs/btrfs/transaction.c, within the create_snapshot() function in fs/btrfs/ioctl.c. A local user can escalate privileges on the system.
59) NULL pointer dereference (CVE-ID: CVE-2023-31083)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the hci_uart_tty_ioctl() function in drivers/bluetooth/hci_ldisc.c. A local user can pass specially crafted data to the system and perform a denial of service (DoS) attack.
60) NULL pointer dereference (CVE-ID: CVE-2023-52889)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the apparmor_socket_sock_rcv_skb() function in security/apparmor/lsm.c. A local user can perform a denial of service (DoS) attack.
61) Improper locking (CVE-ID: CVE-2024-27397)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __nft_rbtree_insert(), nft_rbtree_deactivate() and nft_rbtree_gc() functions in net/netfilter/nft_set_rbtree.c, within the pipapo_get(), nft_pipapo_get(), nft_pipapo_insert(), pipapo_gc() and pipapo_deactivate() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_key(), nft_rhash_cmp(), nft_rhash_lookup(), nft_rhash_get(), nft_rhash_update(), nft_rhash_insert() and nft_rhash_deactivate() functions in net/netfilter/nft_set_hash.c, within the nft_trans_gc_catchall_sync() and nf_tables_valid_genid() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
62) Buffer overflow (CVE-ID: CVE-2024-38577)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kernel/rcu/tasks.h. A local user can escalate privileges on the system.
63) Input validation error (CVE-ID: CVE-2024-41011)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the kfd_ioctl_alloc_memory_of_gpu(), criu_restore_memory_of_gpu() and kfd_mmio_mmap() functions in drivers/gpu/drm/amd/amdkfd/kfd_chardev.c. A local user can perform a denial of service (DoS) attack.
64) Memory leak (CVE-ID: CVE-2024-42152)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvmet_sq_destroy() function in drivers/nvme/target/core.c. A local user can perform a denial of service (DoS) attack.
65) Buffer overflow (CVE-ID: CVE-2024-42145)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the MODULE_AUTHOR(), __get_agent(), send_handler(), recv_handler() and ib_umad_read() functions in drivers/infiniband/core/user_mad.c. A local user can perform a denial of service (DoS) attack.
66) Use-after-free (CVE-ID: CVE-2024-41070)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kvm_spapr_tce_attach_iommu_group() function in arch/powerpc/kvm/book3s_64_vio.c. A local user can escalate privileges on the system.
67) Use-after-free (CVE-ID: CVE-2024-42104)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_check_page() and nilfs_error() functions in fs/nilfs2/dir.c. A local user can escalate privileges on the system.
68) Input validation error (CVE-ID: CVE-2024-41072)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cfg80211_wext_siwscan() function in net/wireless/scan.c. A local user can perform a denial of service (DoS) attack.
69) NULL pointer dereference (CVE-ID: CVE-2024-41077)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the null_validate_conf() function in drivers/block/null_blk/main.c. A local user can perform a denial of service (DoS) attack.
70) Memory leak (CVE-ID: CVE-2024-41078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the btrfs_quota_disable() function in fs/btrfs/qgroup.c. A local user can perform a denial of service (DoS) attack.
71) Resource management error (CVE-ID: CVE-2024-41081)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ila_output() function in net/ipv6/ila/ila_lwt.c. A local user can perform a denial of service (DoS) attack.
72) Out-of-bounds read (CVE-ID: CVE-2024-41090)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tap_get_user_xdp() function in drivers/net/tap.c. A local user can perform a denial of service (DoS) attack.
73) Out-of-bounds read (CVE-ID: CVE-2024-41091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tun_xdp_one() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
74) NULL pointer dereference (CVE-ID: CVE-2024-42101)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nouveau_connector_get_modes() function in drivers/gpu/drm/nouveau/nouveau_connector.c. A local user can perform a denial of service (DoS) attack.
75) Integer overflow (CVE-ID: CVE-2024-42102)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the wb_dirty_limits() function in mm/page-writeback.c. A local user can execute arbitrary code.
76) Use-after-free (CVE-ID: CVE-2024-42105)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_store_disk_layout() function in fs/nilfs2/the_nilfs.c. A local user can escalate privileges on the system.
77) Out-of-bounds read (CVE-ID: CVE-2024-42143)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the orangefs_statfs() function in fs/orangefs/super.c. A local user can perform a denial of service (DoS) attack.
78) Use of uninitialized resource (CVE-ID: CVE-2024-42106)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the inet_diag_dump_compat() and inet_diag_get_exact_compat() functions in net/ipv4/inet_diag.c. A local user can perform a denial of service (DoS) attack.
79) Use-after-free (CVE-ID: CVE-2024-42115)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the jffs2_i_init_once() function in fs/jffs2/super.c. A local user can escalate privileges on the system.
80) Improper error handling (CVE-ID: CVE-2024-42119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the find_first_free_audio() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
81) Input validation error (CVE-ID: CVE-2024-42120)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dce110_vblank_set() function in drivers/gpu/drm/amd/display/dc/irq/dce110/irq_service_dce110.c. A local user can perform a denial of service (DoS) attack.
82) Input validation error (CVE-ID: CVE-2024-42121)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the read() and write() functions in drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c. A local user can perform a denial of service (DoS) attack.
83) Input validation error (CVE-ID: CVE-2024-42124)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qedf_execute_tmf() function in drivers/scsi/qedf/qedf_io.c. A local user can perform a denial of service (DoS) attack.
84) Improper error handling (CVE-ID: CVE-2024-42127)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the lima_pp_init() and lima_pp_bcast_init() functions in drivers/gpu/drm/lima/lima_pp.c, within the lima_mmu_init() function in drivers/gpu/drm/lima/lima_mmu.c, within the lima_gp_init() function in drivers/gpu/drm/lima/lima_gp.c. A local user can perform a denial of service (DoS) attack.
85) Integer overflow (CVE-ID: CVE-2024-42131)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the domain_dirty_limits(), node_dirty_limit(), dirty_background_bytes_handler() and dirty_bytes_handler() functions in mm/page-writeback.c. A local user can execute arbitrary code.
86) Use-after-free (CVE-ID: CVE-2024-42137)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qca_serdev_shutdown() function in drivers/bluetooth/hci_qca.c. A local user can escalate privileges on the system.
87) Use-after-free (CVE-ID: CVE-2024-27043)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dvb_register_device() function in drivers/media/dvb-core/dvbdev.c. A local user can escalate privileges on the system.
88) Race condition (CVE-ID: CVE-2024-27030)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rvu_queue_work(), rvu_mbox_intr_handler() and rvu_register_interrupts() functions in drivers/net/ethernet/marvell/octeontx2/af/rvu.c. A local user can escalate privileges on the system.
89) NULL pointer dereference (CVE-ID: CVE-2024-41098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ata_host_release() function in drivers/ata/libata-core.c. A local user can perform a denial of service (DoS) attack.
90) Buffer overflow (CVE-ID: CVE-2024-26884)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the htab_map_alloc() function in kernel/bpf/hashtab.c on 32-bit platforms. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
91) Use-after-free (CVE-ID: CVE-2024-26872)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the srpt_add_one() function in drivers/infiniband/ulp/srpt/ib_srpt.c. A local user can escalate privileges on the system.
92) NULL pointer dereference (CVE-ID: CVE-2024-26874)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_drm_crtc_finish_page_flip() function in drivers/gpu/drm/mediatek/mtk_drm_crtc.c. A local user can perform a denial of service (DoS) attack.
93) Use-after-free (CVE-ID: CVE-2024-26875)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pvr2_context_exit() function in drivers/media/usb/pvrusb2/pvrusb2-context.c. A local user can escalate privileges on the system.
94) Resource management error (CVE-ID: CVE-2024-26877)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the zynqmp_handle_aes_req() function in drivers/crypto/xilinx/zynqmp-aes-gcm.c. A local user can perform a denial of service (DoS) attack.
95) NULL pointer dereference (CVE-ID: CVE-2024-26878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dquot_mark_dquot_dirty(), __dquot_alloc_space(), dquot_alloc_inode(), EXPORT_SYMBOL(), dquot_claim_space_nodirty(), dquot_reclaim_space_nodirty(), __dquot_free_space(), dquot_free_inode() and __dquot_transfer() functions in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
96) Resource management error (CVE-ID: CVE-2024-26880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __dm_internal_suspend() and __dm_internal_resume() functions in drivers/md/dm.c. A local user can perform a denial of service (DoS) attack.
97) Use of uninitialized resource (CVE-ID: CVE-2024-26882)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to use of uninitialized resource within the ip_tunnel_rcv() function in net/ipv4/ip_tunnel.c. A local user can execute arbitrary code.
98) Buffer overflow (CVE-ID: CVE-2024-26883)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the stack_map_alloc() function in kernel/bpf/stackmap.c on a 32-bit platform. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
99) Buffer overflow (CVE-ID: CVE-2024-26885)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the dev_map_init_map() function in kernel/bpf/devmap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
100) Use of uninitialized resource (CVE-ID: CVE-2024-26863)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the hsr_get_node() function in net/hsr/hsr_framereg.c. A local user can perform a denial of service (DoS) attack.
101) Buffer overflow (CVE-ID: CVE-2024-26889)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the hci_get_dev_info() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
102) Improper locking (CVE-ID: CVE-2024-26891)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the devtlb_invalidation_with_pasid() function in drivers/iommu/intel/pasid.c. A local user can perform a denial of service (DoS) attack.
103) Memory leak (CVE-ID: CVE-2024-26894)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the acpi_processor_power_exit() function in drivers/acpi/processor_idle.c. A local user can perform a denial of service (DoS) attack.
104) Use-after-free (CVE-ID: CVE-2024-26895)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wilc_netdev_cleanup() function in drivers/net/wireless/microchip/wilc1000/netdev.c. A local user can escalate privileges on the system.
105) NULL pointer dereference (CVE-ID: CVE-2024-26897)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath9k_wmi_event_tasklet() function in drivers/net/wireless/ath/ath9k/wmi.c, within the ath9k_tx_init() function in drivers/net/wireless/ath/ath9k/htc_drv_txrx.c, within the ath9k_htc_probe_device() function in drivers/net/wireless/ath/ath9k/htc_drv_init.c. A local user can perform a denial of service (DoS) attack.
106) Use-after-free (CVE-ID: CVE-2024-26898)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tx() function in drivers/block/aoe/aoenet.c, within the aoecmd_cfg_pkts() function in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.
107) Information disclosure (CVE-ID: CVE-2024-26901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to information disclosure within the do_sys_name_to_handle() function in fs/fhandle.c. A local user can perform a denial of service (DoS) attack.
108) NULL pointer dereference (CVE-ID: CVE-2024-26903)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rfcomm_process_rx() function in net/bluetooth/rfcomm/core.c. A local user can perform a denial of service (DoS) attack.
109) Buffer overflow (CVE-ID: CVE-2024-26870)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nfs4_listxattr() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
110) Race condition within a thread (CVE-ID: CVE-2024-26862)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the packet_setsockopt() and packet_getsockopt() functions in net/packet/af_packet.c, within the dev_queue_xmit_nit() function in net/core/dev.c. A local user can manipulate data.
111) Improper locking (CVE-ID: CVE-2024-26907)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the set_eth_seg() function in drivers/infiniband/hw/mlx5/wr.c. A local user can execute arbitrary code.
112) Memory leak (CVE-ID: CVE-2024-26840)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kmem_cache_free() and cachefiles_daemon_unbind() functions in fs/cachefiles/bind.c. A local user can perform a denial of service (DoS) attack.
113) Improper error handling (CVE-ID: CVE-2024-26814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the vfio_fsl_mc_set_irq_trigger() function in drivers/vfio/fsl-mc/vfio_fsl_mc_intr.c. A local user can perform a denial of service (DoS) attack.
114) Memory leak (CVE-ID: CVE-2024-26816)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the print_absolute_relocs() function in arch/x86/tools/relocs.c. A local user can perform a denial of service (DoS) attack.
115) Integer overflow (CVE-ID: CVE-2024-26817)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the kfd_ioctl_get_process_apertures_new() function in drivers/gpu/drm/amd/amdkfd/kfd_chardev.c. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
116) Resource management error (CVE-ID: CVE-2024-26820)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the netvsc_vf_handle_frame(), netvsc_vf_join(), netvsc_prepare_bonding(), netvsc_register_vf(), netvsc_unregister_vf(), netvsc_probe() and netvsc_netdev_event() functions in drivers/net/hyperv/netvsc_drv.c. A local user can perform a denial of service (DoS) attack.
117) Memory leak (CVE-ID: CVE-2024-26825)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nci_free_device() function in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.
118) Memory leak (CVE-ID: CVE-2024-26833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dm_sw_fini() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
119) Resource management error (CVE-ID: CVE-2024-26835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nf_tables_updtable() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
120) Memory leak (CVE-ID: CVE-2024-26839)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the init_credit_return() function in drivers/infiniband/hw/hfi1/pio.c. A local user can perform a denial of service (DoS) attack.
121) Buffer overflow (CVE-ID: CVE-2024-26843)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the riscv_enable_runtime_services() function in drivers/firmware/efi/riscv-runtime.c, within the arm_enable_runtime_services() function in drivers/firmware/efi/arm-runtime.c. A local user can perform a denial of service (DoS) attack.
122) Race condition within a thread (CVE-ID: CVE-2024-26861)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the decrypt_packet(), counter_validate() and wg_packet_rx_poll() functions in drivers/net/wireguard/receive.c. A local user can manipulate data.
123) Improper locking (CVE-ID: CVE-2024-26845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the transport_generic_handle_tmr() function in drivers/target/target_core_transport.c, within the transport_lookup_tmr_lun() and rcu_dereference_raw() functions in drivers/target/target_core_device.c. A local user can perform a denial of service (DoS) attack.
124) Double free (CVE-ID: CVE-2024-26846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the LIST_HEAD(), nvme_fc_free_lport(), nvme_fc_init_module(), device_destroy() and nvme_fc_delete_controllers() functions in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.
125) Improper locking (CVE-ID: CVE-2024-26848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the afs_dir_iterate_block() function in fs/afs/dir.c. A local user can perform a denial of service (DoS) attack.
126) Out-of-bounds read (CVE-ID: CVE-2024-26851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the decode_seq() function in net/netfilter/nf_conntrack_h323_asn1.c. A local user can perform a denial of service (DoS) attack.
127) Use-after-free (CVE-ID: CVE-2024-26852)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_route_multipath_add() and list_for_each_entry_safe() functions in net/ipv6/route.c. A local user can escalate privileges on the system.
128) NULL pointer dereference (CVE-ID: CVE-2024-26855)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_bridge_setlink() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
129) Use of uninitialized resource (CVE-ID: CVE-2024-26857)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the geneve_rx() function in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.
130) NULL pointer dereference (CVE-ID: CVE-2024-26859)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.h. A local user can perform a denial of service (DoS) attack.
131) Improper error handling (CVE-ID: CVE-2024-26906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the copy_from_kernel_nofault_allowed() function in arch/x86/mm/maccess.c. A local user can perform a denial of service (DoS) attack.
132) Race condition (CVE-ID: CVE-2024-26910)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the list_set_destroy() and list_set_same_set() functions in net/netfilter/ipset/ip_set_list_set.c, within the ip_set_destroy_set(), ip_set_destroy(), ip_set_swap() and ip_set_fini() functions in net/netfilter/ipset/ip_set_core.c. A local user can perform a denial of service (DoS) attack.
133) NULL pointer dereference (CVE-ID: CVE-2024-27028)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_spi_interrupt() function in drivers/spi/spi-mt65xx.c. A local user can perform a denial of service (DoS) attack.
134) Input validation error (CVE-ID: CVE-2024-26997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the dwc2_cmpl_host_isoc_dma_desc() function in drivers/usb/dwc2/hcd_ddma.c in DDMA completion flow. A local user can perform a denial of service (DoS) attack.
135) Use-after-free (CVE-ID: CVE-2024-26974)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the adf_device_reset_worker() and adf_dev_aer_schedule_reset() functions in drivers/crypto/qat/qat_common/adf_aer.c. A local user can escalate privileges on the system.
136) Improper locking (CVE-ID: CVE-2024-26976)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the async_pf_execute(), kvm_clear_async_pf_completion_queue(), kvm_check_async_pf_completion() and kvm_setup_async_pf() functions in virt/kvm/async_pf.c. A local user can perform a denial of service (DoS) attack.
137) NULL pointer dereference (CVE-ID: CVE-2024-26978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the max310x_i2c_slave_addr() function in drivers/tty/serial/max310x.c. A local user can perform a denial of service (DoS) attack.
138) Out-of-bounds read (CVE-ID: CVE-2024-26981)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nilfs_type_by_mode[() function in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
139) NULL pointer dereference (CVE-ID: CVE-2024-26984)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nv50_instobj_acquire() function in drivers/gpu/drm/nouveau/nvkm/subdev/instmem/nv50.c. A local user can perform a denial of service (DoS) attack.
140) Buffer overflow (CVE-ID: CVE-2024-26988)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the setup_command_line() function in init/main.c. A local user can escalate privileges on the system.
141) Information disclosure (CVE-ID: CVE-2024-26993)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the sysfs_break_active_protection() function in fs/sysfs/file.c. A local user can gain access to sensitive information.
142) Buffer overflow (CVE-ID: CVE-2024-26994)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the get_word() function in drivers/accessibility/speakup/main.c. A local user can perform a denial of service (DoS) attack.
143) Improper locking (CVE-ID: CVE-2024-26999)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pmz_receive_chars() function in drivers/tty/serial/pmac_zilog.c. A local user can perform a denial of service (DoS) attack.
144) Out-of-bounds read (CVE-ID: CVE-2024-26970)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the F() function in drivers/clk/qcom/gcc-ipq6018.c. A local user can perform a denial of service (DoS) attack.
145) Improper locking (CVE-ID: CVE-2024-27000)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mxs_auart_set_ldisc() and mxs_auart_irq_handle() functions in drivers/tty/serial/mxs-auart.c. A local user can perform a denial of service (DoS) attack.
146) Resource management error (CVE-ID: CVE-2024-27001)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmk80xx_find_usb_endpoints() function in drivers/comedi/drivers/vmk80xx.c. A local user can perform a denial of service (DoS) attack.
147) Improper locking (CVE-ID: CVE-2024-27004)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the HLIST_HEAD(), clk_pm_runtime_put(), clk_unprepare_unused_subtree(), clk_disable_unused_subtree(), __setup(), clk_disable_unused(), __clk_release() and __clk_register() functions in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
148) Out-of-bounds read (CVE-ID: CVE-2024-27008)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the apply_dcb_encoder_quirks() and fabricate_dcb_encoder_table() functions in drivers/gpu/drm/nouveau/nouveau_bios.c. A local user can perform a denial of service (DoS) attack.
149) Improper locking (CVE-ID: CVE-2024-27013)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tun_put_user() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
150) Race condition within a thread (CVE-ID: CVE-2024-27020)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a data race within the __nft_expr_type_get() and nft_expr_type_get() functions in net/netfilter/nf_tables_api.c. A local user can execute arbitrary code.
151) Resource management error (CVE-ID: CVE-2024-27024)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rds_sendmsg() function in net/rds/send.c, within the __rds_rdma_map() function in net/rds/rdma.c. A local user can perform a denial of service (DoS) attack.
152) Improper error handling (CVE-ID: CVE-2024-27025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nbd_genl_status() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
153) Information disclosure (CVE-ID: CVE-2024-26973)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the fat_encode_fh_nostale() function in fs/fat/nfs.c. A local user can gain access to sensitive information.
154) Out-of-bounds read (CVE-ID: CVE-2024-26969)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the F() function in drivers/clk/qcom/gcc-ipq8074.c. A local user can perform a denial of service (DoS) attack.
155) Improper locking (CVE-ID: CVE-2024-26917)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fcoe_ctlr_announce(), fcoe_ctlr_els_send(), fcoe_ctlr_flogi_send_locked(), fcoe_ctlr_flogi_retry() and fcoe_ctlr_flogi_send() functions in drivers/scsi/fcoe/fcoe_ctlr.c. A local user can perform a denial of service (DoS) attack.
156) Information disclosure (CVE-ID: CVE-2024-26935)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the scsi_host_dev_release() function in drivers/scsi/hosts.c. A local user can gain access to sensitive information.
157) Buffer overflow (CVE-ID: CVE-2024-26920)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the register_snapshot_trigger() function in kernel/trace/trace_events_trigger.c. A local user can perform a denial of service (DoS) attack.
158) Input validation error (CVE-ID: CVE-2024-26922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the amdgpu_vm_bo_insert_map(), amdgpu_vm_bo_map(), amdgpu_vm_bo_replace_map(), and amdgpu_vm_bo_clear_mappings() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can pass specially crafted input to the driver and perform a denial of service (DoS) attack.
159) Improper locking (CVE-ID: CVE-2024-26923)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper locking within the unix_gc() function in net/unix/garbage.c due to garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. A local user can execute arbitrary code with elevated privileges.
160) Resource management error (CVE-ID: CVE-2024-26924)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nft_pipapo_remove() function in net/netfilter/nft_set_pipapo.c. A local user can perform a denial of service (DoS) attack.
161) Improper locking (CVE-ID: CVE-2024-26925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __nf_tables_abort() and nf_tables_abort() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
162) Use of Out-of-range Pointer Offset (CVE-ID: CVE-2024-26926)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the binder_get_object() function in drivers/android/binder.c. A local user can influence the pointer offset and potentially execute arbitrary code.
163) NULL pointer dereference (CVE-ID: CVE-2024-26931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qlt_free_session_done() function in drivers/scsi/qla2xxx/qla_target.c. A local user can perform a denial of service (DoS) attack.
164) Improper locking (CVE-ID: CVE-2024-26934)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the interface_authorized_store() function in drivers/usb/core/sysfs.c. A local user can execute arbitrary code.
165) Reachable assertion (CVE-ID: CVE-2024-26937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the gen11_emit_fini_breadcrumb_rcs() function in drivers/gpu/drm/i915/gt/intel_lrc.c, within the __engine_park() function in drivers/gpu/drm/i915/gt/intel_engine_pm.c. A local user can perform a denial of service (DoS) attack.
166) Out-of-bounds read (CVE-ID: CVE-2024-26966)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the F() function in drivers/clk/qcom/mmcc-apq8084.c. A local user can perform a denial of service (DoS) attack.
167) NULL pointer dereference (CVE-ID: CVE-2024-26950)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the get_peer() function in drivers/net/wireguard/netlink.c. A local user can perform a denial of service (DoS) attack.
168) Use-after-free (CVE-ID: CVE-2024-26951)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wg_get_device_dump() function in drivers/net/wireguard/netlink.c. A local user can escalate privileges on the system.
169) Improper error handling (CVE-ID: CVE-2024-26955)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nilfs_get_block() function in fs/nilfs2/inode.c. A local user can perform a denial of service (DoS) attack.
170) Buffer overflow (CVE-ID: CVE-2024-26956)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nilfs_direct_lookup_contig() function in fs/nilfs2/direct.c, within the nilfs_btree_lookup_contig() function in fs/nilfs2/btree.c. A local user can perform a denial of service (DoS) attack.
171) Use-after-free (CVE-ID: CVE-2024-26957)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zcrypt_pick_queue() and zcrypt_drop_queue() functions in drivers/s390/crypto/zcrypt_api.c. A local user can escalate privileges on the system.
172) Use-after-free (CVE-ID: CVE-2024-26958)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the , within the wait_on_commit() function in fs/nfs/write.c, within the nfs_direct_commit_schedule() function in fs/nfs/direct.c. A local user can escalate privileges on the system.
173) Race condition (CVE-ID: CVE-2024-26960)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the __swap_entry_free_locked() and free_swap_and_cache() functions in mm/swapfile.c. A local user can escalate privileges on the system.
174) Use-after-free (CVE-ID: CVE-2024-26961)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mac802154_llsec_key_del_rcu() function in net/mac802154/llsec.c. A local user can escalate privileges on the system.
175) Out-of-bounds read (CVE-ID: CVE-2024-26965)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the F() function in drivers/clk/qcom/mmcc-msm8974.c. A local user can perform a denial of service (DoS) attack.
176) Input validation error (CVE-ID: CVE-2024-41042)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nf_tables_rule_release(), nft_chain_validate(), nft_chain_validate_hooks() and nft_validate_register_store() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
177) Improper locking (CVE-ID: CVE-2024-42114)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the NLA_POLICY_FULL_RANGE() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
178) Improper locking (CVE-ID: CVE-2024-26812)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vfio_send_intx_eventfd(), vfio_intx_handler() and vfio_pci_set_intx_trigger() functions in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
179) NULL pointer dereference (CVE-ID: CVE-2024-46763)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fou_from_sock(), fou_gro_receive(), fou_gro_complete() and gue_gro_receive() functions in net/ipv4/fou.c. A local user can perform a denial of service (DoS) attack.
180) Use-after-free (CVE-ID: CVE-2024-46745)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uinput_validate_absinfo() function in drivers/input/misc/uinput.c. A local user can escalate privileges on the system.
181) Out-of-bounds read (CVE-ID: CVE-2024-46747)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cougar_fix_g6_mapping() function in drivers/hid/hid-cougar.c. A local user can perform a denial of service (DoS) attack.
182) Improper locking (CVE-ID: CVE-2024-46750)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pci_bus_lock(), pci_bus_unlock(), pci_bus_trylock(), list_for_each_entry_continue_reverse(), pci_slot_lock() and pci_slot_trylock() functions in drivers/pci/pci.c. A local user can perform a denial of service (DoS) attack.
183) NULL pointer dereference (CVE-ID: CVE-2024-46755)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/wireless/marvell/mwifiex/main.h. A local user can perform a denial of service (DoS) attack.
184) Integer underflow (CVE-ID: CVE-2024-46756)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the store_target_temp() and store_tolerance() functions in drivers/hwmon/w83627ehf.c. A local user can execute arbitrary code.
185) Integer underflow (CVE-ID: CVE-2024-46757)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the store_temp_offset() function in drivers/hwmon/nct6775.c. A local user can execute arbitrary code.
186) Integer underflow (CVE-ID: CVE-2024-46758)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the set_tcrit2(), set_tcrit1(), set_tcrit1_hyst() and set_offset() functions in drivers/hwmon/lm95234.c. A local user can execute arbitrary code.
187) Integer underflow (CVE-ID: CVE-2024-46759)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the adc128_set_in() and adc128_set_temp() functions in drivers/hwmon/adc128d818.c. A local user can execute arbitrary code.
188) Memory leak (CVE-ID: CVE-2024-46771)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm_notify() function in net/can/bcm.c. A local user can perform a denial of service (DoS) attack.
189) Out-of-bounds read (CVE-ID: CVE-2024-46743)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the of_irq_parse_one() function in drivers/of/irq.c. A local user can perform a denial of service (DoS) attack.
190) Integer overflow (CVE-ID: CVE-2024-46777)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the udf_fill_partdesc_info() function in fs/udf/super.c. A local user can execute arbitrary code.
191) Buffer overflow (CVE-ID: CVE-2024-46780)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nilfs_dev_revision_show(), nilfs_dev_device_size_show(), nilfs_dev_uuid_show() and nilfs_dev_volume_name_show() functions in fs/nilfs2/sysfs.c. A local user can perform a denial of service (DoS) attack.
192) Use-after-free (CVE-ID: CVE-2024-46781)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_finish_roll_forward() and nilfs_salvage_orphan_logs() functions in fs/nilfs2/recovery.c. A local user can escalate privileges on the system.
193) Use-after-free (CVE-ID: CVE-2024-46782)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ila_xlat_init_net() and ila_xlat_exit_net() functions in net/ipv6/ila/ila_xlat.c, within the ila_pre_exit_net() and ila_exit_net() functions in net/ipv6/ila/ila_main.c. A local user can escalate privileges on the system.
194) Improper error handling (CVE-ID: CVE-2024-46783)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the sk_stream_error() function in net/ipv4/tcp_bpf.c. A local user can perform a denial of service (DoS) attack.
195) Improper locking (CVE-ID: CVE-2024-46791)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mcp251x_hw_wake() function in drivers/net/can/spi/mcp251x.c. A local user can perform a denial of service (DoS) attack.
196) Use-after-free (CVE-ID: CVE-2024-46798)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_soc_dai_link_event() function in sound/soc/soc-dapm.c. A local user can escalate privileges on the system.
197) Use-after-free (CVE-ID: CVE-2024-46800)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qdisc_enqueue() function in net/sched/sch_netem.c. A local user can escalate privileges on the system.
198) Input validation error (CVE-ID: CVE-2024-46744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the squashfs_read_inode() function in fs/squashfs/inode.c. A local user can perform a denial of service (DoS) attack.
199) Use-after-free (CVE-ID: CVE-2024-46740)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the binder_transaction() function in drivers/android/binder.c. A local user can escalate privileges on the system.
200) Input validation error (CVE-ID: CVE-2024-46814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hdmi_14_process_transaction() and dp_11_process_transaction() functions in drivers/gpu/drm/amd/display/dc/hdcp/hdcp_msg.c. A local user can perform a denial of service (DoS) attack.
201) Improper error handling (CVE-ID: CVE-2024-46714)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the wbscl_set_scaler_filter() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_dwb_scl.c. A local user can perform a denial of service (DoS) attack.
202) Division by zero (CVE-ID: CVE-2024-46676)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the pn533_start_poll() function in drivers/nfc/pn533/pn533.c. A local user can perform a denial of service (DoS) attack.
203) NULL pointer dereference (CVE-ID: CVE-2024-46677)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gtp_encap_enable_socket() function in drivers/net/gtp.c. A local user can perform a denial of service (DoS) attack.
204) Input validation error (CVE-ID: CVE-2024-46679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the speed_show() function in net/core/net-sysfs.c, within the __ethtool_get_link_ksettings() function in net/core/ethtool.c. A local user can perform a denial of service (DoS) attack.
205) NULL pointer dereference (CVE-ID: CVE-2024-46685)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pcs_get_function() function in drivers/pinctrl/pinctrl-single.c. A local user can perform a denial of service (DoS) attack.
206) Infinite loop (CVE-ID: CVE-2024-46689)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the cmd_db_dev_probe() function in drivers/soc/qcom/cmd-db.c. A local user can perform a denial of service (DoS) attack.
207) Improper locking (CVE-ID: CVE-2024-46702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tb_switch_remove() function in drivers/thunderbolt/switch.c. A local user can perform a denial of service (DoS) attack.
208) NULL pointer dereference (CVE-ID: CVE-2024-46707)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the access_gic_sgi() function in arch/arm64/kvm/sys_regs.c. A local user can perform a denial of service (DoS) attack.
209) Improper locking (CVE-ID: CVE-2024-46713)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ring_buffer_init() function in kernel/events/ring_buffer.c, within the put_ctx(), perf_mmap_close(), perf_mmap() and atomic_dec() functions in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.
210) NULL pointer dereference (CVE-ID: CVE-2024-46719)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/usb/typec/ucsi/ucsi.h. A local user can perform a denial of service (DoS) attack.
211) NULL pointer dereference (CVE-ID: CVE-2024-46739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hv_uio_channel_cb() function in drivers/uio/uio_hv_generic.c. A local user can perform a denial of service (DoS) attack.
212) NULL pointer dereference (CVE-ID: CVE-2024-46721)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __aafs_profile_mkdir() function in security/apparmor/apparmorfs.c. A local user can perform a denial of service (DoS) attack.
213) Out-of-bounds read (CVE-ID: CVE-2024-46722)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_atombios_init_mc_reg_table() function in drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c. A local user can perform a denial of service (DoS) attack.
214) Out-of-bounds read (CVE-ID: CVE-2024-46723)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_cgs_get_firmware_info() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c. A local user can perform a denial of service (DoS) attack.
215) Out-of-bounds read (CVE-ID: CVE-2024-46724)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the df_v1_7_get_hbm_channel_number() function in drivers/gpu/drm/amd/amdgpu/df_v1_7.c. A local user can perform a denial of service (DoS) attack.
216) Out-of-bounds read (CVE-ID: CVE-2024-46725)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_ring_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c. A local user can perform a denial of service (DoS) attack.
217) Out-of-bounds read (CVE-ID: CVE-2024-46731)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the atomctrl_retrieve_ac_timing() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c. A local user can perform a denial of service (DoS) attack.
218) NULL pointer dereference (CVE-ID: CVE-2024-46737)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nvmet_tcp_install_queue() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.
219) Use-after-free (CVE-ID: CVE-2024-46738)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vmci_resource_remove() function in drivers/misc/vmw_vmci/vmci_resource.c. A local user can escalate privileges on the system.
220) Resource management error (CVE-ID: CVE-2024-46804)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the read() and write() functions in drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c. A local user can perform a denial of service (DoS) attack.
221) Input validation error (CVE-ID: CVE-2024-46815)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the build_watermark_ranges() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dcn21/rn_clk_mgr.c. A local user can perform a denial of service (DoS) attack.
222) Use-after-free (CVE-ID: CVE-2024-46674)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the st_dwc3_probe() and reset_control_assert() functions in drivers/usb/dwc3/dwc3-st.c. A local user can escalate privileges on the system.
223) Buffer overflow (CVE-ID: CVE-2021-36690)
The vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to a segmentation fault in the sqlite3 command-line component when processing SQL queries in the idxGetTableInfo() function. A local user can pass a specially crafted SQL query and crash the application.
224) Code Injection (CVE-ID: CVE-2024-6345)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation when processing URL in the package_index module of pypa/setuptools. A remote attacker can send a specially crafted request and execute arbitrary code on the target system via download functions.
225) Information disclosure (CVE-ID: CVE-2024-37891)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to Prox-Authorization header is not stripped during cross-origin redirects when using urllib3's proxy support with ProxyManager. A remote attacker can gain obtain proxy credentials used by the library.
226) Race condition (CVE-ID: CVE-2023-45145)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition between listen(2) and chmod(2) calls on startup. A local user can exploit the race and escalate privileges on the system.
227) Input validation error (CVE-ID: CVE-2023-28856)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote user can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access.
228) Integer overflow (CVE-ID: CVE-2023-25155)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow in the "SRANDMEMBER", "ZRANDMEMBER" and "HRANDFIELD" commands. A local user can pass specially crafted data to the application, trigger integer overflow and cause a denial of service condition on the target system.
229) Resource exhaustion (CVE-ID: CVE-2022-36021)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when matching commands (like SCAN or KEYS) with a specially crafted pattern. A remote user can trigger resource exhaustion and perform a denial of service (DoS) attack.
230) Heap-based buffer overflow (CVE-ID: CVE-2022-24834)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the cjson and cmsgpack libraries. A remote attacker can trick the victim into using a specially crafted Lua script to trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
231) Security features bypass (CVE-ID: CVE-2024-21626)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to an internal file descriptor leak that can cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace or a malicious image to allow a container process to gain access to the host filesystem through runc run. A remote attacker can trick the victim into loading a malicious image to bypass sandbox restrictions and execute arbitrary code on the host OS.
232) Out-of-bounds read (CVE-ID: CVE-2023-7104)
The vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the sessionReadRecord() function in ext/session/sqlite3session.c when processing a corrupt changeset. A remote user can send a specially crafted request to trigger an out-of-bounds read error and read contents of memory on the system or perform a denial of service attack.
233) Resource exhaustion (CVE-ID: CVE-2024-3651)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources within the idna.encode() function. A remote attacker can pass an overly long domain name to the application and perform a denial of service (DoS) attack.
234) Heap-based buffer overflow (CVE-ID: CVE-2022-48303)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the from_header() function in list.c when handling V7 archives. A remote attacker can trick the victim to open a specially crafted V7 archive, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
235) Stack-based buffer overflow (CVE-ID: CVE-2023-39804)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the xattr_decoder() function in xheader.c. A remote attacker can trick the victim to open a specially crafted tar/pax archive with an overly long xattr key, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
236) NULL pointer dereference (CVE-ID: CVE-2024-43167)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the ub_ctx_set_fwd() function. A remote attacker can send specially crafted request to the server and perform a denial of service (DoS) attack.
237) Heap-based buffer overflow (CVE-ID: CVE-2024-43168)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the cfg_mark_ports() function in config_file.c. A local user can pass a specially crafted file to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
238) Input validation error (CVE-ID: CVE-2024-28085)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied arguments along with setgid tty permissions within the wall command. A local user can execute arbitrary commands with escalated privileges on the system.
239) Improper authentication (CVE-ID: CVE-2023-52160)
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in the PEAP implementation. A remote attacker can bypass authentication process by sending an EAP-TLV Success packet instead of starting Phase 2.
Successful exploitation of the vulnerability requires that wpa_supplicant is configured to not verify the network's TLS certificate during Phase 1 authentication.
240) Untrusted search path (CVE-ID: CVE-2024-5290)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to usage of an untrusted search path. A local user in the netdev group or access to the dbus interface of wpa_supplicant can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.
241) Incorrect Regular Expression (CVE-ID: CVE-2022-40897)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing HTML content. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
242) NULL pointer dereference (CVE-ID: CVE-2024-26130)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
243) Resource management error (CVE-ID: CVE-2024-46817)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_dm_initialize_drm_device() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
244) Improper input validation (CVE-ID: CVE-2024-21096)
The vulnerability allows a local non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Client: mysqldump component in MySQL Server. A local non-authenticated attacker can exploit this vulnerability to read and manipulate data.
245) Input validation error (CVE-ID: CVE-2024-46818)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the is_pin_busy(), set_pin_busy(), set_pin_free(), dal_gpio_service_lock() and dal_gpio_service_unlock() functions in drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c. A local user can perform a denial of service (DoS) attack.
246) NULL pointer dereference (CVE-ID: CVE-2024-46819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nbio_v7_4_handle_ras_controller_intr_no_bifring() function in drivers/gpu/drm/amd/amdgpu/nbio_v7_4.c. A local user can perform a denial of service (DoS) attack.
247) NULL pointer dereference (CVE-ID: CVE-2024-46822)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arch/arm64/include/asm/acpi.h. A local user can perform a denial of service (DoS) attack.
248) Out-of-bounds read (CVE-ID: CVE-2024-46828)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.
249) Improper locking (CVE-ID: CVE-2024-46829)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __rt_mutex_slowlock(), rt_mutex_handle_deadlock() and rt_mutex_slowlock() functions in kernel/locking/rtmutex.c. A local user can perform a denial of service (DoS) attack.
250) Improper locking (CVE-ID: CVE-2024-46840)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reada_walk_down(), walk_down_proc(), do_walk_down() and walk_up_proc() functions in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.
251) Incorrect calculation (CVE-ID: CVE-2024-46844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the setup_one_line() function in arch/um/drivers/line.c. A local user can perform a denial of service (DoS) attack.
252) Improper input validation (CVE-ID: CVE-2023-22084)
The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.
253) UNIX symbolic link following (CVE-ID: CVE-2024-5742)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.
Successful exploitation of this vulnerability may result in privilege escalation.
254) NULL pointer dereference (CVE-ID: CVE-2023-49083)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error when calling the load_pem_pkcs7_certificates() or load_der_pkcs7_certificates() functions. A remote attacker can pass specially crafted PKCS7 blob/certificate certificate to the application and perform a denial of service (DoS) attack.
255) Input validation error (CVE-ID: CVE-2024-28182)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to reading the unbounded number of HTTP/2 CONTINUATION frames. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
256) Unchecked Return Value (CVE-ID: CVE-2024-0743)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to an unchecked return value in TLS handshake code in NSS TLS method. A remote attacker can trick the victim to visit a specially crafted website and execute arbitrary code on the system.
257) Buffer overflow (CVE-ID: CVE-2024-6602)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in NSS. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
258) Double free (CVE-ID: CVE-2024-6609)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in NSS. A remote attacker can force the browser to free an elliptic curve key which was never allocated and crash the browser.
259) Race condition (CVE-ID: CVE-2024-6387)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a race condition in portable version of sshd. A remote non-authenticated attacker can send a series of requests in order to trigger a race condition and execute arbitrary code on the system.
260) Off-by-one (CVE-ID: CVE-2023-47038)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an off-by-one error when processing regular expressions. A remote attacker can trigger an off-by-one error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
261) Untrusted search path (CVE-ID: CVE-2023-47039)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to usage of an untrusted search path. An attacker with limited privileges can exploit this behavior by placing cmd.exe in locations with weak permissions, such as C:\ProgramData.
The vulnerability affects Windows installations only.
262) Improper Certificate Validation (CVE-ID: CVE-2024-39689)
The vulnerability allows a remote attacker to modify data on the system.
The vulnerability exists due to Certifi python-certifi provide weaker than expected security, caused by the use of GLOBALTRUST root certificate. A remote attacker can trigger the vulnerability to launch further attacks on the system.
263) Error Handling (CVE-ID: CVE-2023-23931)
The vulnerability allows an attacker to misuse Python API.
The vulnerability exists due to a soundness bug within the Cipher.update_into function, which can allow immutable objects (such as bytes) to be mutated. A malicious programmer can misuse Python API to introduce unexpected behavior into the application.
264) Buffer overflow (CVE-ID: CVE-2024-46675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dwc3_event_buffers_setup() function in drivers/usb/dwc3/core.c. A local user can perform a denial of service (DoS) attack.
265) Use-after-free (CVE-ID: CVE-2024-46673)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aac_init_adapter() function in drivers/scsi/aacraid/comminit.c. A local user can escalate privileges on the system.
266) Use of uninitialized resource (CVE-ID: CVE-2024-42228)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the amdgpu_vce_ring_parse_cs() function in drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c. A local user can perform a denial of service (DoS) attack.
267) Double free (CVE-ID: CVE-2024-43830)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the led_trigger_set() function in drivers/leds/led-triggers.c. A local user can perform a denial of service (DoS) attack.
268) NULL pointer dereference (CVE-ID: CVE-2024-42308)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_plane_get_status() function in drivers/gpu/drm/amd/display/dc/core/dc_surface.c. A local user can perform a denial of service (DoS) attack.
269) NULL pointer dereference (CVE-ID: CVE-2024-42309)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the psb_intel_lvds_get_modes() function in drivers/gpu/drm/gma500/psb_intel_lvds.c. A local user can perform a denial of service (DoS) attack.
270) NULL pointer dereference (CVE-ID: CVE-2024-42310)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cdv_intel_lvds_get_modes() function in drivers/gpu/drm/gma500/cdv_intel_lvds.c. A local user can perform a denial of service (DoS) attack.
271) Use of uninitialized resource (CVE-ID: CVE-2024-42311)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the hfs_new_inode() and hfs_inode_read_fork() functions in fs/hfs/inode.c. A local user can perform a denial of service (DoS) attack.
272) Input validation error (CVE-ID: CVE-2024-42312)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the proc_sys_make_inode() function in fs/proc/proc_sysctl.c. A local user can perform a denial of service (DoS) attack.
273) Use-after-free (CVE-ID: CVE-2024-42313)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vdec_close() function in drivers/media/platform/qcom/venus/vdec.c. A local user can escalate privileges on the system.
274) Use of uninitialized resource (CVE-ID: CVE-2024-43828)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ext4_es_find_extent_range() function in fs/ext4/extents_status.c. A local user can perform a denial of service (DoS) attack.
275) NULL pointer dereference (CVE-ID: CVE-2024-43829)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qxl_add_mode() function in drivers/gpu/drm/qxl/qxl_display.c. A local user can perform a denial of service (DoS) attack.
276) Use-after-free (CVE-ID: CVE-2024-43834)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xdp_unreg_mem_model() function in net/core/xdp.c. A local user can escalate privileges on the system.
277) Resource management error (CVE-ID: CVE-2024-42305)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the add_dirent_to_buf() and make_indexed_dir() functions in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.
278) Improper locking (CVE-ID: CVE-2024-43835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the virtnet_receive(), virtnet_poll_cleantx(), virtnet_poll() and virtnet_poll_tx() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
279) Input validation error (CVE-ID: CVE-2024-43839)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the bnad_tx_msix_register() and bnad_rx_msix_register() functions in drivers/net/ethernet/brocade/bna/bnad.c. A local user can perform a denial of service (DoS) attack.
280) Resource management error (CVE-ID: CVE-2024-43841)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the virt_wifi_inform_bss(), virt_wifi_connect() and virt_wifi_connect_complete() functions in drivers/net/wireless/virt_wifi.c. A local user can perform a denial of service (DoS) attack.
281) Resource management error (CVE-ID: CVE-2024-43846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the objagg_obj_parent_assign() function in lib/objagg.c. A local user can perform a denial of service (DoS) attack.
282) Input validation error (CVE-ID: CVE-2024-43849)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pdr_locator_new_server(), pdr_locator_del_server() and pdr_get_domain_list() functions in drivers/soc/qcom/pdr_interface.c. A local user can perform a denial of service (DoS) attack.
283) Use-after-free (CVE-ID: CVE-2024-43853)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the proc_cpuset_show() function in kernel/cgroup/cpuset.c. A local user can escalate privileges on the system.
284) Memory leak (CVE-ID: CVE-2024-43854)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bio_integrity_prep() function in block/bio-integrity.c. A local user can perform a denial of service (DoS) attack.
285) Buffer overflow (CVE-ID: CVE-2024-43856)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dmam_free_coherent() function in kernel/dma/mapping.c. A local user can perform a denial of service (DoS) attack.
286) Buffer overflow (CVE-ID: CVE-2024-42306)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the udf_sb_free_bitmap() function in fs/udf/super.c, within the read_block_bitmap() and __load_block_bitmap() functions in fs/udf/balloc.c. A local user can perform a denial of service (DoS) attack.
287) Improper error handling (CVE-ID: CVE-2024-42304)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the __ext4_read_dirblock(), ext4_empty_dir() and ext4_get_first_dir_block() functions in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.
288) NULL pointer dereference (CVE-ID: CVE-2024-43860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the imx_rproc_addr_init() function in drivers/remoteproc/imx_rproc.c. A local user can perform a denial of service (DoS) attack.
289) Buffer overflow (CVE-ID: CVE-2024-42284)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the tipc_udp_addr2str() function in net/tipc/udp_media.c. A local user can escalate privileges on the system.
290) Infinite loop (CVE-ID: CVE-2024-42246)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the xs_tcp_setup_socket() function in net/sunrpc/xprtsock.c. A local user can perform a denial of service (DoS) attack.
291) Buffer overflow (CVE-ID: CVE-2024-42259)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the i915_error_to_vmf_fault() and vm_fault_gtt() functions in drivers/gpu/drm/i915/gem/i915_gem_mman.c. A local user can perform a denial of service (DoS) attack.
292) Input validation error (CVE-ID: CVE-2024-42265)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __releases() function in fs/file.c. A local user can perform a denial of service (DoS) attack.
293) Use of uninitialized resource (CVE-ID: CVE-2024-42272)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the DEFINE_MUTEX() and offsetof() functions in net/sched/act_ct.c. A local user can perform a denial of service (DoS) attack.
294) Input validation error (CVE-ID: CVE-2024-42276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nvme_prep_rq() function in drivers/nvme/host/pci.c. A local user can perform a denial of service (DoS) attack.
295) Use-after-free (CVE-ID: CVE-2024-42280)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hfcmulti_dtmf() and HFC_wait_nodebug() functions in drivers/isdn/hardware/mISDN/hfcmulti.c. A local user can escalate privileges on the system.
296) Input validation error (CVE-ID: CVE-2024-42281)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the bpf_skb_net_grow() function in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
297) Memory leak (CVE-ID: CVE-2024-42283)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nla_put_nh_group() function in net/ipv4/nexthop.c. A local user can perform a denial of service (DoS) attack.
298) Use-after-free (CVE-ID: CVE-2024-42285)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL(), destroy_cm_id() and cm_work_handler() functions in drivers/infiniband/core/iwcm.c. A local user can escalate privileges on the system.
299) Use-after-free (CVE-ID: CVE-2024-42302)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pci_bus_max_d3cold_delay() and pci_bridge_wait_for_secondary_bus() functions in drivers/pci/pci.c. A local user can escalate privileges on the system.
300) NULL pointer dereference (CVE-ID: CVE-2024-42286)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla_nvme_register_remote() function in drivers/scsi/qla2xxx/qla_nvme.c. A local user can perform a denial of service (DoS) attack.
301) NULL pointer dereference (CVE-ID: CVE-2024-42287)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __qla2x00_abort_all_cmds() function in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
302) Buffer overflow (CVE-ID: CVE-2024-42288)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the qla2x00_number_of_exch() function in drivers/scsi/qla2xxx/qla_os.c. A local user can escalate privileges on the system.
303) NULL pointer dereference (CVE-ID: CVE-2024-42289)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla24xx_disable_vp() function in drivers/scsi/qla2xxx/qla_mid.c. A local user can perform a denial of service (DoS) attack.
304) Resource management error (CVE-ID: CVE-2024-42290)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the imx_irqsteer_get_reg_index(), imx_irqsteer_irq_mask() and imx_irqsteer_probe() functions in drivers/irqchip/irq-imx-irqsteer.c. A local user can perform a denial of service (DoS) attack.
305) Out-of-bounds read (CVE-ID: CVE-2024-42292)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the zap_modalias_env() function in lib/kobject_uevent.c. A local user can perform a denial of service (DoS) attack.
306) Improper error handling (CVE-ID: CVE-2024-42295)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nilfs_btree_get_new_block() function in fs/nilfs2/btree.c, within the nilfs_btnode_create_block() function in fs/nilfs2/btnode.c. A local user can perform a denial of service (DoS) attack.
307) Improper error handling (CVE-ID: CVE-2024-42297)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the f2fs_mark_inode_dirty_sync() function in fs/f2fs/inode.c. A local user can perform a denial of service (DoS) attack.
308) Out-of-bounds read (CVE-ID: CVE-2024-42301)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_active_device(), do_autoprobe(), do_hardware_base_addr(), do_hardware_irq(), do_hardware_dma() and do_hardware_modes() functions in drivers/parport/procfs.c. A local user can perform a denial of service (DoS) attack.
309) Out-of-bounds read (CVE-ID: CVE-2024-43858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the diSync() and diRead() functions in fs/jfs/jfs_imap.c. A local user can perform a denial of service (DoS) attack.
310) Memory leak (CVE-ID: CVE-2024-43861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qmimux_rx_fixup() function in drivers/net/usb/qmi_wwan.c. A local user can perform a denial of service (DoS) attack.
311) NULL pointer dereference (CVE-ID: CVE-2024-45028)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtf_test_write() function in drivers/mmc/core/mmc_test.c. A local user can perform a denial of service (DoS) attack.
312) Improper locking (CVE-ID: CVE-2024-44995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hns3_reset_notify_uninit_enet() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.
313) Buffer overflow (CVE-ID: CVE-2024-44965)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the pti_clone_pgtable() function in arch/x86/mm/pti.c. A local user can perform a denial of service (DoS) attack.
314) Resource management error (CVE-ID: CVE-2024-44968)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tick_broadcast_switch_to_oneshot() and hotplug_cpu__broadcast_tick_pull() functions in kernel/time/tick-broadcast.c. A local user can perform a denial of service (DoS) attack.
315) Memory leak (CVE-ID: CVE-2024-44971)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm_sf2_mdio_register() function in drivers/net/dsa/bcm_sf2.c. A local user can perform a denial of service (DoS) attack.
316) Use-after-free (CVE-ID: CVE-2024-44974)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lookup_subflow_by_daddr(), select_local_address(), select_signal_address(), __lookup_addr() and mptcp_pm_create_subflow_or_signal_addr() functions in net/mptcp/pm_netlink.c. A local user can escalate privileges on the system.
317) Use-after-free (CVE-ID: CVE-2024-44987)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_send_skb() function in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.
318) Out-of-bounds read (CVE-ID: CVE-2024-44988)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mv88e6xxx_g1_atu_prob_irq_thread_fn() function in drivers/net/dsa/mv88e6xxx/global1_atu.c. A local user can perform a denial of service (DoS) attack.
319) NULL pointer dereference (CVE-ID: CVE-2024-44989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bond_ipsec_del_sa_all() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
320) NULL pointer dereference (CVE-ID: CVE-2024-44990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bond_ipsec_offload_ok() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
321) Use-after-free (CVE-ID: CVE-2024-44998)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dequeue_rx() function in drivers/atm/idt77252.c. A local user can escalate privileges on the system.
322) Improper locking (CVE-ID: CVE-2024-44954)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the line6_data_received() function in sound/usb/line6/driver.c. A local user can perform a denial of service (DoS) attack.
323) Use of uninitialized resource (CVE-ID: CVE-2024-44999)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the gtp_dev_xmit() function in drivers/net/gtp.c. A local user can perform a denial of service (DoS) attack.
324) Use-after-free (CVE-ID: CVE-2024-45003)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the inode_lru_list_del(), evict() and inode_lru_isolate() functions in fs/inode.c. A local user can escalate privileges on the system.
325) NULL pointer dereference (CVE-ID: CVE-2024-45006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xhci_configure_endpoint() and xhci_setup_device() functions in drivers/usb/host/xhci.c. A local user can perform a denial of service (DoS) attack.
326) Buffer overflow (CVE-ID: CVE-2024-45008)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the input_mt_init_slots() function in drivers/input/input-mt.c. A local user can perform a denial of service (DoS) attack.
327) Use-after-free (CVE-ID: CVE-2024-45016)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the netem_enqueue() function in net/sched/sch_netem.c. A local user can escalate privileges on the system.
328) Use of uninitialized resource (CVE-ID: CVE-2024-45018)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nf_flow_offload_tuple() function in net/netfilter/nf_flow_table_offload.c. A local user can perform a denial of service (DoS) attack.
329) Improper Initialization (CVE-ID: CVE-2024-45021)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the memcg_write_event_control() function in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.
330) Incorrect calculation (CVE-ID: CVE-2024-45025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the free_fdtable_rcu(), copy_fdtable() and dup_fd() functions in fs/file.c. A local user can perform a denial of service (DoS) attack.
331) NULL pointer dereference (CVE-ID: CVE-2024-44960)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the usb_ep_enable() function in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.
332) Improper locking (CVE-ID: CVE-2024-44952)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the make_driver_name() and module_remove_driver() functions in drivers/base/module.c, within the dev_uevent() and uevent_show() functions in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.
333) Integer underflow (CVE-ID: CVE-2024-43867)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nouveau_gem_prime_import_sg_table() function in drivers/gpu/drm/nouveau/nouveau_prime.c. A local user can execute arbitrary code.
334) Race condition (CVE-ID: CVE-2024-43892)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the MEM_CGROUP_ID_MAX(), mem_cgroup_alloc() and mem_cgroup_css_online() functions in mm/memcontrol.c. A local user can escalate privileges on the system.
335) Memory leak (CVE-ID: CVE-2024-43871)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the EXPORT_SYMBOL_GPL() function in drivers/base/devres.c. A local user can perform a denial of service (DoS) attack.
336) Resource management error (CVE-ID: CVE-2024-43879)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cfg80211_calculate_bitrate_he() function in net/wireless/util.c. A local user can perform a denial of service (DoS) attack.
337) Resource management error (CVE-ID: CVE-2024-43880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the objagg_hints_obj_cmp() and objagg_hints_get() functions in lib/objagg.c, within the mlxsw_sp_acl_erp_delta_check() and mlxsw_sp_acl_erp_root_destroy() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_erp.c. A local user can perform a denial of service (DoS) attack.
338) Improper locking (CVE-ID: CVE-2024-43882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the bprm_fill_uid() function in fs/exec.c. A local user can perform a denial of service (DoS) attack.
339) Input validation error (CVE-ID: CVE-2024-43883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vhci_urb_enqueue(), vhci_shutdown_connection() and vhci_device_reset() functions in drivers/usb/usbip/vhci_hcd.c. A local user can perform a denial of service (DoS) attack.
340) NULL pointer dereference (CVE-ID: CVE-2024-43884)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pair_device() function in net/bluetooth/mgmt.c. A local user can perform a denial of service (DoS) attack.
341) Division by zero (CVE-ID: CVE-2024-43889)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the padata_do_multithreaded() function in kernel/padata.c. A local user can perform a denial of service (DoS) attack.
342) Buffer overflow (CVE-ID: CVE-2024-43890)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the get_free_elt(), tracing_map_clear() and tracing_map_create() functions in kernel/trace/tracing_map.c. A local user can escalate privileges on the system.
343) Improper locking (CVE-ID: CVE-2024-43893)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the uart_set_info() function in drivers/tty/serial/serial_core.c. A local user can perform a denial of service (DoS) attack.
344) Input validation error (CVE-ID: CVE-2024-44948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mtrr_save_state() function in arch/x86/kernel/cpu/mtrr/mtrr.c. A local user can perform a denial of service (DoS) attack.
345) NULL pointer dereference (CVE-ID: CVE-2024-43894)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drm_client_modeset_probe() function in drivers/gpu/drm/drm_client_modeset.c. A local user can perform a denial of service (DoS) attack.
346) NULL pointer dereference (CVE-ID: CVE-2024-43905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vega10_find_dpm_states_clocks_in_dpm_table(), vega10_generate_dpm_level_enable_mask(), vega10_check_states_equal(), vega10_set_sclk_od(), vega10_set_mclk_od(), vega10_odn_update_power_state() and vega10_get_performance_level() functions in drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_hwmgr.c. A local user can perform a denial of service (DoS) attack.
347) NULL pointer dereference (CVE-ID: CVE-2024-43907)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vega10_apply_state_adjust_rules() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_hwmgr.c, within the smu8_apply_state_adjust_rules() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu8_hwmgr.c, within the smu7_apply_state_adjust_rules() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c. A local user can perform a denial of service (DoS) attack.
348) NULL pointer dereference (CVE-ID: CVE-2024-43908)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_ras_interrupt_process_handler() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c. A local user can perform a denial of service (DoS) attack.
349) Input validation error (CVE-ID: CVE-2024-43914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the reshape_request() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.
350) NULL pointer dereference (CVE-ID: CVE-2024-44935)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __sctp_hash_endpoint() and __sctp_unhash_endpoint() functions in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.
351) Type Confusion (CVE-ID: CVE-2024-44944)
The vulnerability allows a local user to gain access to sensitive information.
352) Use-after-free (CVE-ID: CVE-2024-44946)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kcm_sendmsg(), KCM_STATS_ADD(), sk->sk_write_space() and init_kcm_sock() functions in net/kcm/kcmsock.c. A local user can escalate privileges on the system.
353) Memory leak (CVE-ID: CVE-2024-44947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fuse_notify_store() function in fs/fuse/dev.c. A local user can perform a denial of service (DoS) attack.
354) NULL pointer dereference (CVE-ID: CVE-2024-26813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vfio_platform_set_irq_unmask(), vfio_automasked_irq_handler(), vfio_irq_handler(), vfio_set_trigger(), vfio_platform_set_irq_trigger(), vfio_platform_set_irqs_ioctl(), vfio_platform_irq_init() and vfio_platform_irq_cleanup() functions in drivers/vfio/platform/vfio_platform_irq.c. A local user can perform a denial of service (DoS) attack.
355) Improper locking (CVE-ID: CVE-2024-26810)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vfio_send_intx_eventfd(), vfio_pci_intx_mask(), vfio_pci_intx_unmask_handler(), vfio_pci_set_intx_unmask() and vfio_pci_set_intx_mask() functions in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
356) Resource exhaustion (CVE-ID: CVE-2023-4408)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when parsing DNS messages. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
357) Out-of-bounds read (CVE-ID: CVE-2024-38659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the enic_set_vf_port() function in drivers/net/ethernet/cisco/enic/enic_main.c. A local user can perform a denial of service (DoS) attack.
358) Input validation error (CVE-ID: CVE-2024-38618)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the snd_timer_start1() function in sound/core/timer.c. A local user can perform a denial of service (DoS) attack.
359) Use of uninitialized resource (CVE-ID: CVE-2024-38619)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the short_pack() and alauda_check_media() functions in drivers/usb/storage/alauda.c. A local user can perform a denial of service (DoS) attack.
360) Out-of-bounds read (CVE-ID: CVE-2024-38621)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the stk1160_buffer_done() and stk1160_copy_video() functions in drivers/media/usb/stk1160/stk1160-video.c. A local user can perform a denial of service (DoS) attack.
361) Double free (CVE-ID: CVE-2024-38627)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the stm_register_device() function in drivers/hwtracing/stm/core.c. A local user can perform a denial of service (DoS) attack.
362) NULL pointer dereference (CVE-ID: CVE-2024-38633)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the max3100_probe() and max3100_remove() functions in drivers/tty/serial/max3100.c. A local user can perform a denial of service (DoS) attack.
363) Improper locking (CVE-ID: CVE-2024-38634)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the max3100_sr() and max3100_handlerx() functions in drivers/tty/serial/max3100.c. A local user can perform a denial of service (DoS) attack.
364) Out-of-bounds read (CVE-ID: CVE-2024-38635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sdw_cdns_alloc_pdi() function in drivers/soundwire/cadence_master.c. A local user can perform a denial of service (DoS) attack.
365) NULL pointer dereference (CVE-ID: CVE-2024-38637)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __gb_lights_flash_brightness_set() and gb_lights_light_v4l2_register() functions in drivers/staging/greybus/light.c. A local user can perform a denial of service (DoS) attack.
366) Improper locking (CVE-ID: CVE-2024-38661)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hex2bitmap() function in drivers/s390/crypto/ap_bus.c. A local user can perform a denial of service (DoS) attack.
367) Improper locking (CVE-ID: CVE-2024-38613)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the arch/m68k/kernel/entry.S. A local user can perform a denial of service (DoS) attack.
368) Improper locking (CVE-ID: CVE-2024-38662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the may_update_sockmap() and check_map_func_compatibility() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
369) Improper locking (CVE-ID: CVE-2024-38780)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sync_print_obj() function in drivers/dma-buf/sync_debug.c. A local user can perform a denial of service (DoS) attack.
370) Memory leak (CVE-ID: CVE-2024-39276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_xattr_block_cache_find() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
371) Resource management error (CVE-ID: CVE-2024-39292)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the register_winch_irq() function in arch/um/drivers/line.c. A local user can perform a denial of service (DoS) attack.
372) Use of uninitialized resource (CVE-ID: CVE-2024-39301)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the p9_fcall_init() function in net/9p/client.c. A local user can perform a denial of service (DoS) attack.
373) Out-of-bounds read (CVE-ID: CVE-2024-39467)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sanity_check_inode() function in fs/f2fs/inode.c. A local user can perform a denial of service (DoS) attack.
374) Improper locking (CVE-ID: CVE-2024-39468)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smb2_find_smb_tcon() function in fs/smb/client/smb2transport.c. A local user can perform a denial of service (DoS) attack.
375) Improper error handling (CVE-ID: CVE-2024-39469)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nilfs_empty_dir() function in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
376) Input validation error (CVE-ID: CVE-2024-38615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __cpufreq_offline() and cpufreq_remove_dev() functions in drivers/cpufreq/cpufreq.c. A local user can perform a denial of service (DoS) attack.
377) Use-after-free (CVE-ID: CVE-2024-38612)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the IS_ENABLED() function in net/ipv6/seg6.c. A local user can escalate privileges on the system.
378) Division by zero (CVE-ID: CVE-2024-39475)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the savagefb_probe() function in drivers/video/fbdev/savage/savagefb_driver.c. A local user can perform a denial of service (DoS) attack.
379) Buffer overflow (CVE-ID: CVE-2024-38586)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rtl8169_doorbell() and rtl8169_start_xmit() functions in drivers/net/ethernet/realtek/r8169_main.c. A local user can perform a denial of service (DoS) attack.
380) Out-of-bounds read (CVE-ID: CVE-2024-38559)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qedf_dbg_debug_cmd_write() function in drivers/scsi/qedf/qedf_debugfs.c. A local user can perform a denial of service (DoS) attack.
381) Out-of-bounds read (CVE-ID: CVE-2024-38560)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bfad_debugfs_write_regrd() and bfad_debugfs_write_regwr() functions in drivers/scsi/bfa/bfad_debugfs.c. A local user can perform a denial of service (DoS) attack.
382) Resource management error (CVE-ID: CVE-2024-38565)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ar5523_probe() function in drivers/net/wireless/ath/ar5523/ar5523.c. A local user can perform a denial of service (DoS) attack.
383) Input validation error (CVE-ID: CVE-2024-38567)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the carl9170_usb_probe() function in drivers/net/wireless/ath/carl9170/usb.c. A local user can perform a denial of service (DoS) attack.
384) Out-of-bounds read (CVE-ID: CVE-2024-38578)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the write_tag_66_packet() function in fs/ecryptfs/keystore.c. A local user can perform a denial of service (DoS) attack.
385) Buffer overflow (CVE-ID: CVE-2024-38579)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the spu2_dump_omd() function in drivers/crypto/bcm/spu2.c. A local user can perform a denial of service (DoS) attack.
386) Improper locking (CVE-ID: CVE-2024-38582)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_segctor_sync(), nilfs_segctor_wakeup(), nilfs_segctor_notify() and nilfs_segctor_destroy() functions in fs/nilfs2/segment.c. A local user can perform a denial of service (DoS) attack.
387) Use-after-free (CVE-ID: CVE-2024-38583)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_segctor_start_timer(), nilfs_construct_dsync_segment(), nilfs_segctor_notify(), nilfs_segctor_thread(), nilfs_segctor_new() and nilfs_segctor_destroy() functions in fs/nilfs2/segment.c. A local user can escalate privileges on the system.
388) Out-of-bounds read (CVE-ID: CVE-2024-38587)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_word() function in drivers/staging/speakup/main.c. A local user can perform a denial of service (DoS) attack.
389) Resource management error (CVE-ID: CVE-2024-38607)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the macii_probe() function in drivers/macintosh/via-macii.c. A local user can perform a denial of service (DoS) attack.
390) Improper locking (CVE-ID: CVE-2024-38589)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nr_add_node() and nr_del_node() functions in net/netrom/nr_route.c. A local user can perform a denial of service (DoS) attack.
391) Resource management error (CVE-ID: CVE-2024-38590)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the get_cqe_status() function in drivers/infiniband/hw/hns/hns_roce_hw_v2.c. A local user can perform a denial of service (DoS) attack.
392) Race condition within a thread (CVE-ID: CVE-2024-38596)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the unix_stream_sendmsg() function in net/unix/af_unix.c. A local user can manipulate data.
393) Improper locking (CVE-ID: CVE-2024-38597)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gem_interrupt() and gem_init_one() functions in drivers/net/ethernet/sun/sungem.c. A local user can perform a denial of service (DoS) attack.
394) Out-of-bounds read (CVE-ID: CVE-2024-38598)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __acquires() function in drivers/md/md-bitmap.c. A local user can perform a denial of service (DoS) attack.
395) Out-of-bounds read (CVE-ID: CVE-2024-38599)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_jffs2_setxattr() function in fs/jffs2/xattr.c. A local user can perform a denial of service (DoS) attack.
396) Infinite loop (CVE-ID: CVE-2024-38601)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the rb_check_list() and ring_buffer_resize() functions in kernel/trace/ring_buffer.c. A local user can perform a denial of service (DoS) attack.
397) NULL pointer dereference (CVE-ID: CVE-2024-38605)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_card_new() function in sound/core/init.c. A local user can perform a denial of service (DoS) attack.
398) Out-of-bounds read (CVE-ID: CVE-2024-39471)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sdma_v4_0_process_trap_irq() function in drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c. A local user can perform a denial of service (DoS) attack.
399) Improper locking (CVE-ID: CVE-2024-39476)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the raid5d() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.
400) Use-after-free (CVE-ID: CVE-2024-38555)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cmd_comp_notifier() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can escalate privileges on the system.
401) Input validation error (CVE-ID: CVE-2024-40963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the bcm6358_quirks() function in arch/mips/bmips/setup.c. A local user can perform a denial of service (DoS) attack.
402) Buffer overflow (CVE-ID: CVE-2024-40941)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the iwl_mvm_mfu_assert_dump_notif() function in drivers/net/wireless/intel/iwlwifi/mvm/fw.c. A local user can perform a denial of service (DoS) attack.
403) Memory leak (CVE-ID: CVE-2024-40942)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mesh_path_discard_frame() function in net/mac80211/mesh_pathtbl.c. A local user can perform a denial of service (DoS) attack.
404) Improper locking (CVE-ID: CVE-2024-40943)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __ocfs2_change_file_space() function in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.
405) NULL pointer dereference (CVE-ID: CVE-2024-40945)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/iommu.h. A local user can perform a denial of service (DoS) attack.
406) Use-after-free (CVE-ID: CVE-2024-40958)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL() function in net/core/net_namespace.c. A local user can escalate privileges on the system.
407) NULL pointer dereference (CVE-ID: CVE-2024-40959)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xfrm6_get_saddr() function in net/ipv6/xfrm6_policy.c. A local user can perform a denial of service (DoS) attack.
408) NULL pointer dereference (CVE-ID: CVE-2024-40960)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt6_probe() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
409) NULL pointer dereference (CVE-ID: CVE-2024-40961)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fib6_nh_init() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
410) Input validation error (CVE-ID: CVE-2024-40968)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __cvmx_pcie_build_config_addr() function in arch/mips/pci/pcie-octeon.c. A local user can perform a denial of service (DoS) attack.
411) Memory leak (CVE-ID: CVE-2024-40932)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vidi_get_modes() function in drivers/gpu/drm/exynos/exynos_drm_vidi.c. A local user can perform a denial of service (DoS) attack.
412) Input validation error (CVE-ID: CVE-2024-40971)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the default_options() function in fs/f2fs/super.c. A local user can perform a denial of service (DoS) attack.
413) Buffer overflow (CVE-ID: CVE-2024-40974)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the arch/powerpc/include/asm/hvcall.h. A local user can perform a denial of service (DoS) attack.
414) Race condition (CVE-ID: CVE-2024-40976)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the lima_sched_timedout_job() function in drivers/gpu/drm/lima/lima_sched.c. A local user can escalate privileges on the system.
415) Resource management error (CVE-ID: CVE-2024-40978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qedi_dbg_do_not_recover_cmd_read() function in drivers/scsi/qedi/qedi_debugfs.c. A local user can perform a denial of service (DoS) attack.
416) Improper locking (CVE-ID: CVE-2024-40980)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reset_per_cpu_data(), trace_drop_common(), net_dm_hw_reset_per_cpu_data(), net_dm_hw_summary_probe() and __net_dm_cpu_data_init() functions in net/core/drop_monitor.c. A local user can perform a denial of service (DoS) attack.
417) Improper locking (CVE-ID: CVE-2024-40981)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the batadv_purge_orig_ref() function in net/batman-adv/originator.c. A local user can perform a denial of service (DoS) attack.
418) Resource management error (CVE-ID: CVE-2024-40983)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tipc_rcv() function in net/tipc/node.c. A local user can perform a denial of service (DoS) attack.
419) NULL pointer dereference (CVE-ID: CVE-2024-40984)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the acpi_ex_system_memory_space_handler() function in drivers/acpi/acpica/exregion.c. A local user can perform a denial of service (DoS) attack.
420) Memory leak (CVE-ID: CVE-2024-40934)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the logi_dj_recv_switch_to_dj_mode() function in drivers/hid/hid-logitech-dj.c. A local user can perform a denial of service (DoS) attack.
421) Use of uninitialized resource (CVE-ID: CVE-2024-40931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
422) Buffer overflow (CVE-ID: CVE-2024-39480)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kdb_printf() function in kernel/debug/kdb/kdb_io.c. A local user can escalate privileges on the system.
423) NULL pointer dereference (CVE-ID: CVE-2024-39502)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ionic_qcq_enable() function in drivers/net/ethernet/pensando/ionic/ionic_lif.c. A local user can perform a denial of service (DoS) attack.
424) Out-of-bounds read (CVE-ID: CVE-2024-39482)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bch_dirty_init_thread() and bch_sectors_dirty_init() functions in drivers/md/bcache/writeback.c, within the bch_root_usage() function in drivers/md/bcache/sysfs.c, within the bch_cache_set_alloc() function in drivers/md/bcache/super.c, within the btree_gc_mark_node(), btree_gc_rewrite_node(), btree_gc_recurse(), bch_btree_check_recurse(), bch_btree_check_thread(), bch_btree_check(), bch_btree_map_nodes_recurse() and bch_btree_map_keys_recurse() functions in drivers/md/bcache/btree.c, within the bch_dump_bucket(), __bch_check_keys(), bch_btree_insert_key(), bch_btree_iter_push(), bch_btree_sort_partial() and bch_btree_sort_into() functions in drivers/md/bcache/bset.c. A local user can perform a denial of service (DoS) attack.
425) Memory leak (CVE-ID: CVE-2024-39484)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the davinci_mmcsd_remove() and __exit_p() functions in drivers/mmc/host/davinci_mmc.c. A local user can perform a denial of service (DoS) attack.
426) Improper error handling (CVE-ID: CVE-2024-39488)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/arm64/include/asm/asm-bug.h. A local user can perform a denial of service (DoS) attack.
427) Memory leak (CVE-ID: CVE-2024-39489)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the seg6_hmac_init_algo() and seg6_hmac_net_init() functions in net/ipv6/seg6_hmac.c. A local user can perform a denial of service (DoS) attack.
428) Memory leak (CVE-ID: CVE-2024-39493)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the adf_device_reset_worker() and adf_dev_aer_schedule_reset() functions in drivers/crypto/qat/qat_common/adf_aer.c. A local user can perform a denial of service (DoS) attack.
429) Use-after-free (CVE-ID: CVE-2024-39495)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gb_interface_release() function in drivers/greybus/interface.c. A local user can escalate privileges on the system.
430) Memory leak (CVE-ID: CVE-2024-39499)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the event_deliver() function in drivers/misc/vmw_vmci/vmci_event.c. A local user can perform a denial of service (DoS) attack.
431) Improper locking (CVE-ID: CVE-2024-39501)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the uevent_show() function in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.
432) Use-after-free (CVE-ID: CVE-2024-39503)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the list_set_kadd(), list_set_kdel(), list_set_utest(), list_set_uadd(), list_set_udel() and list_set_destroy() functions in net/netfilter/ipset/ip_set_list_set.c, within the call_rcu(), ip_set_destroy() and ip_set_net_init() functions in net/netfilter/ipset/ip_set_core.c. A local user can escalate privileges on the system.
433) Out-of-bounds read (CVE-ID: CVE-2024-40929)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iwl_mvm_scan_umac_dwell() and iwl_mvm_scan_umac_dwell_v10() functions in drivers/net/wireless/intel/iwlwifi/mvm/scan.c. A local user can perform a denial of service (DoS) attack.
434) NULL pointer dereference (CVE-ID: CVE-2024-39505)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the komeda_component_get_avail_scaler() function in drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c. A local user can perform a denial of service (DoS) attack.
435) NULL pointer dereference (CVE-ID: CVE-2024-39506)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lio_vf_rep_copy_packet() function in drivers/net/ethernet/cavium/liquidio/lio_vf_rep.c. A local user can perform a denial of service (DoS) attack.
436) Resource management error (CVE-ID: CVE-2024-39509)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the implement() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.
437) Out-of-bounds read (CVE-ID: CVE-2024-40901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mpt3sas_base_attach() and _base_check_ioc_facts_changes() functions in drivers/scsi/mpt3sas/mpt3sas_base.c. A local user can perform a denial of service (DoS) attack.
438) Buffer overflow (CVE-ID: CVE-2024-40902)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ea_get() function in fs/jfs/xattr.c. A local user can escalate privileges on the system.
439) Improper locking (CVE-ID: CVE-2024-40904)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the wdm_int_callback() function in drivers/usb/class/cdc-wdm.c. A local user can perform a denial of service (DoS) attack.
440) NULL pointer dereference (CVE-ID: CVE-2024-40905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt6_get_pcpu_route() function in net/ipv6/route.c, within the __fib6_drop_pcpu_from() function in net/ipv6/ip6_fib.c. A local user can perform a denial of service (DoS) attack.
441) Improper locking (CVE-ID: CVE-2024-40912)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ieee80211_sta_ps_deliver_wakeup() function in net/mac80211/sta_info.c. A local user can perform a denial of service (DoS) attack.
442) Improper locking (CVE-ID: CVE-2024-40916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hdmi_get_modes() function in drivers/gpu/drm/exynos/exynos_hdmi.c. A local user can perform a denial of service (DoS) attack.
443) Input validation error (CVE-ID: CVE-2024-38558)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when parsing ICMPv6 packets within the parse_icmpv6() function in net/openvswitch/flow.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
444) Out-of-bounds read (CVE-ID: CVE-2024-38552)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm_helper_translate_curve_to_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c. A local user can perform a denial of service (DoS) attack.
445) Resource management error (CVE-ID: CVE-2024-40988)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sumo_construct_vid_mapping_table() function in drivers/gpu/drm/radeon/sumo_dpm.c. A local user can perform a denial of service (DoS) attack.
446) Resource exhaustion (CVE-ID: CVE-2023-32665)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
447) Out-of-bounds read (CVE-ID: CVE-2023-42119)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in dnsdb implementation. A remote attacker can send specially crafted data to the server, trigger an out-of-bounds read error and read contents of memory on the system.
448) Input validation error (CVE-ID: CVE-2024-39929)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of RFC 2231 header filename. A remote attacker can bypass a $mime_filename extension-blocking protection mechanism and deliver malicious executable files to the mailboxes.
449) Resource exhaustion (CVE-ID: CVE-2023-52425)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when parsing large tokens. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
450) Buffer Underwrite ('Buffer Underflow') (CVE-ID: CVE-2024-45490)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a boundary error in xmlparse.c when handling negative length for XML_ParseBuffer. A remote attacker can pass specially crafted input to the application, trigger buffer underflow and execute arbitrary code on the system.
451) Integer overflow (CVE-ID: CVE-2024-45491)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow within the dtdCopy() function in xmlparse.c. A remote attacker can pass specially crafted input to the application, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
452) Integer overflow (CVE-ID: CVE-2024-45492)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow within the nextScaffoldPart() function in xmlparse.c. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
453) Input validation error (CVE-ID: CVE-2023-29499)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
454) Resource exhaustion (CVE-ID: CVE-2023-32611)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources within the g_variant_byteswap() function. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
455) Insufficient verification of data authenticity (CVE-ID: CVE-2024-34397)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to missing authorization for D-Bus signals. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service.
456) Use-after-free (CVE-ID: CVE-2022-3559)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in the regex handler. A remote attacker can send specially crafted data to the mail server, trigger a use-after-free error and perform a denial of service (DoS) attack.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
457) Buffer overflow (CVE-ID: CVE-2024-2961)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the iconv() function when converting string to the ISO-2022-CN-EXT character set. A remote attacker can pass specially crafted input to the application, trigger a 4 byte buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
458) Stack-based buffer overflow (CVE-ID: CVE-2024-33599)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in nscd binary. A remote unauthenticated attacker can exhaust the nscd fixed size cache to trigger a stack-based buffer overflow and execute arbitrary code on the target system.
459) NULL pointer dereference (CVE-ID: CVE-2024-33600)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error when nscd cache fails to add a not-found netgroup response to the cache. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
460) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2024-33601)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The
vulnerability exists due to the Name Service Cache Daemon (nscd) can terminate the service during its startup. A local use can perform a denial of service (DoS) attack.
461) Buffer overflow (CVE-ID: CVE-2024-33602)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to netgroup cache assumes NSS callback is using in-buffer strings in nscd binary. A remote attacker can trigger memory corruption and perform a denial of service (DoS) attack.
462) Information Exposure Through Timing Discrepancy (CVE-ID: CVE-2023-5981)
The vulnerability allows a remote attacker to perform timing attack.
The vulnerability exists due to the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. A remote attacker can perform timing sidechannel attack in RSA-PSK key exchange.
463) Information Exposure Through Timing Discrepancy (CVE-ID: CVE-2024-0553)
The vulnerability allows a remote attacker to perform timing attack.
The vulnerability exists due to the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. A remote attacker can perform timing sidechannel attack in RSA-PSK key exchange.
Note, the vulnerability exists due to incomplete fox for #VU83316 (CVE-2023-5981).
464) Reachable Assertion (CVE-ID: CVE-2024-0567)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion when verifying a certificate chain with a cycle of cross signatures. A remote attacker can pass a specially crafted certificate to the application and perform a denial of service (DoS) attack.
465) Buffer overflow (CVE-ID: CVE-2023-42117)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the smtp service. A remote attacker can send specially crafted data to the server, trigger memory corruption and execute arbitrary code on the target system.
466) Man-in-the-Middle (MitM) attack (CVE-ID: CVE-2021-38371)
The vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to the way Exim handles concurrent STARTTLS sessions when sending out emails. A malicious server can send a response to the *next* command within the existing STARTTLS sessions and force the Exim to treat this session as trusted.
467) Input validation error (CVE-ID: CVE-2024-28835)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when parsing the cert_list_size parameter in the gnutls_x509_trust_list_verify_crt2() function in certtool. A remote attacker can pass specially crafted PEM encoded certificate chain that contains more than 16 certificates to the certtool and crash it.
468) Reachable assertion (CVE-ID: CVE-2024-4076)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion when serving both stale cache data and authoritative zone content. A remote attacker can send specially crafted queries to the DNS server to trigger an assertion failure and perform a denial of service (DoS) attack.
469) Resource exhaustion (CVE-ID: CVE-2023-50387)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when processing DNSSEC related records. A remote attacker can trigger resource exhaustion by forcing the DNS server to query a specially crafted DNSSEC zone and perform a denial of service (DoS) attack.
470) Resource exhaustion (CVE-ID: CVE-2023-50868)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when processing DNSSEC related records. A remote attacker can trigger resource exhaustion by forcing the DNS server to query a specially crafted DNSSEC zone and perform a denial of service (DoS) attack.
471) Reachable Assertion (CVE-ID: CVE-2023-5517)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion when querying RFC 1918 reverse zones. A remote attacker can send a specially crafted DNS query and perform a denial of service attack.
472) Reachable Assertion (CVE-ID: CVE-2023-5679)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion caused by a bad interaction between DNS64 and serve-stale. A remote attacker can query a DNS64-enabled resolver for domain names triggering serve-stale.
473) Resource exhaustion (CVE-ID: CVE-2023-6516)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when processing specific recursive patterns. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack against the DNS resolver.
474) Resource exhaustion (CVE-ID: CVE-2024-0760)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion by sending a flood of DNS messages over TCP and perform a denial of service (DoS) attack.
475) Resource management error (CVE-ID: CVE-2024-1737)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the application when handling a very large number of RRs. Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.
476) Resource exhaustion (CVE-ID: CVE-2024-1975)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.
477) Incorrect authorization (CVE-ID: CVE-2021-3658)
The vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to bluetoothd incorrectly saves the adapters' discoverable status
when a device is powered down, and restores it when powered up. An attacker with physical proximity to device can gain access to sensitive information.
478) Out-of-bounds write (CVE-ID: CVE-2022-1304)
The vulnerability allows a local attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A local attacker can use a specially crafted filesystem, trigger out-of-bounds write and execute arbitrary code on the target system.
479) Memory leak (CVE-ID: CVE-2021-41229)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak in sdp_cstate_alloc_buf() function. A remote attacker can send specially crafted packets to the device and perform denial of service attack.
480) Use-after-free (CVE-ID: CVE-2021-43400)
The vulnerability allows an attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in gatt-database.c on a gatt server if a client disconnects while a WriteValue call is being processed with D-Bus. An attacker with physical proximity to the system can trigger a use-after-free error and potentially execute arbitrary code.
481) Heap-based buffer overflow (CVE-ID: CVE-2022-0204)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A remote attacker on the local network can pass specially crafted files to the affected system, trigger a heap-based buffer overflow and perform a denial of service (DoS) attack.
482) Information exposure through externally-generated error message (CVE-ID: CVE-2022-39176)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application while handling error conditions within profiles/audio/avrcp.c. A remote attacker on the local network can obtain sensitive information on the system.
483) Input validation error (CVE-ID: CVE-2022-39177)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to insufficient validation of user-supplied input when handling the A2DP profile in profiles/audio/avdtp.c. A remote attacker can pass specially crafted data to the system and execute arbitrary code.
484) Buffer overflow (CVE-ID: CVE-2023-27349)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the handling of the AVRCP protocol. A remote attacker with physical proximity to device can send specially crafted Bluetooth packets to the affected system, trigger memory corruption and execute arbitrary code on the system.
485) Heap-based buffer overflow (CVE-ID: CVE-2023-50229)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the handling of the Phone Book Access profile. A remote attacker on the local network can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
486) Heap-based buffer overflow (CVE-ID: CVE-2023-50230)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the handling of the Phone Book Access profile. A remote attacker on the local network can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
487) Missing Release of Resource after Effective Lifetime (CVE-ID: CVE-2024-2398)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when sending HTTP/2 server push responses with an overly large number of headers. A remote attacker can send PUSH_PROMISE frames with an excessive amount of headers to the application, trigger memory leak and perform a denial of service (DoS) attack.
488) Cryptographic issues (CVE-ID: CVE-2024-28834)
The vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to a side-channel attack when using the gnutls_privkey_sign_data2 API function with the "GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE" flag. A remote attacker can launch Minerva attack and gain access to sensitive information.
489) Input validation error (CVE-ID: CVE-2024-37370)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.
490) Resource management error (CVE-ID: CVE-2024-38549)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mtk_drm_gem_init() function in drivers/gpu/drm/mediatek/mtk_drm_gem.c. A local user can perform a denial of service (DoS) attack.
491) Improper locking (CVE-ID: CVE-2024-36894)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ffs_user_copy_worker() and ffs_epfile_async_io_complete() functions in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.
492) NULL pointer dereference (CVE-ID: CVE-2024-35247)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fpga_region_get(), fpga_region_put(), ATTRIBUTE_GROUPS(), fpga_region_register_full(), ERR_PTR() and EXPORT_SYMBOL_GPL() functions in drivers/fpga/fpga-region.c, within the fpga_region_register_full() function in Documentation/driver-api/fpga/fpga-region.rst. A local user can perform a denial of service (DoS) attack.
493) NULL pointer dereference (CVE-ID: CVE-2024-36014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the malidp_mw_connector_reset() function in drivers/gpu/drm/arm/malidp_mw.c. A local user can perform a denial of service (DoS) attack.
494) Unchecked Return Value (CVE-ID: CVE-2024-36015)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an unchecked return value within the register_device() function in drivers/char/ppdev.c. A local user can perform a denial of service (DoS) attack.
495) Out-of-bounds write (CVE-ID: CVE-2024-36016)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the gsm0_receive() function in drivers/tty/n_gsm.c. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
496) NULL pointer dereference (CVE-ID: CVE-2024-36270)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nf_tproxy_laddr4() function in net/ipv4/netfilter/nf_tproxy_ipv4.c. A local user can perform a denial of service (DoS) attack.
497) Improper locking (CVE-ID: CVE-2024-36286)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the instance_destroy_rcu() function in net/netfilter/nfnetlink_queue.c. A local user can perform a denial of service (DoS) attack.
498) Infinite loop (CVE-ID: CVE-2024-36288)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the gss_read_proxy_verf() function in net/sunrpc/auth_gss/svcauth_gss.c. A local user can perform a denial of service (DoS) attack.
499) NULL pointer dereference (CVE-ID: CVE-2024-36489)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tls_ctx_create() function in net/tls/tls_main.c. A local user can perform a denial of service (DoS) attack.
500) Use-after-free (CVE-ID: CVE-2024-36971)
The vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to a use-after-free error within the xfrm_link_failure() function in net/xfrm/xfrm_policy.c, within the dst_entry ip6_dst_check() and ip6_dst_check() functions in net/ipv6/route.c, within the dst_entry ipv4_dst_check() and ip_do_redirect() functions in net/ipv4/route.c. A remote attacker can send specially crafted packets to the system and execute arbitrary code.
Note, the vulnerability is being actively exploited in the wild.
501) Reachable assertion (CVE-ID: CVE-2024-33847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the f2fs_setattr() function in fs/f2fs/file.c. A local user can perform a denial of service (DoS) attack.
502) Input validation error (CVE-ID: CVE-2024-36974)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the taprio_parse_mqprio_opt() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
503) Out-of-bounds read (CVE-ID: CVE-2024-36978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the multiq_tune() function in net/sched/sch_multiq.c. A local user can perform a denial of service (DoS) attack.
504) Improper locking (CVE-ID: CVE-2024-37078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_segctor_prepare_write() function in fs/nilfs2/segment.c. A local user can perform a denial of service (DoS) attack.
505) Out-of-bounds read (CVE-ID: CVE-2024-37356)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the net/ipv4/tcp_dctcp.c. A local user can perform a denial of service (DoS) attack.
506) Use of uninitialized resource (CVE-ID: CVE-2024-38381)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nci_core_ntf_packet() and nci_rx_work() functions in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.
507) NULL pointer dereference (CVE-ID: CVE-2024-38546)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vc4_hdmi_audio_init() function in drivers/gpu/drm/vc4/vc4_hdmi.c. A local user can perform a denial of service (DoS) attack.
508) NULL pointer dereference (CVE-ID: CVE-2024-38547)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the load_video_binaries() function in drivers/staging/media/atomisp/pci/sh_css.c. A local user can perform a denial of service (DoS) attack.
509) NULL pointer dereference (CVE-ID: CVE-2024-38548)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cdns_mhdp_atomic_enable() function in drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c. A local user can perform a denial of service (DoS) attack.
510) Improper locking (CVE-ID: CVE-2024-34027)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the f2fs_release_compress_blocks() and f2fs_reserve_compress_blocks() functions in fs/f2fs/file.c. A local user can perform a denial of service (DoS) attack.
511) Resource management error (CVE-ID: CVE-2024-33621)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ipvlan_process_v4_outbound() and ipvlan_process_v6_outbound() functions in drivers/net/ipvlan/ipvlan_core.c. A local user can perform a denial of service (DoS) attack.
512) Out-of-bounds read (CVE-ID: CVE-2024-37371)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling GSS message token. A remote attacker can send specially crafted token to the application, trigger an out-of-bounds read error and read contents of memory on the system.
513) Out-of-bounds write (CVE-ID: CVE-2023-49468)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the read_coding_unit() function in slice.cc. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
514) OS Command Injection (CVE-ID: CVE-2022-48624)
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation within the close_altfile() function in filename.c. A remote attacker can trick the victim into using a specially crafted argument for the less command and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
515) OS Command Injection (CVE-ID: CVE-2024-32487)
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation when handling newline characters in the filename in filename.c. A remote attacker can trick the victim to pass a specially crafted filename to the affected command and execute arbitrary OS commands on the system.
516) NULL pointer dereference (CVE-ID: CVE-2023-27102)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the decoder_context::process_slice_segment_header() function in decctx.cc. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
517) Heap-based buffer overflow (CVE-ID: CVE-2023-27103)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the derive_collocated_motion_vectors() function in motion.cc. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
518) Buffer overflow (CVE-ID: CVE-2023-43887)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the pic_parameter_set::dump() function. A remote attacker can pass specially crafted data to the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
519) Buffer overflow (CVE-ID: CVE-2023-47471)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the slice_segment_header() function in the slice.cc. A remote attacker can pass specially crafted input to the application, trigger memory corruption and perform a denial of service (DoS) attack.
520) Heap-based buffer overflow (CVE-ID: CVE-2023-49465)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the derive_spatial_luma_vector_prediction() function in motion.cc. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
521) Heap-based buffer overflow (CVE-ID: CVE-2023-49467)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the derive_combined_bipredictive_merging_candidates() function in motion.cc. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
522) Buffer overflow (CVE-ID: CVE-2024-5564)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in NetworkManager. A local user can send a malformed IPv6 router advertisement packet to trigger memory corruption and perform a denial of service (DoS) attack.
523) Memory leak (CVE-ID: CVE-2024-31076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the migrate_one_irq() function in kernel/irq/cpuhotplug.c, within the __send_cleanup_vector(), irq_complete_move() and irq_force_complete_move() functions in arch/x86/kernel/apic/vector.c. A local user can perform a denial of service (DoS) attack.
524) Out-of-bounds write (CVE-ID: CVE-2020-22218)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to usage of an uninitialized value within the _libssh2_transport_read() function in transport.c. A remote attacker can pass specially crafted input to the application, trigger memory corruption and perform a denial of service (DoS) attack.
525) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2024-24806)
The disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input when handling hostnames longer than 256 characters within the uv_getaddrinfo() function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c. A remote attacker can pass a specially crafted hostname to the application, which can be resolved to an attacker controlled IP address and initiate unauthorized requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
526) Cross-site scripting (CVE-ID: CVE-2016-3709)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
527) NULL pointer dereference (CVE-ID: CVE-2022-2309)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the iterwalk() function. A remote attacker can pass specially crafted XML data to the application and perform a denial of service (DoS) attack.
528) Buffer overflow (CVE-ID: CVE-2022-43945)
The vulnerability allows a remote attacker to perform a denial of service attacl.
The vulnerability exists due to a boundary error within the Linux kernel NFSD implementation. A remote attacker can send the RPC message over TCP with garbage data added at the end of the message, trigger memory corruption and perform a denial of service (DoS) attack.
529) NULL pointer dereference (CVE-ID: CVE-2022-48772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lgdt3306a_probe() function in drivers/media/dvb-frontends/lgdt3306a.c. A local user can perform a denial of service (DoS) attack.
530) Resource management error (CVE-ID: CVE-2024-25741)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the printer_write() in drivers/usb/gadget/function/f_printer.c. A local user can perform a denial of service (DoS) attack.
531) Improper locking (CVE-ID: CVE-2024-26629)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the check_for_locks() and nfsd4_release_lockowner() functions in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.
532) Race condition within a thread (CVE-ID: CVE-2024-27019)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a data race within the __nft_obj_type_get() and nft_obj_type_get() functions in net/netfilter/nf_tables_api.c. A local user can gain access to sensitive information.
533) Resource management error (CVE-ID: CVE-2024-40987)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sumo_construct_vid_mapping_table() function in drivers/gpu/drm/amd/amdgpu/kv_dpm.c. A local user can perform a denial of service (DoS) attack.
534) Input validation error (CVE-ID: CVE-2024-40990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5_ib_create_srq() function in drivers/infiniband/hw/mlx5/srq.c. A local user can perform a denial of service (DoS) attack.
535) Improper resource shutdown or release (CVE-ID: CVE-2024-26809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the nft_pipapo_destroy() function in net/netfilter/nft_set_pipapo.c. A local user can perform a denial of service (DoS) attack.
536) Out-of-bounds read (CVE-ID: CVE-2024-26665)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iptunnel_pmtud_build_icmpv6() function in net/ipv4/ip_tunnel_core.c. A local user can perform a denial of service (DoS) attack.
537) Race condition (CVE-ID: CVE-2024-26643)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nf_tables_unbind_set() function in net/netfilter/nf_tables_api.c. A local user can exploit the race and escalate privileges on the system.
538) Improper locking (CVE-ID: CVE-2024-26644)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the create_snapshot() function in fs/btrfs/ioctl.c. A local user can perform a denial of service (DoS) attack.
539) Incorrect calculation (CVE-ID: CVE-2024-26645)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the __tracing_map_insert() function in kernel/trace/tracing_map.c. A local user can perform a denial of service (DoS) attack.
540) Unchecked Return Value (CVE-ID: CVE-2024-26651)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a missing check of the return value from the usbnet_get_endpoints() function in drivers/net/usb/sr9800.c. A local user can crash the kernel.
541) Race condition (CVE-ID: CVE-2024-26654)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in sound/sh/aica.c. A local user can exploit the race and escalate privileges on the system.
542) Buffer overflow (CVE-ID: CVE-2024-26659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the process_isoc_td() function in drivers/usb/host/xhci-ring.c. A local user can perform a denial of service (DoS) attack.
543) NULL pointer dereference (CVE-ID: CVE-2024-26663)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tipc_nl_bearer_add() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.
544) Out-of-bounds read (CVE-ID: CVE-2024-26664)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the create_core_data() function in drivers/hwmon/coretemp.c. A local user can perform a denial of service (DoS) attack.
545) Buffer overflow (CVE-ID: CVE-2024-26671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_mq_mark_tag_wait() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
546) Access of Uninitialized Pointer (CVE-ID: CVE-2024-26641)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to access to uninitialized data within the __ip6_tnl_rcv() function in net/ipv6/ip6_tunnel.c. A remote attacker can send specially crafted data to the system and perform a denial of service (DoS) attack.
547) Input validation error (CVE-ID: CVE-2024-26673)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the nft_ct_expect_obj_init() function in net/netfilter/nft_ct.c. A local user can perform a denial of service (DoS) attack.
548) Input validation error (CVE-ID: CVE-2024-26675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ppp_async_ioctl() function in drivers/net/ppp/ppp_async.c. A local user can perform a denial of service (DoS) attack.
549) Improper locking (CVE-ID: CVE-2024-26679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the EXPORT_SYMBOL() function in net/ipv4/af_inet.c. A local user can perform a denial of service (DoS) attack.
550) Improper error handling (CVE-ID: CVE-2024-26684)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dwxgmac3_handle_dma_err(), dwxgmac3_safety_feat_config(), dwxgmac3_safety_feat_irq_status() and dwxgmac3_safety_feat_dump() functions in drivers/net/ethernet/stmicro/stmmac/dwxgmac2_core.c. A local user can perform a denial of service (DoS) attack.
551) Race condition (CVE-ID: CVE-2024-26685)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nilfs_segctor_prepare_write(), nilfs_abort_logs() and nilfs_segctor_complete_write() functions in fs/nilfs2/segment.c. A local user can escalate privileges on the system.
552) Improper locking (CVE-ID: CVE-2024-26687)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the shutdown_pirq() and __unbind_from_irq() functions in drivers/xen/events/events_base.c. A local user can perform a denial of service (DoS) attack.
553) NULL pointer dereference (CVE-ID: CVE-2024-26688)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hugetlbfs_parse_param() function in fs/hugetlbfs/inode.c. A local user can perform a denial of service (DoS) attack.
554) Use-after-free (CVE-ID: CVE-2024-26689)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __prep_cap() and __send_cap() functions in fs/ceph/caps.c. A local user can escalate privileges on the system.
555) Improper access control (CVE-ID: CVE-2024-26642)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c. A local user can set arbitrary timeouts, which can result in a denial of service condition.
556) Resource management error (CVE-ID: CVE-2024-26640)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the skb_advance_to_frag() function in net/ipv4/tcp.c. A remote attacker can send specially crafted data to the system and perform a denial of service (DoS) attack.
557) Improper locking (CVE-ID: CVE-2024-26696)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_page_mkwrite() function in fs/nilfs2/file.c. A local user can perform a denial of service (DoS) attack.
558) Improper locking (CVE-ID: CVE-2024-26601)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_generate_buddy() and mb_free_blocks() functions in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
559) Reachable Assertion (CVE-ID: CVE-2024-23850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion within the btrfs_get_root_ref() function in fs/btrfs/disk-io.c. A local user can perform a denial of service (DoS) attack.
560) Out-of-bounds read (CVE-ID: CVE-2024-23851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the copy_params() function in drivers/md/dm-ioctl.c. A remote attacker can trigger an out-of-bounds read and perform a denial of service (DoS) attack.
561) Race condition (CVE-ID: CVE-2024-24857)
The vulnerability allows a remote non-authenticated attacker to damange or delete data.
A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.
562) Race condition (CVE-ID: CVE-2024-24858)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.
563) Race condition (CVE-ID: CVE-2024-24861)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the xc4000 xc4000_get_frequency() function in the media/xc4000 device driver. A local user can exploit the race and escalate privileges on the system.
564) Input validation error (CVE-ID: CVE-2024-26581)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in net/netfilter/nft_set_rbtree.c. A locla user can perform a denial of service (DoS) attack.
565) Out-of-bounds read (CVE-ID: CVE-2024-26593)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the i801_block_transaction_by_block() function in drivers/i2c/busses/i2c-i801.c. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
566) NULL pointer dereference (CVE-ID: CVE-2024-26600)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in drivers/phy/ti/phy-omap-usb2.c. A local user can perform a denial of service (DoS) attack.
567) Resource exhaustion (CVE-ID: CVE-2024-26602)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper resource management in kernel/sched/membarrier.c. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
568) Input validation error (CVE-ID: CVE-2024-26636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the llc_ui_sendmsg() function in net/llc/af_llc.c. A local user can perform a denial of service (DoS) attack.
569) Resource management error (CVE-ID: CVE-2024-26606)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the binder_enqueue_thread_work_ilocked() function in drivers/android/binder.c. A local user can perform a denial of service (DoS) attack.
570) Buffer overflow (CVE-ID: CVE-2024-26610)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the iwl_dbg_tlv_override_trig_node() function in drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
571) Resource management error (CVE-ID: CVE-2024-26614)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the reqsk_queue_alloc() function in net/core/request_sock.c. A remote attacker can send specially crafted ACK packets to the system and perform a denial of service (DoS) attack.
572) NULL pointer dereference (CVE-ID: CVE-2024-26615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __smc_diag_dump() function in net/smc/smc_diag.c. A local user can perform a denial of service (DoS) attack.
573) Use-after-free (CVE-ID: CVE-2024-26622)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tomoyo_write_control() function. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
574) Use-after-free (CVE-ID: CVE-2024-26625)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in net/llc/af_llc.c when handling orphan sockets. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
575) Improper locking (CVE-ID: CVE-2024-26627)
The vulnerability allows a local user to perform a denial of service attack (DoS).
The vulnerability exists due to improper locking when calling the scsi_host_busy() function. A local user can perform a denial of service attack.
576) Use of uninitialized resource (CVE-ID: CVE-2024-26635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the cpu_to_be16() function in net/llc/llc_core.c. A local user can perform a denial of service (DoS) attack.
577) NULL pointer dereference (CVE-ID: CVE-2024-26695)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/crypto/ccp/sev-dev.c. A local user can perform a denial of service (DoS) attack.
578) Information disclosure (CVE-ID: CVE-2024-26697)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the nilfs_prepare_segment_for_recovery(), nilfs_recovery_copy_block() and nilfs_recover_dsync_blocks() functions in fs/nilfs2/recovery.c. A local user can gain access to sensitive information.
579) NULL pointer dereference (CVE-ID: CVE-2024-22099)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
580) Information disclosure (CVE-ID: CVE-2024-26787)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output within the sdmmc_idma_start() function in drivers/mmc/host/mmci_stm32_sdmmc.c. A local user can gain access to sensitive information.
581) Improper locking (CVE-ID: CVE-2024-26772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_find_by_goal() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
582) Improper locking (CVE-ID: CVE-2024-26773)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_try_best_found() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
583) NULL pointer dereference (CVE-ID: CVE-2024-26776)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hisi_sfc_v3xx_isr() function in drivers/spi/spi-hisi-sfc-v3xx.c. A local user can perform a denial of service (DoS) attack.
584) Division by zero (CVE-ID: CVE-2024-26777)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the sisfb_check_var() function in drivers/video/fbdev/sis/sis_main.c. A local user can perform a denial of service (DoS) attack.
585) Division by zero (CVE-ID: CVE-2024-26778)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the savagefb_check_var() function in drivers/video/fbdev/savage/savagefb_driver.c. A local user can perform a denial of service (DoS) attack.
586) Race condition (CVE-ID: CVE-2024-26779)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the ieee80211_check_fast_xmit() function in net/mac80211/tx.c, within the sta_info_insert_finish() function in net/mac80211/sta_info.c. A local user can escalate privileges on the system.
587) Improper locking (CVE-ID: CVE-2024-26781)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the subflow_get_info() function in net/mptcp/diag.c. A local user can perform a denial of service (DoS) attack.
588) Double free (CVE-ID: CVE-2024-26782)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mptcp_inet6_sk() and mptcp_sk_clone() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
589) Resource management error (CVE-ID: CVE-2024-26788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the fsl_qdma_probe() function in drivers/dma/fsl-qdma.c. A local user can perform a denial of service (DoS) attack.
590) Off-by-one (CVE-ID: CVE-2024-26766)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an off-by-one error within the _pad_sdma_tx_descs() function in drivers/infiniband/hw/hfi1/sdma.c. A local user can trigger an off-by-one error and execute arbitrary code with elevated privileges.
591) Improper locking (CVE-ID: CVE-2024-26790)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the FSL_QDMA_CMD_PF BIT() and fsl_qdma_comp_fill_memcpy() functions in drivers/dma/fsl-qdma.c. A local user can perform a denial of service (DoS) attack.
592) Out-of-bounds read (CVE-ID: CVE-2024-26791)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the btrfs_check_replace_dev_names() and btrfs_dev_replace_by_ioctl() functions in fs/btrfs/dev-replace.c. A local user can perform a denial of service (DoS) attack.
593) Use-after-free (CVE-ID: CVE-2024-26793)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gtp_init() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
594) Out-of-bounds read (CVE-ID: CVE-2024-26795)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the arch/riscv/include/asm/pgtable.h. A local user can perform a denial of service (DoS) attack.
595) Use-after-free (CVE-ID: CVE-2024-26801)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_error_reset() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
596) Use-after-free (CVE-ID: CVE-2024-26804)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tnl_update_pmtu(), ip_md_tunnel_xmit() and ip_tunnel_xmit() functions in net/ipv4/ip_tunnel.c. A local user can escalate privileges on the system.
597) Use of uninitialized resource (CVE-ID: CVE-2024-26805)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the netlink_group_mask() function in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
598) Expired pointer dereference (CVE-ID: CVE-2024-26808)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a stale reference within the nf_tables_netdev_event() function in net/netfilter/nft_chain_filter.c. A local user can perform a denial of service (DoS) attack.
599) NULL pointer dereference (CVE-ID: CVE-2024-26771)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the edma_probe() function in drivers/dma/ti/edma.c. A local user can perform a denial of service (DoS) attack.
600) Resource management error (CVE-ID: CVE-2024-26764)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kiocb_set_cancel_fn() and aio_prep_rw() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.
601) Race condition (CVE-ID: CVE-2024-26698)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the netvsc_device_remove() function in drivers/net/hyperv/netvsc.c. A local user can escalate privileges on the system.
602) Use-after-free (CVE-ID: CVE-2024-26735)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the seg6_init() function in net/ipv6/seg6.c. A local user can escalate privileges on the system.
603) Out-of-bounds read (CVE-ID: CVE-2024-26702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rm3100_common_probe() function in drivers/iio/magnetometer/rm3100-core.c. A local user can perform a denial of service (DoS) attack.
604) Double free (CVE-ID: CVE-2024-26704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ext4_move_extents() function in fs/ext4/move_extent.c. A local user can perform a denial of service (DoS) attack.
605) Resource management error (CVE-ID: CVE-2024-26707)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the send_hsr_supervision_frame() and send_prp_supervision_frame() functions in net/hsr/hsr_device.c. A local user can perform a denial of service (DoS) attack.
606) Buffer overflow (CVE-ID: CVE-2024-26712)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the kasan_init_region() function in arch/powerpc/mm/kasan/kasan_init_32.c. A local user can perform a denial of service (DoS) attack.
607) Division by zero (CVE-ID: CVE-2024-26720)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the wb_dirty_limits() function in mm/page-writeback.c. A local user can perform a denial of service (DoS) attack.
608) Improper locking (CVE-ID: CVE-2024-26722)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rt5645_jack_detect_work() function in sound/soc/codecs/rt5645.c. A local user can perform a denial of service (DoS) attack.
609) Reachable assertion (CVE-ID: CVE-2024-26727)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the btrfs_get_root_ref() function in fs/btrfs/disk-io.c. A local user can perform a denial of service (DoS) attack.
610) Buffer overflow (CVE-ID: CVE-2024-26733)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the arp_req_get() function in net/ipv4/arp.c. A local user can escalate privileges on the system.
611) Buffer overflow (CVE-ID: CVE-2024-26736)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the afs_update_volume_status() function in fs/afs/volume.c. A local user can escalate privileges on the system.
612) Resource management error (CVE-ID: CVE-2024-26763)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources during authentication within the kcryptd_crypt_write_convert() function in drivers/md/dm-crypt.c. A local user can perform a denial of service (DoS) attack.
613) Improper locking (CVE-ID: CVE-2024-26743)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qedr_create_user_qp() function in drivers/infiniband/hw/qedr/verbs.c. A local user can perform a denial of service (DoS) attack.
614) NULL pointer dereference (CVE-ID: CVE-2024-26744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the module_param() function in drivers/infiniband/ulp/srpt/ib_srpt.c. A local user can perform a denial of service (DoS) attack.
615) NULL pointer dereference (CVE-ID: CVE-2024-26747)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the usb_role_switch_get(), fwnode_usb_role_switch_get(), EXPORT_SYMBOL_GPL(), usb_role_switch_find_by_fwnode() and usb_role_switch_register() functions in drivers/usb/roles/class.c. A local user can perform a denial of service (DoS) attack.
616) Use-after-free (CVE-ID: CVE-2024-26748)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cdns3_gadget_giveback() function in drivers/usb/cdns3/gadget.c. A local user can escalate privileges on the system.
617) Use-after-free (CVE-ID: CVE-2024-26749)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cdns3_gadget_ep_disable() function in drivers/usb/cdns3/gadget.c. A local user can escalate privileges on the system.
618) Infinite loop (CVE-ID: CVE-2024-26751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the GPIO_LOOKUP_IDX() function in arch/arm/mach-ep93xx/core.c. A local user can perform a denial of service (DoS) attack.
619) Incorrect calculation (CVE-ID: CVE-2024-26752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the l2tp_ip6_sendmsg() function in net/l2tp/l2tp_ip6.c. A local user can perform a denial of service (DoS) attack.
620) Stack-based buffer overflow (CVE-ID: CVE-2024-26753)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to stack overflow within the virtio_crypto_dataq_akcipher_callback() and virtio_crypto_alg_akcipher_init_session() functions in drivers/crypto/virtio/virtio_crypto_akcipher_algs.c. A local user can perform a denial of service (DoS) attack.
621) Use-after-free (CVE-ID: CVE-2024-26754)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gtp_init() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
622) Off-by-one (CVE-ID: CVE-2024-23849)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the rds_recv_track_latency() function in net/rds/af_rds.c. A local user can trigger an off-by-one error and perform a denial of service (DoS) attack.
623) Stack-based buffer overflow (CVE-ID: CVE-2024-1151)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the Open vSwitch sub-component in the Linux Kernel. A remote unauthenticated attacker can send specially crafted packets to the system. trigger a stack-based buffer overflow and perform a denial of service (DoS) attack.
624) Incorrect calculation (CVE-ID: CVE-2024-40993)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the MODULE_DESCRIPTION() and ip_set_create() functions in net/netfilter/ipset/ip_set_core.c. A local user can perform a denial of service (DoS) attack.
625) Improper error handling (CVE-ID: CVE-2024-36950)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bus_reset_work() and irq_handler() functions in drivers/firewire/ohci.c. A local user can perform a denial of service (DoS) attack.
626) Improper locking (CVE-ID: CVE-2024-36919)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the bnx2fc_free_session_resc() function in drivers/scsi/bnx2fc/bnx2fc_tgt.c. A local user can perform a denial of service (DoS) attack.
627) Improper error handling (CVE-ID: CVE-2024-36929)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the skb_alloc_rx_flag() and skb_copy_expand() functions in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.
628) Use of uninitialized resource (CVE-ID: CVE-2024-36933)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the EXPORT_SYMBOL_GPL() and nsh_gso_segment() functions in net/nsh/nsh.c. A local user can perform a denial of service (DoS) attack.
629) Out-of-bounds read (CVE-ID: CVE-2024-36934)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bnad_debugfs_write_regrd() and bnad_debugfs_write_regwr() functions in drivers/net/ethernet/brocade/bna/bnad_debugfs.c. A local user can perform a denial of service (DoS) attack.
630) Improper error handling (CVE-ID: CVE-2024-36939)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nfs_net_init() function in fs/nfs/inode.c. A local user can perform a denial of service (DoS) attack.
631) Double Free (CVE-ID: CVE-2024-36940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the pinctrl_enable() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.
632) NULL pointer dereference (CVE-ID: CVE-2024-36941)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nl80211_set_coalesce() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
633) Buffer overflow (CVE-ID: CVE-2024-36946)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the rtm_phonet_notify() function in net/phonet/pn_netlink.c. A local user can escalate privileges on the system.
634) Improper error handling (CVE-ID: CVE-2024-36953)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the kvm_register_vgic_device() function in arch/arm64/kvm/vgic/vgic-kvm-device.c. A local user can perform a denial of service (DoS) attack.
635) Race condition (CVE-ID: CVE-2024-36905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the tcp_send_fin() function in net/ipv4/tcp_output.c, within the tcp_rcv_state_process() function in net/ipv4/tcp_input.c, within the tcp_shutdown() and __tcp_close() functions in net/ipv4/tcp.c. A local user can perform a denial of service (DoS) attack.
636) Memory leak (CVE-ID: CVE-2024-36954)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tipc_buf_append() function in net/tipc/msg.c. A local user can perform a denial of service (DoS) attack.
637) Off-by-one (CVE-ID: CVE-2024-36957)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the rvu_dbg_qsize_write() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c. A local user can perform a denial of service (DoS) attack.
638) Information disclosure (CVE-ID: CVE-2024-36959)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the pinctrl_dt_to_map() function in drivers/pinctrl/devicetree.c. A local user can gain access to sensitive information.
639) Information disclosure (CVE-ID: CVE-2023-28746)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors. A local user can gain access to sensitive information.
640) Use-after-free (CVE-ID: CVE-2023-47233)
The vulnerability allows an attacker to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcm80211 in a brcmf_cfg80211_detach in the device unplugging (disconnect the USB by hotplug) code. An attacker with physical access to device can trigger a use-after-free error and escalate privileges on the system.
641) Improper Check for Unusual or Exceptional Conditions (CVE-ID: CVE-2023-52429)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dm_table_create() function in drivers/md/dm-table.c. A local user can pass specially crafted data to the kernel and perform a denial of service (DoS) attack.
642) Buffer overflow (CVE-ID: CVE-2023-52434)
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the smb2_parse_contexts() function when parsing SMB packets. A remote user can send specially crafted SMB traffic to the affected system, trigger memory corruption and execute arbitrary code.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
643) Buffer overflow (CVE-ID: CVE-2023-52435)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the skb_segment() function. A local user can trigger memory corruption and crash the kernel.
644) Out-of-bounds read (CVE-ID: CVE-2024-36916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iocg_kick_delay() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.
645) Use-after-free (CVE-ID: CVE-2024-36904)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcp_twsk_unique() function in net/ipv4/tcp_ipv4.c. A local user can escalate privileges on the system.
646) NULL pointer dereference (CVE-ID: CVE-2023-52458)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blkpg_do_ioctl() function in block/ioctl.c. A local user can perform a denial of service (DoS) attack.
647) Memory leak (CVE-ID: CVE-2024-26900)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bind_rdev_to_array() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
648) Improper locking (CVE-ID: CVE-2024-40995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tcf_idr_check_alloc() and rcu_read_unlock() functions in net/sched/act_api.c. A local user can perform a denial of service (DoS) attack.
649) Integer overflow (CVE-ID: CVE-2024-41000)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the blkpg_do_ioctl() function in block/ioctl.c. A local user can execute arbitrary code.
650) Improper locking (CVE-ID: CVE-2024-41004)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kernel/trace/Kconfig. A local user can perform a denial of service (DoS) attack.
651) Improper locking (CVE-ID: CVE-2024-41005)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the netpoll_owner_active() function in net/core/netpoll.c. A local user can perform a denial of service (DoS) attack.
652) Memory leak (CVE-ID: CVE-2024-41006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nr_heartbeat_expiry() function in net/netrom/nr_timer.c. A local user can perform a denial of service (DoS) attack.
653) Out-of-bounds read (CVE-ID: CVE-2022-48655)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds read error within the scmi_domain_reset() function in drivers/firmware/arm_scmi/reset.c. A local user can execute arbitrary code.
654) NULL pointer dereference (CVE-ID: CVE-2023-52585)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_ras_query_error_status_helper() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c. A local user can perform a denial of service (DoS) attack.
655) Input validation error (CVE-ID: CVE-2023-52882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c. A local user can perform a denial of service (DoS) attack.
656) Use-after-free (CVE-ID: CVE-2024-27398)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the sco_sock_timeout() function in net/bluetooth/sco.c. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
657) NULL pointer dereference (CVE-ID: CVE-2024-36902)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __fib6_rule_action() function in net/ipv6/fib6_rules.c. A local user can perform a denial of service (DoS) attack.
658) NULL pointer dereference (CVE-ID: CVE-2024-27399)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dreference error within the l2cap_chan_timeout() function in net/bluetooth/l2cap_core.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
659) Buffer overflow (CVE-ID: CVE-2024-27401)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the packet_buffer_get() function in drivers/firewire/nosy.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
660) Buffer overflow (CVE-ID: CVE-2024-35848)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the at24_probe() function in drivers/misc/eeprom/at24.c. A local user can escalate privileges on the system.
661) Improper error handling (CVE-ID: CVE-2024-35947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error within the ddebug_tokenize() function in lib/dynamic_debug.c. A local user can crash the OS kernel.
662) Out-of-bounds read (CVE-ID: CVE-2024-36017)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_setvfinfo() function in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.
663) Input validation error (CVE-ID: CVE-2024-36031)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __key_instantiate_and_link() function in security/keys/key.c. A local user can perform a denial of service (DoS) attack.
664) Out-of-bounds read (CVE-ID: CVE-2024-36883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the net_alloc_generic() and register_pernet_operations() functions in net/core/net_namespace.c. A local user can perform a denial of service (DoS) attack.
665) Use-after-free (CVE-ID: CVE-2024-36886)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a use-after-free error within the tipc_buf_append() function in net/tipc/msg.c when processing fragmented TIPC messages. A remote attacker can send specially crafted packets to the system, trigger a use-after-free error and execute arbitrary code on the system in the context of the kernel.
666) Use of uninitialized resource (CVE-ID: CVE-2024-36889)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
667) Use-after-free (CVE-ID: CVE-2023-52447)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in
bpf. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
668) Stack-based buffer overflow (CVE-ID: CVE-2023-52482)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to stack overflow within the VULNBL_AMD() function in arch/x86/kernel/cpu/common.c. A local user can perform a denial of service (DoS) attack.
669) NULL pointer dereference (CVE-ID: CVE-2024-0841)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the hugetlbfs_fill_super() function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. A local user can perform a denial of service (DoS) attack.
670) Improper locking (CVE-ID: CVE-2023-52635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the devfreq_monitor(), devfreq_monitor_start() and devfreq_monitor_stop() functions in drivers/devfreq/devfreq.c. A local user can perform a denial of service (DoS) attack.
671) Improper Initialization (CVE-ID: CVE-2023-52616)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the mpi_ec_init() function in lib/mpi/ec.c. A local user can perform a denial of service (DoS) attack.
672) Resource management error (CVE-ID: CVE-2023-52617)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the stdev_release(), stdev_create(), switchtec_init_pci() and switchtec_pci_remove() functions in drivers/pci/switch/switchtec.c. A local user can perform a denial of service (DoS) attack.
673) Buffer overflow (CVE-ID: CVE-2023-52618)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rnbd_srv_get_full_path() function in drivers/block/rnbd/rnbd-srv.c. A local user can perform a denial of service (DoS) attack.
674) Buffer overflow (CVE-ID: CVE-2023-52619)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ramoops_init_przs() function in fs/pstore/ram.c. A local user can perform a denial of service (DoS) attack.
675) Improper access control (CVE-ID: CVE-2023-52620)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c when setting timeouts from userspace. A local user can bypass implemented security restrictions and perform a denial of service attack.
676) Buffer overflow (CVE-ID: CVE-2023-52622)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the alloc_flex_gd() and ext4_setup_next_flex_gd() functions in fs/ext4/resize.c. A local user can escalate privileges on the system.
677) Improper locking (CVE-ID: CVE-2023-52623)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xprt_iter_current_entry() and rpc_xprt_switch_has_addr() functions in net/sunrpc/xprtmultipath.c. A local user can perform a denial of service (DoS) attack.
678) NULL pointer dereference (CVE-ID: CVE-2023-52627)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the BIT() function in drivers/iio/adc/ad7091r5.c, within the BIT() and ad7091r_read_event_config() functions in drivers/iio/adc/ad7091r-base.c. A local user can perform a denial of service (DoS) attack.
679) Use-after-free (CVE-ID: CVE-2023-52637)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the j1939_sk_match_dst(), j1939_sk_match_filter(), j1939_sk_init() and j1939_sk_setsockopt() functions in net/can/j1939/socket.c. A local user can escalate privileges on the system.
680) Buffer overflow (CVE-ID: CVE-2023-52614)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the trans_stat_show() function in drivers/devfreq/devfreq.c. A local user can escalate privileges on the system.
681) Improper privilege management (CVE-ID: CVE-2023-52642)
The vulnerability allows a local user to read and manipulate data.
The vulnerability exists due to improperly imposed permissions within the lirc_dev_exit() and rc_dev_get_from_fd() functions in drivers/media/rc/lirc_dev.c, within the lirc_prog_attach(), lirc_prog_detach() and lirc_prog_query() functions in drivers/media/rc/bpf-lirc.c. A local user can read and manipulate data.
682) Infinite loop (CVE-ID: CVE-2023-52644)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the b43_dma_tx() and b43_dma_handle_txstatus() functions in drivers/net/wireless/broadcom/b43/dma.c. A local user can perform a denial of service (DoS) attack.
683) NULL pointer dereference (CVE-ID: CVE-2023-52650)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tegra_dsi_ganged_probe() function in drivers/gpu/drm/tegra/dsi.c. A local user can perform a denial of service (DoS) attack.
684) Use-after-free (CVE-ID: CVE-2023-6270)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.
685) NULL pointer dereference (CVE-ID: CVE-2023-7042)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can pass specially crafted data to the driver and perform a denial of service (DoS) attack.
686) Improper Initialization (CVE-ID: CVE-2024-0340)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to improper initialization within the vhost_new_msg() function in drivers/vhost/vhost.c in the Linux kernel vhost driver. A local user can run a specially crafted application to gain access to sensitive kernel information.
687) Integer underflow (CVE-ID: CVE-2024-0565)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer underflow within the receive_encrypted_standard() function in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. A remote attacker can trick the victim to connect to a malicious SMB server, trigger an integer underflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
688) Resource management error (CVE-ID: CVE-2024-0607)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nft_byteorder_eval() function in the Netfilter subsystem. A local user can perform a denial of service (DoS) attack.
689) Improper locking (CVE-ID: CVE-2023-52615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rng_get_data() and rng_dev_read() functions in drivers/char/hw_random/core.c. A local user can perform a denial of service (DoS) attack.
690) NULL pointer dereference (CVE-ID: CVE-2023-52607)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pgtable_cache_add() function in arch/powerpc/mm/init-common.c. A local user can perform a denial of service (DoS) attack.
691) Improper locking (CVE-ID: CVE-2023-52486)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/gpu/drm/drm_plane.c. A local user can perform a denial of service (DoS) attack.
692) Improper locking (CVE-ID: CVE-2023-52587)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ipoib_mcast_join() function in drivers/infiniband/ulp/ipoib/ipoib_multicast.c. A local user can perform a denial of service (DoS) attack.
693) Input validation error (CVE-ID: CVE-2023-52488)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sc16is7xx_fifo_read(), sc16is7xx_fifo_write() and sc16is7xx_regmap_precious() functions in drivers/tty/serial/sc16is7xx.c. A local user can perform a denial of service (DoS) attack.
694) Race condition (CVE-ID: CVE-2023-52489)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the section_deactivate() function in mm/sparse.c. A local user can exploit the race and escalate privileges on the system.
695) Use-after-free (CVE-ID: CVE-2023-52491)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mtk_jpeg_dec_device_run() function in drivers/media/platform/mtk-jpeg/mtk_jpeg_core.c. A local user can escalate privileges on the system.
696) NULL pointer dereference (CVE-ID: CVE-2023-52492)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/dma/dmaengine.c. A local user can perform a denial of service (DoS) attack.
697) Improper locking (CVE-ID: CVE-2023-52493)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the parse_xfer_event() function in drivers/bus/mhi/host/main.c. A local user can perform a denial of service (DoS) attack.
698) Resource exhaustion (CVE-ID: CVE-2023-52497)
The vulnerability allows a local user to perform a denial of service (DoS) attack and modify data on the system,.
The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack and modify data on the system,.
699) Improper locking (CVE-ID: CVE-2023-52498)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dev_pm_skip_resume(), complete_all(), dpm_async_fn(), dpm_noirq_resume_devices(), dpm_resume_noirq(), pm_runtime_enable(), dpm_resume_early(), dpm_resume_start(), device_resume() and dpm_resume() functions in drivers/base/power/main.c. A local user can perform a denial of service (DoS) attack.
700) Improper locking (CVE-ID: CVE-2023-52583)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ceph_encode_dentry_release() function in fs/ceph/caps.c. A local user can perform a denial of service (DoS) attack.
701) Out-of-bounds read (CVE-ID: CVE-2023-52594)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath9k_htc_txstatus() function in drivers/net/wireless/ath/ath9k/htc_drv_txrx.c. A local user can perform a denial of service (DoS) attack.
702) Buffer overflow (CVE-ID: CVE-2023-52606)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the fp/vmx code in powerpc/lib/sstep.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
703) Improper locking (CVE-ID: CVE-2023-52595)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rt2x00mac_bss_info_changed() function in drivers/net/wireless/ralink/rt2x00/rt2x00mac.c, within the rt2x00lib_disable_radio(), rt2x00lib_start() and rt2x00lib_stop() functions in drivers/net/wireless/ralink/rt2x00/rt2x00dev.c. A local user can perform a denial of service (DoS) attack.
704) Security features bypass (CVE-ID: CVE-2023-52597)
The vulnerability allows a local privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A local privileged can trigger resource exhaustion and perform a denial of service (DoS) attack.
705) Resource management error (CVE-ID: CVE-2023-52598)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in arch/s390/kernel/ptrace.c. A local user can perform a denial of service (DoS) attack.
706) Buffer overflow (CVE-ID: CVE-2023-52599)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the diNewExt() function in fs/jfs/jfs_imap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
707) Use-after-free (CVE-ID: CVE-2023-52600)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in fs/jfs/jfs_mount.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
708) Buffer overflow (CVE-ID: CVE-2023-52601)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in fs/jfs/jfs_dmap.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
709) Out-of-bounds read (CVE-ID: CVE-2023-52602)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the dtSearch() function in fs/jfs/jfs_dtree.c. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
710) Improper validation of array index (CVE-ID: CVE-2023-52603)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper validation of array index within the dtSplitRoot() function in fs/jfs/jfs_dtree.c. A local user can perform a denial of service (DoS) attack.
711) Out-of-bounds read (CVE-ID: CVE-2023-52604)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAdjTree() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.