SB2024070713 - SUSE update for the Linux Kernel
Published: July 7, 2024 Updated: March 14, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 320 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2020-36788)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nouveau_gem_new() function in drivers/gpu/drm/nouveau/nouveau_gem.c. A local user can escalate privileges on the system.
2) Use-after-free (CVE-ID: CVE-2021-39698)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in Linux kernel. A local user can run a specially crafted program to trigger the use-after-free error and execute arbitrary code with elevated privileges.
3) Improper validation of integrity check value (CVE-ID: CVE-2021-4148)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem.
4) Unchecked Return Value (CVE-ID: CVE-2021-43056)
The vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation error when handling SRR1 register values. A local user can perform a denial of service attack, when the host is running on Power8.
5) Use-after-free (CVE-ID: CVE-2021-47358)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gbphy_runtime_put_autosuspend(), gb_uart_probe() and gb_uart_remove() functions in drivers/staging/greybus/uart.c. A local user can escalate privileges on the system.
6) Improper locking (CVE-ID: CVE-2021-47359)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cifs_close_deferred_file() and cifs_close_all_deferred_files() functions in fs/cifs/misc.c. A local user can perform a denial of service (DoS) attack.
7) Resource management error (CVE-ID: CVE-2021-47360)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the binder_deferred_fd_close(), binder_transaction_buffer_release(), binder_free_txn_fixups(), binder_free_buf(), binder_thread_write() and binder_cleanup_transaction() functions in drivers/android/binder.c. A local user can perform a denial of service (DoS) attack.
8) Improper error handling (CVE-ID: CVE-2021-47361)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mcb_alloc_bus() function in drivers/mcb/mcb-core.c. A local user can perform a denial of service (DoS) attack.
9) NULL pointer dereference (CVE-ID: CVE-2021-47362)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the si_dpm_enable() function in drivers/gpu/drm/amd/pm/powerplay/si_dpm.c. A local user can perform a denial of service (DoS) attack.
10) Division by zero (CVE-ID: CVE-2021-47363)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the replace_nexthop_grp() function in net/ipv4/nexthop.c. A local user can perform a denial of service (DoS) attack.
11) Memory leak (CVE-ID: CVE-2021-47364)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the compat_insnlist() function in drivers/staging/comedi/comedi_fops.c. A local user can perform a denial of service (DoS) attack.
12) Memory leak (CVE-ID: CVE-2021-47365)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the afs_extend_writeback() function in fs/afs/write.c. A local user can perform a denial of service (DoS) attack.
13) Buffer overflow (CVE-ID: CVE-2021-47366)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the afs_fs_fetch_data(), afs_fs_store_data(), afs_fs_setattr_size() and afs_deliver_fs_get_capabilities() functions in fs/afs/fsclient.c, within the afs_fileserver_probe_result() and clear_bit() functions in fs/afs/fs_probe.c. A local user can perform a denial of service (DoS) attack.
14) Memory leak (CVE-ID: CVE-2021-47367)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the page_to_skb() function in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
15) Resource management error (CVE-ID: CVE-2021-47368)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the enetc_clear_bdrs() and enetc_setup_irqs() functions in drivers/net/ethernet/freescale/enetc/enetc.c. A local user can perform a denial of service (DoS) attack.
16) NULL pointer dereference (CVE-ID: CVE-2021-47369)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qeth_clear_working_pool_list() function in drivers/s390/net/qeth_core_main.c. A local user can perform a denial of service (DoS) attack.
17) Resource management error (CVE-ID: CVE-2021-47370)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mptcp_sendmsg_frag() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
18) Memory leak (CVE-ID: CVE-2021-47371)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nexthops_dump() and EXPORT_SYMBOL() functions in net/ipv4/nexthop.c, within the vxlan_exit_batch_net() and register_nexthop_notifier() functions in drivers/net/vxlan.c. A remote attacker can perform a denial of service (DoS) attack.
19) Use-after-free (CVE-ID: CVE-2021-47372)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the macb_remove() function in drivers/net/ethernet/cadence/macb_pci.c. A local user can escalate privileges on the system.
20) Off-by-one (CVE-ID: CVE-2021-47373)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the its_vpe_irq_domain_alloc() function in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.
21) Resource management error (CVE-ID: CVE-2021-47374)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the add_dma_entry() function in kernel/dma/debug.c. A local user can perform a denial of service (DoS) attack.
22) Use-after-free (CVE-ID: CVE-2021-47375)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the blk_trace_remove_queue() function in kernel/trace/blktrace.c. A local user can escalate privileges on the system.
23) Buffer overflow (CVE-ID: CVE-2021-47376)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the check_btf_line() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
24) Use-after-free (CVE-ID: CVE-2021-47378)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_rdma_free_queue(), nvme_rdma_conn_established(), nvme_rdma_route_resolved() and nvme_rdma_cm_handler() functions in drivers/nvme/host/rdma.c. A local user can escalate privileges on the system.
25) Use-after-free (CVE-ID: CVE-2021-47379)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the spin_lock_irq() and blkcg_deactivate_policy() functions in block/blk-cgroup.c. A local user can escalate privileges on the system.
26) NULL pointer dereference (CVE-ID: CVE-2021-47380)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amd_mp2_pci_probe() function in drivers/hid/amd-sfh-hid/amd_sfh_pcie.c. A local user can perform a denial of service (DoS) attack.
27) Buffer overflow (CVE-ID: CVE-2021-47381)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the xtensa_stack() function in sound/soc/sof/xtensa/core.c. A local user can perform a denial of service (DoS) attack.
28) Improper locking (CVE-ID: CVE-2021-47382)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qeth_do_reset() function in drivers/s390/net/qeth_core_main.c, within the EXPORT_SYMBOL(), ccwgroup_set_offline() and ccwgroup_online_store() functions in drivers/s390/cio/ccwgroup.c. A local user can perform a denial of service (DoS) attack.
29) Out-of-bounds read (CVE-ID: CVE-2021-47383)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vc_do_resize() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.
30) NULL pointer dereference (CVE-ID: CVE-2021-47384)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the TEMP_TO_REG() and w83793_detect_subclients() functions in drivers/hwmon/w83793.c. A local user can perform a denial of service (DoS) attack.
31) NULL pointer dereference (CVE-ID: CVE-2021-47385)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the w83792d_detect_subclients() function in drivers/hwmon/w83792d.c. A local user can perform a denial of service (DoS) attack.
32) NULL pointer dereference (CVE-ID: CVE-2021-47386)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the w83791d_detect_subclients() function in drivers/hwmon/w83791d.c. A local user can perform a denial of service (DoS) attack.
33) Resource management error (CVE-ID: CVE-2021-47387)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sugov_tunables_free(), sugov_tunables_alloc(), sugov_init() and sugov_exit() functions in kernel/sched/cpufreq_schedutil.c. A local user can perform a denial of service (DoS) attack.
34) Use-after-free (CVE-ID: CVE-2021-47388)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ieee80211_crypto_ccmp_decrypt() and ieee80211_crypto_gcmp_decrypt() functions in net/mac80211/wpa.c. A local user can escalate privileges on the system.
35) Memory leak (CVE-ID: CVE-2021-47389)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sev_receive_start() function in arch/x86/kvm/svm/sev.c. A local user can perform a denial of service (DoS) attack.
36) Out-of-bounds read (CVE-ID: CVE-2021-47390)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ioapic_write_indirect() function in arch/x86/kvm/ioapic.c. A local user can perform a denial of service (DoS) attack.
37) Use-after-free (CVE-ID: CVE-2021-47391)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cma_cancel_operation() and rdma_resolve_addr() functions in drivers/infiniband/core/cma.c. A local user can escalate privileges on the system.
38) Improper locking (CVE-ID: CVE-2021-47392)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cma_cancel_route(), cma_cancel_listens() and cma_listen_on_all() functions in drivers/infiniband/core/cma.c. A local user can perform a denial of service (DoS) attack.
39) Out-of-bounds read (CVE-ID: CVE-2021-47393)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mlxreg_fan_set_cur_state() function in drivers/hwmon/mlxreg-fan.c. A local user can perform a denial of service (DoS) attack.
40) Use-after-free (CVE-ID: CVE-2021-47394)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __nft_release_table() and __nft_release_tables() functions in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.
41) Resource management error (CVE-ID: CVE-2021-47395)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ieee80211_parse_tx_radiotap() function in net/mac80211/tx.c. A local user can perform a denial of service (DoS) attack.
42) Resource management error (CVE-ID: CVE-2021-47396)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mac80211_hwsim_beacon() function in drivers/net/wireless/mac80211_hwsim.c. A local user can perform a denial of service (DoS) attack.
43) NULL pointer dereference (CVE-ID: CVE-2021-47397)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sctp_rcv_ootb() function in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.
44) Memory leak (CVE-ID: CVE-2021-47398)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hfi1_ipoib_tx_timeout() function in drivers/infiniband/hw/hfi1/ipoib_tx.c. A local user can perform a denial of service (DoS) attack.
45) NULL pointer dereference (CVE-ID: CVE-2021-47399)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ixgbe_xdp_setup() function in drivers/net/ethernet/intel/ixgbe/ixgbe_main.c, within the ixgbe_max_channels() function in drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c. A local user can perform a denial of service (DoS) attack.
46) Resource management error (CVE-ID: CVE-2021-47400)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the hns3_nic_net_open() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.
47) Memory leak (CVE-ID: CVE-2021-47401)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ipoctal_inst_slot() and __ipoctal_remove() functions in drivers/ipack/devices/ipoctal.c. A local user can perform a denial of service (DoS) attack.
48) Use-after-free (CVE-ID: CVE-2021-47402)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fl_walk() function in net/sched/cls_flower.c. A local user can escalate privileges on the system.
49) Memory leak (CVE-ID: CVE-2021-47403)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ipoctal_port_activate() and ipoctal_cleanup() functions in drivers/ipack/devices/ipoctal.c. A local user can perform a denial of service (DoS) attack.
50) Out-of-bounds read (CVE-ID: CVE-2021-47404)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the betopff_init() function in drivers/hid/hid-betopff.c. A local user can perform a denial of service (DoS) attack.
51) Memory leak (CVE-ID: CVE-2021-47405)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hid_ctrl() and usbhid_stop() functions in drivers/hid/usbhid/hid-core.c. A local user can perform a denial of service (DoS) attack.
52) Improper error handling (CVE-ID: CVE-2021-47406)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ext4_ext_replay_shrink_inode(), skip_hole() and ext4_ext_replay_set_iblocks() functions in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
53) NULL pointer dereference (CVE-ID: CVE-2021-47407)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the kvm_arch_free_vm() and kvm_arch_init_vm() functions in arch/x86/kvm/x86.c, within the kvm_page_track_cleanup() function in arch/x86/kvm/mmu/page_track.c. A local user can perform a denial of service (DoS) attack.
54) Improper locking (CVE-ID: CVE-2021-47408)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DEFINE_SPINLOCK(), get_next_corpse(), nf_ct_iterate_cleanup() and nf_conntrack_hash_resize() functions in net/netfilter/nf_conntrack_core.c. A local user can perform a denial of service (DoS) attack.
55) NULL pointer dereference (CVE-ID: CVE-2021-47409)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dwc2_hcd_init() function in drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.
56) Resource management error (CVE-ID: CVE-2021-47410)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the svm_migrate_init() function in drivers/gpu/drm/amd/amdkfd/kfd_migrate.c, within the kgd2kfd_device_exit() function in drivers/gpu/drm/amd/amdkfd/kfd_device.c. A local user can perform a denial of service (DoS) attack.
57) Improper error handling (CVE-ID: CVE-2021-47412)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the block/bio.c. A local user can perform a denial of service (DoS) attack.
58) NULL pointer dereference (CVE-ID: CVE-2021-47413)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ci_hdrc_imx_probe() function in drivers/usb/chipidea/ci_hdrc_imx.c. A local user can perform a denial of service (DoS) attack.
59) Resource management error (CVE-ID: CVE-2021-47414)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ipi_remote_fence_i() function in arch/riscv/mm/cacheflush.c. A local user can perform a denial of service (DoS) attack.
60) NULL pointer dereference (CVE-ID: CVE-2021-47415)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __iwl_mvm_remove_time_event() function in drivers/net/wireless/intel/iwlwifi/mvm/time-event.c. A local user can perform a denial of service (DoS) attack.
61) Memory leak (CVE-ID: CVE-2021-47416)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __mdiobus_register() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.
62) Memory leak (CVE-ID: CVE-2021-47417)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the strset__free() function in tools/lib/bpf/strset.c. A local user can perform a denial of service (DoS) attack.
63) NULL pointer dereference (CVE-ID: CVE-2021-47418)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fifo_set_limit() function in net/sched/sch_fifo.c. A local user can perform a denial of service (DoS) attack.
64) Resource management error (CVE-ID: CVE-2021-47419)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the taprio_destroy() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
65) Memory leak (CVE-ID: CVE-2021-47420)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kfd_mem_dmaunmap_userptr() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c. A local user can perform a denial of service (DoS) attack.
66) Improper locking (CVE-ID: CVE-2021-47421)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amdgpu_pci_error_detected() and amdgpu_pci_resume() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
67) Memory leak (CVE-ID: CVE-2021-47422)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nv50_head_crc_late_register() function in drivers/gpu/drm/nouveau/dispnv50/crc.c. A local user can perform a denial of service (DoS) attack.
68) Memory leak (CVE-ID: CVE-2021-47423)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/gpu/drm/nouveau/nouveau_debugfs.c. A local user can perform a denial of service (DoS) attack.
69) Use of uninitialized resource (CVE-ID: CVE-2021-47424)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the i40e_clear_interrupt_scheme() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
70) Information disclosure (CVE-ID: CVE-2021-47425)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the i2c_acpi_notify() function in drivers/i2c/i2c-core-acpi.c. A local user can gain access to sensitive information.
71) Memory leak (CVE-ID: CVE-2021-47426)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bpf_int_jit_compile() function in arch/s390/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.
72) Use-after-free (CVE-ID: CVE-2021-47427)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iscsi_eh_abort() function in drivers/scsi/libiscsi.c. A local user can escalate privileges on the system.
73) Resource management error (CVE-ID: CVE-2021-47428)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the EXC_COMMON_BEGIN() function in arch/powerpc/kernel/exceptions-64s.S. A local user can perform a denial of service (DoS) attack.
74) Resource management error (CVE-ID: CVE-2021-47429)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the die_mce() function in arch/powerpc/kernel/traps.c, within the EXC_COMMON_BEGIN() and END_FTR_SECTION_IFSET() functions in arch/powerpc/kernel/exceptions-64s.S. A local user can perform a denial of service (DoS) attack.
75) Input validation error (CVE-ID: CVE-2021-47430)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the setup_smap() function in arch/x86/kernel/cpu/common.c. A local user can perform a denial of service (DoS) attack.
76) Information disclosure (CVE-ID: CVE-2021-47431)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the gmc_v9_0_hw_fini() function in drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c, within the gmc_v10_0_hw_fini() function in drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c. A local user can gain access to sensitive information.
77) Resource management error (CVE-ID: CVE-2021-47433)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the btrfs_replace_file_extents() function in fs/btrfs/file.c. A local user can perform a denial of service (DoS) attack.
78) Buffer overflow (CVE-ID: CVE-2021-47434)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the xhci_handle_stopped_cmd_ring() function in drivers/usb/host/xhci-ring.c. A local user can perform a denial of service (DoS) attack.
79) NULL pointer dereference (CVE-ID: CVE-2021-47435)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the start_io_acct() and dec_pending() functions in drivers/md/dm.c. A local user can perform a denial of service (DoS) attack.
80) NULL pointer dereference (CVE-ID: CVE-2021-47436)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dsps_probe() function in drivers/usb/musb/musb_dsps.c. A local user can perform a denial of service (DoS) attack.
81) Improper locking (CVE-ID: CVE-2021-47437)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the adis16475_set_freq() function in drivers/iio/imu/adis16475.c. A local user can perform a denial of service (DoS) attack.
82) Memory leak (CVE-ID: CVE-2021-47438)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5_core_destroy_cq() function in drivers/net/ethernet/mellanox/mlx5/core/cq.c. A local user can perform a denial of service (DoS) attack.
83) NULL pointer dereference (CVE-ID: CVE-2021-47439)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL() function in drivers/net/dsa/microchip/ksz_common.c. A local user can perform a denial of service (DoS) attack.
84) NULL pointer dereference (CVE-ID: CVE-2021-47440)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the encx24j600_spi_probe() function in drivers/net/ethernet/microchip/encx24j600.c, within the devm_regmap_init_encx24j600() function in drivers/net/ethernet/microchip/encx24j600-regmap.c. A local user can perform a denial of service (DoS) attack.
85) Out-of-bounds read (CVE-ID: CVE-2021-47441)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the MLXSW_THERMAL_TEMP_SCORE_MAX GENMASK(), mlxsw_thermal_set_cur_state() and mlxsw_thermal_init() functions in drivers/net/ethernet/mellanox/mlxsw/core_thermal.c. A local user can perform a denial of service (DoS) attack.
86) Memory leak (CVE-ID: CVE-2021-47442)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the digital_in_send_sdd_req() function in net/nfc/digital_technology.c. A local user can perform a denial of service (DoS) attack.
87) Memory leak (CVE-ID: CVE-2021-47443)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the digital_tg_configure_hw() and digital_tg_listen_mdaa() functions in net/nfc/digital_core.c. A local user can perform a denial of service (DoS) attack.
88) Buffer overflow (CVE-ID: CVE-2021-47444)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the connector_bad_edid() function in drivers/gpu/drm/drm_edid.c. A local user can perform a denial of service (DoS) attack.
89) NULL pointer dereference (CVE-ID: CVE-2021-47445)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_edp_ctrl_power() and msm_edp_ctrl_init() functions in drivers/gpu/drm/msm/edp/edp_ctrl.c. A local user can perform a denial of service (DoS) attack.
90) Improper error handling (CVE-ID: CVE-2021-47446)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the a4xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a4xx_gpu.c. A local user can perform a denial of service (DoS) attack.
91) Improper error handling (CVE-ID: CVE-2021-47447)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the a3xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a3xx_gpu.c. A local user can perform a denial of service (DoS) attack.
92) Infinite loop (CVE-ID: CVE-2021-47448)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the mptcp_check_data_fin(), mptcp_data_ready(), mptcp_check_for_eof(), mptcp_wait_data(), mptcp_recvmsg(), tcp_recv_timestamp(), mptcp_check_fastclose(), mptcp_check_readable() and mptcp_poll() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
93) Improper locking (CVE-ID: CVE-2021-47449)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ice_ptp_flush_tx_tracker() function in drivers/net/ethernet/intel/ice/ice_ptp.c. A local user can perform a denial of service (DoS) attack.
94) Incorrect calculation (CVE-ID: CVE-2021-47450)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the hyp_get_page() function in arch/arm64/kvm/hyp/nvhe/page_alloc.c, within the host_s2_zalloc_pages_exact() function in arch/arm64/kvm/hyp/nvhe/mem_protect.c. A local user can perform a denial of service (DoS) attack.
95) Improper locking (CVE-ID: CVE-2021-47451)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the idletimer_tg_create() function in net/netfilter/xt_IDLETIMER.c. A local user can perform a denial of service (DoS) attack.
96) Improper resource shutdown or release (CVE-ID: CVE-2021-47452)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the nft_netdev_event() and nf_tables_netdev_event() functions in net/netfilter/nft_chain_filter.c. A local user can perform a denial of service (DoS) attack.
97) Memory leak (CVE-ID: CVE-2021-47453)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ice_probe() and ice_remove() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
98) Improper locking (CVE-ID: CVE-2021-47454)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __cpu_die() function in arch/powerpc/kernel/smp.c. A local user can perform a denial of service (DoS) attack.
99) Memory leak (CVE-ID: CVE-2021-47455)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ptp_clock_register() function in drivers/ptp/ptp_clock.c. A local user can perform a denial of service (DoS) attack.
100) Use-after-free (CVE-ID: CVE-2021-47456)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the peak_pci_remove() function in drivers/net/can/sja1000/peak_pci.c. A local user can escalate privileges on the system.
101) Resource management error (CVE-ID: CVE-2021-47457)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the isotp_sendmsg() function in net/can/isotp.c. A local user can perform a denial of service (DoS) attack.
102) Buffer overflow (CVE-ID: CVE-2021-47458)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ocfs2_initialize_super() function in fs/ocfs2/super.c. A local user can escalate privileges on the system.
103) Use-after-free (CVE-ID: CVE-2021-47459)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the j1939_netdev_start() function in net/can/j1939/main.c. A local user can escalate privileges on the system.
104) Buffer overflow (CVE-ID: CVE-2021-47460)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ocfs2_set_inode_data_inline() and ocfs2_convert_inline_data_to_extents() functions in fs/ocfs2/alloc.c. A local user can perform a denial of service (DoS) attack.
105) Race condition (CVE-ID: CVE-2021-47461)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the userfaultfd_writeprotect() function in fs/userfaultfd.c. A local user can escalate privileges on the system.
106) Use of uninitialized resource (CVE-ID: CVE-2021-47462)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the do_set_mempolicy() and sanitize_mpol_flags() functions in mm/mempolicy.c. A local user can perform a denial of service (DoS) attack.
107) NULL pointer dereference (CVE-ID: CVE-2021-47463)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/secretmem.h. A local user can perform a denial of service (DoS) attack.
108) NULL pointer dereference (CVE-ID: CVE-2021-47464)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the audit_filter_rules() function in kernel/auditsc.c. A local user can perform a denial of service (DoS) attack.
109) Stack-based buffer overflow (CVE-ID: CVE-2021-47465)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to stack overflow within the _GLOBAL() and REST_NVGPRS() functions in arch/powerpc/kvm/book3s_hv_rmhandlers.S. A local user can perform a denial of service (DoS) attack.
110) Memory leak (CVE-ID: CVE-2021-47466)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kmem_cache_open() function in mm/slub.c. A local user can perform a denial of service (DoS) attack.
111) Information disclosure (CVE-ID: CVE-2021-47467)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the kfree_at_end() function in lib/kunit/executor_test.c. A local user can gain access to sensitive information.
112) Improper locking (CVE-ID: CVE-2021-47468)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nj_release() function in drivers/isdn/hardware/mISDN/netjet.c. A local user can perform a denial of service (DoS) attack.
113) Improper locking (CVE-ID: CVE-2021-47469)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the LIST_HEAD(), spi_add_device(), spi_add_device_locked(), spi_register_controller() and spi_unregister_controller() functions in drivers/spi/spi.c. A local user can perform a denial of service (DoS) attack.
114) Use-after-free (CVE-ID: CVE-2021-47470)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __kmem_cache_create() function in mm/slub.c. A local user can escalate privileges on the system.
115) NULL pointer dereference (CVE-ID: CVE-2021-47471)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mxsfb_irq_disable() function in drivers/gpu/drm/mxsfb/mxsfb_drv.c. A local user can perform a denial of service (DoS) attack.
116) Memory leak (CVE-ID: CVE-2021-47472)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __mdiobus_register() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.
117) Memory leak (CVE-ID: CVE-2021-47473)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak in drivers/scsi/qla2xxx/qla_bsg.c. A local user can crash the kernel.
118) Buffer overflow (CVE-ID: CVE-2021-47474)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the vmk80xx_do_bulk_msg() function in drivers/staging/comedi/drivers/vmk80xx.c. A local user can escalate privileges on the system.
119) NULL pointer dereference (CVE-ID: CVE-2021-47475)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the IC3_VERSION BIT() and vmk80xx_alloc_usb_buffers() functions in drivers/staging/comedi/drivers/vmk80xx.c. A local user can perform a denial of service (DoS) attack.
120) Input validation error (CVE-ID: CVE-2021-47476)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sizeof() and ni6501_find_endpoints() functions in drivers/staging/comedi/drivers/ni_usb6501.c. A local user can perform a denial of service (DoS) attack.
121) Information disclosure (CVE-ID: CVE-2021-47477)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the dt9812_read_info(), dt9812_read_multiple_registers(), dt9812_write_multiple_registers() and dt9812_rmw_multiple_registers() functions in drivers/staging/comedi/drivers/dt9812.c. A local user can gain access to sensitive information.
122) Out-of-bounds read (CVE-ID: CVE-2021-47478)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the isofs_read_inode() function in fs/isofs/inode.c. A local user can perform a denial of service (DoS) attack.
123) Use-after-free (CVE-ID: CVE-2021-47479)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the r871xu_dev_remove() function in drivers/staging/rtl8712/usb_intf.c. A local user can escalate privileges on the system.
124) Resource management error (CVE-ID: CVE-2021-47480)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the scsi_device_dev_release_usercontext() function in drivers/scsi/scsi_sysfs.c, within the EXPORT_SYMBOL() function in drivers/scsi/scsi.c. A local user can perform a denial of service (DoS) attack.
125) Improper Initialization (CVE-ID: CVE-2021-47481)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the reg_create() and create_user_odp_mr() functions in drivers/infiniband/hw/mlx5/mr.c. A local user can perform a denial of service (DoS) attack.
126) Improper error handling (CVE-ID: CVE-2021-47482)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the batadv_tt_init() function in net/batman-adv/translation-table.c, within the batadv_nc_mesh_init() function in net/batman-adv/network-coding.c, within the batadv_mesh_init() function in net/batman-adv/main.c, within the batadv_bla_init() function in net/batman-adv/bridge_loop_avoidance.c. A local user can perform a denial of service (DoS) attack.
127) Double free (CVE-ID: CVE-2021-47483)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the regcache_rbtree_insert_to_block() function in drivers/base/regmap/regcache-rbtree.c. A local user can perform a denial of service (DoS) attack.
128) NULL pointer dereference (CVE-ID: CVE-2021-47484)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nix_free_tx_vtag_entries() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c, within the rvu_dbg_qsize_write() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c. A local user can perform a denial of service (DoS) attack.
129) Buffer overflow (CVE-ID: CVE-2021-47485)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the qib_user_sdma_num_pages(), qib_user_sdma_free_pkt_frag(), qib_user_sdma_pin_pkt() and qib_user_sdma_queue_pkts() functions in drivers/infiniband/hw/qib/qib_user_sdma.c. A local user can escalate privileges on the system.
130) NULL pointer dereference (CVE-ID: CVE-2021-47486)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_int_jit_compile() function in arch/riscv/net/bpf_jit_core.c. A local user can perform a denial of service (DoS) attack.
131) Memory leak (CVE-ID: CVE-2021-47488)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cgroup_kill_sb() function in kernel/cgroup/cgroup.c. A local user can perform a denial of service (DoS) attack.
132) Out-of-bounds read (CVE-ID: CVE-2021-47489)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dp_phy_settings_write(), dp_phy_test_pattern_debugfs_write(), dp_dsc_passthrough_set(), trigger_hotplug(), dp_dsc_clock_en_write(), dp_dsc_slice_width_write(), dp_dsc_slice_height_write(), dp_dsc_bits_per_pixel_write() and dp_max_bpc_write() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can perform a denial of service (DoS) attack.
133) Memory leak (CVE-ID: CVE-2021-47490)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ttm_transfered_destroy() function in drivers/gpu/drm/ttm/ttm_bo_util.c. A local user can perform a denial of service (DoS) attack.
134) Improper privilege management (CVE-ID: CVE-2021-47491)
The vulnerability allows a local user to read and manipulate data.
The vulnerability exists due to improperly imposed permissions within the hugepage_vma_check() function in mm/khugepaged.c. A local user can read and manipulate data.
135) Improper error handling (CVE-ID: CVE-2021-47492)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the collapse_file() function in mm/khugepaged.c. A local user can perform a denial of service (DoS) attack.
136) Race condition (CVE-ID: CVE-2021-47493)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the ocfs2_test_bg_bit_allocatable() function in fs/ocfs2/suballoc.c. A local user can escalate privileges on the system.
137) Improper locking (CVE-ID: CVE-2021-47494)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cfg80211_mgmt_registrations_update(), cfg80211_mlme_register_mgmt(), cfg80211_mlme_unregister_socket() and cfg80211_rx_mgmt_khz() functions in net/wireless/mlme.c, within the INIT_WORK() and cfg80211_init_wdev() functions in net/wireless/core.c. A local user can perform a denial of service (DoS) attack.
138) Input validation error (CVE-ID: CVE-2021-47495)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.
139) Buffer overflow (CVE-ID: CVE-2021-47496)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the tls_err_abort(), tls_tx_records(), tls_push_record(), tls_sw_recvmsg() and tls_sw_splice_read() functions in net/tls/tls_sw.c. A local user can escalate privileges on the system.
140) Out-of-bounds read (CVE-ID: CVE-2021-47497)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nvmem_shift_read_buffer_in_place() function in drivers/nvmem/core.c. A local user can perform a denial of service (DoS) attack.
141) Resource management error (CVE-ID: CVE-2021-47498)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dm_mq_queue_rq() function in drivers/md/dm-rq.c. A local user can perform a denial of service (DoS) attack.
142) Memory leak (CVE-ID: CVE-2021-47499)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kxcjk1013_probe() and kxcjk1013_remove() functions in drivers/iio/accel/kxcjk-1013.c. A local user can perform a denial of service (DoS) attack.
143) Use-after-free (CVE-ID: CVE-2021-47500)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mma8452_trigger_setup() function in drivers/iio/accel/mma8452.c. A local user can escalate privileges on the system.
144) NULL pointer dereference (CVE-ID: CVE-2021-47501)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i40e_dbg_dump_desc() function in drivers/net/ethernet/intel/i40e/i40e_debugfs.c. A local user can perform a denial of service (DoS) attack.
145) Buffer overflow (CVE-ID: CVE-2021-47502)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the slim_rx_mux_get(), slim_rx_mux_put() and slim_tx_mixer_put() functions in sound/soc/codecs/wcd934x.c. A local user can perform a denial of service (DoS) attack.
146) NULL pointer dereference (CVE-ID: CVE-2021-47503)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pm8001_alloc() function in drivers/scsi/pm8001/pm8001_init.c. A local user can perform a denial of service (DoS) attack.
147) Use-after-free (CVE-ID: CVE-2021-47505)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the POLLFREE() function in include/uapi/asm-generic/poll.h, within the aio_poll(), aio_poll_complete_work(), aio_poll_cancel(), aio_poll_wake() and aio_poll_queue_proc() functions in fs/aio.c. A local user can escalate privileges on the system.
148) Use-after-free (CVE-ID: CVE-2021-47506)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hash_delegation_locked(), unhash_delegation_locked() and nfsd4_cb_recall_prepare() functions in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.
149) NULL pointer dereference (CVE-ID: CVE-2021-47507)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_nfsd(), nfsd4_exit_pnfs() and exit_nfsd() functions in fs/nfsd/nfsctl.c, within the register_cld_notifier() function in fs/nfsd/nfs4recover.c. A local user can perform a denial of service (DoS) attack.
150) Buffer overflow (CVE-ID: CVE-2021-47509)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the snd_pcm_oss_set_fragment1() function in sound/core/oss/pcm_oss.c. A local user can perform a denial of service (DoS) attack.
151) Resource management error (CVE-ID: CVE-2021-47510)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the walk_up_log_tree(), walk_log_tree() and free_log_tree() functions in fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.
152) Buffer overflow (CVE-ID: CVE-2021-47511)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the snd_pcm_hw_param_value_min() and snd_pcm_oss_period_size() functions in sound/core/oss/pcm_oss.c. A local user can escalate privileges on the system.
153) Memory leak (CVE-ID: CVE-2021-47513)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the felix_setup_mmio_filtering() function in drivers/net/dsa/ocelot/felix.c. A local user can perform a denial of service (DoS) attack.
154) Information disclosure (CVE-ID: CVE-2021-47514)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the devlink_nl_cmd_reload() function in net/core/devlink.c. A local user can gain access to sensitive information.
155) Memory leak (CVE-ID: CVE-2021-47516)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfp_cpp_area_cache_add() function in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c. A local user can perform a denial of service (DoS) attack.
156) NULL pointer dereference (CVE-ID: CVE-2021-47518)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfc_genl_dump_ses_done() function in net/nfc/netlink.c. A local user can perform a denial of service (DoS) attack.
157) Use-after-free (CVE-ID: CVE-2021-47520)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pch_can_rx_normal() function in drivers/net/can/pch_can.c. A local user can escalate privileges on the system.
158) Use-after-free (CVE-ID: CVE-2021-47521)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ems_pcmcia_add_card() function in drivers/net/can/sja1000/ems_pcmcia.c. A local user can escalate privileges on the system.
159) NULL pointer dereference (CVE-ID: CVE-2021-47522)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bigben_worker() function in drivers/hid/hid-bigbenff.c. A local user can perform a denial of service (DoS) attack.
160) Information disclosure (CVE-ID: CVE-2021-47523)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the hfi1_init(), hfi1_free_devdata(), hfi1_alloc_devdata() and cleanup_device_data() functions in drivers/infiniband/hw/hfi1/init.c. A local user can gain access to sensitive information.
161) Information disclosure (CVE-ID: CVE-2021-47524)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the liteuart_probe() function in drivers/tty/serial/liteuart.c. A local user can gain access to sensitive information.
162) Use-after-free (CVE-ID: CVE-2021-47525)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the liteuart_remove() function in drivers/tty/serial/liteuart.c. A local user can escalate privileges on the system.
163) NULL pointer dereference (CVE-ID: CVE-2021-47526)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the liteuart_probe() function in drivers/tty/serial/liteuart.c. A local user can perform a denial of service (DoS) attack.
164) Memory leak (CVE-ID: CVE-2021-47527)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the uart_tty_port_shutdown() function in drivers/tty/serial/serial_core.c. A local user can perform a denial of service (DoS) attack.
165) NULL pointer dereference (CVE-ID: CVE-2021-47528)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cdnsp_endpoint_init() function in drivers/usb/cdns3/cdnsp-mem.c. A local user can perform a denial of service (DoS) attack.
166) Memory leak (CVE-ID: CVE-2021-47529)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iwl_uefi_reduce_power_section() function in drivers/net/wireless/intel/iwlwifi/fw/uefi.c. A local user can perform a denial of service (DoS) attack.
167) NULL pointer dereference (CVE-ID: CVE-2021-47533)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vc4_atomic_commit_tail() function in drivers/gpu/drm/vc4/vc4_kms.c. A local user can perform a denial of service (DoS) attack.
168) Memory leak (CVE-ID: CVE-2021-47534)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vc4_atomic_commit_tail() function in drivers/gpu/drm/vc4/vc4_kms.c. A local user can perform a denial of service (DoS) attack.
169) Out-of-bounds read (CVE-ID: CVE-2021-47535)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the a6xx_get_gmu_registers() function in drivers/gpu/drm/msm/adreno/a6xx_gpu_state.c. A local user can perform a denial of service (DoS) attack.
170) Buffer overflow (CVE-ID: CVE-2021-47536)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the smc_lgr_unregister_conn() function in net/smc/smc_core.c. A local user can escalate privileges on the system.
171) Memory leak (CVE-ID: CVE-2021-47537)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rvu_mbox_init() function in drivers/net/ethernet/marvell/octeontx2/af/rvu.c. A local user can perform a denial of service (DoS) attack.
172) NULL pointer dereference (CVE-ID: CVE-2021-47540)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mt7915_get_phy_mode() function in drivers/net/wireless/mediatek/mt76/mt7915/mcu.c. A local user can perform a denial of service (DoS) attack.
173) Use-after-free (CVE-ID: CVE-2021-47541)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlx4_en_try_alloc_resources() function in drivers/net/ethernet/mellanox/mlx4/en_netdev.c. A local user can escalate privileges on the system.
174) NULL pointer dereference (CVE-ID: CVE-2021-47542)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qlcnic_83xx_add_rings() function in drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c. A local user can perform a denial of service (DoS) attack.
175) Buffer overflow (CVE-ID: CVE-2021-47544)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the include/net/sock.h. A local user can perform a denial of service (DoS) attack.
176) Use-after-free (CVE-ID: CVE-2021-47549)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sata_fsl_init_controller() and sata_fsl_remove() functions in drivers/ata/sata_fsl.c. A local user can escalate privileges on the system.
177) Memory leak (CVE-ID: CVE-2021-47550)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_get_xgmi_hive() function in drivers/gpu/drm/amd/amdgpu/amdgpu_xgmi.c. A local user can perform a denial of service (DoS) attack.
178) Improper Initialization (CVE-ID: CVE-2021-47551)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the stop_cpsch() function in drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c. A local user can perform a denial of service (DoS) attack.
179) Memory leak (CVE-ID: CVE-2021-47553)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the init_idle() and idle_task_exit() functions in kernel/sched/core.c, within the bringup_cpu() function in kernel/cpu.c. A local user can perform a denial of service (DoS) attack.
180) NULL pointer dereference (CVE-ID: CVE-2021-47554)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vdpasim_free() function in drivers/vdpa/vdpa_sim/vdpa_sim.c. A local user can perform a denial of service (DoS) attack.
181) NULL pointer dereference (CVE-ID: CVE-2021-47556)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ethtool_set_coalesce() function in net/ethtool/ioctl.c. A local user can perform a denial of service (DoS) attack.
182) Resource management error (CVE-ID: CVE-2021-47558)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the stmmac_release() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.
183) NULL pointer dereference (CVE-ID: CVE-2021-47559)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smc_link_down_work() and smc_vlan_by_tcpsk() functions in net/smc/smc_core.c. A local user can perform a denial of service (DoS) attack.
184) NULL pointer dereference (CVE-ID: CVE-2021-47560)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlxsw_sp_pude_event_func() function in drivers/net/ethernet/mellanox/mlxsw/spectrum.c. A local user can perform a denial of service (DoS) attack.
185) NULL pointer dereference (CVE-ID: CVE-2021-47562)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_vsi_alloc_arrays() function in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.
186) Integer underflow (CVE-ID: CVE-2021-47563)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the ice_prepare_xdp_rings() and ice_xdp_setup_prog() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can execute arbitrary code.
187) Double Free (CVE-ID: CVE-2021-47564)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the prestera_port_bridge_join() function in drivers/net/ethernet/marvell/prestera/prestera_switchdev.c. A local user can perform a denial of service (DoS) attack.
188) Resource management error (CVE-ID: CVE-2021-47565)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the _scsih_ublock_io_device() function in drivers/scsi/mpt3sas/mpt3sas_scsih.c. A local user can perform a denial of service (DoS) attack.
189) Stack-based buffer overflow (CVE-ID: CVE-2022-48632)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to stack overflow within the mlxbf_i2c_smbus_start_transaction() function in drivers/i2c/busses/i2c-mlxbf.c. A local user can perform a denial of service (DoS) attack.
190) Improper locking (CVE-ID: CVE-2022-48634)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gma_crtc_page_flip() function in drivers/gpu/drm/gma500/gma_display.c. A local user can perform a denial of service (DoS) attack.
191) Resource management error (CVE-ID: CVE-2022-48636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dasd_alias_remove_device() and dasd_alias_get_start_dev() functions in drivers/s390/block/dasd_alias.c. A local user can perform a denial of service (DoS) attack.
192) Race condition (CVE-ID: CVE-2022-48652)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the ice_set_dflt_vsi_ctx(), ice_vsi_setup_q_map(), ice_vsi_setup_q_map_mqprio() and ice_vsi_cfg_tc() functions in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.
193) Resource management error (CVE-ID: CVE-2022-48662)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to resource management error within the i915_gem_context_release() and context_close() functions in drivers/gpu/drm/i915/gem/i915_gem_context.c. A local user can execute arbitrary code.
194) Improper locking (CVE-ID: CVE-2022-48671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cgroup_attach_task_all() function in kernel/cgroup/cgroup-v1.c. A local user can perform a denial of service (DoS) attack.
195) Off-by-one (CVE-ID: CVE-2022-48672)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an off-by-one error within the unflatten_dt_nodes() function in drivers/of/fdt.c. A local user can execute arbitrary code.
196) Improper locking (CVE-ID: CVE-2022-48673)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smc_wr_rx_process_cqes(), smc_wr_free_link() and smc_wr_create_link() functions in net/smc/smc_wr.c, within the smcr_link_init() function in net/smc/smc_core.c. A local user can perform a denial of service (DoS) attack.
197) Improper locking (CVE-ID: CVE-2022-48675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mmput_async() function in kernel/fork.c, within the mutex_unlock() function in drivers/infiniband/core/umem_odp.c. A local user can perform a denial of service (DoS) attack.
198) Use-after-free (CVE-ID: CVE-2022-48686)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_tcp_io_work() function in drivers/nvme/host/tcp.c. A local user can escalate privileges on the system.
199) Out-of-bounds read (CVE-ID: CVE-2022-48687)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to an out-of-bounds read error within the seg6_genl_sethmac() function in net/ipv6/seg6.c. A local user can gain access to sensitive information.
200) NULL pointer dereference (CVE-ID: CVE-2022-48688)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i40e_notify_client_of_netdev_close() and i40e_client_subtask() functions in drivers/net/ethernet/intel/i40e/i40e_client.c. A local user can perform a denial of service (DoS) attack.
201) NULL pointer dereference (CVE-ID: CVE-2022-48692)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the srp_process_rsp() function in drivers/infiniband/ulp/srp/ib_srp.c. A local user can perform a denial of service (DoS) attack.
202) Information disclosure (CVE-ID: CVE-2022-48693)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to information disclosure within the brcmstb_pm_probe() function in drivers/soc/bcm/brcmstb/pm/pm-arm.c. A local user can perform a denial of service (DoS) attack.
203) Improper locking (CVE-ID: CVE-2022-48694)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the irdma_generate_flush_completions() function in drivers/infiniband/hw/irdma/utils.c. A local user can execute arbitrary code.
204) Use-after-free (CVE-ID: CVE-2022-48695)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dequeue_next_fw_event() and _scsih_fw_event_cleanup_queue() functions in drivers/scsi/mpt3sas/mpt3sas_scsih.c. A local user can escalate privileges on the system.
205) Use-after-free (CVE-ID: CVE-2022-48697)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __nvmet_req_complete() function in drivers/nvme/target/core.c. A local user can escalate privileges on the system.
206) Information disclosure (CVE-ID: CVE-2022-48699)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the update_sched_domain_debugfs() function in kernel/sched/debug.c. A local user can gain access to sensitive information.
207) Information disclosure (CVE-ID: CVE-2022-48700)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the vaddr_get_pfns() function in drivers/vfio/vfio_iommu_type1.c. A local user can gain access to sensitive information.
208) Out-of-bounds read (CVE-ID: CVE-2022-48701)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snd_usb_parse_audio_interface() function in sound/usb/stream.c. A local user can perform a denial of service (DoS) attack.
209) Out-of-bounds read (CVE-ID: CVE-2022-48702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snd_emu10k1_pcm_channel_alloc() function in sound/pci/emu10k1/emupcm.c. A local user can perform a denial of service (DoS) attack.
210) NULL pointer dereference (CVE-ID: CVE-2022-48703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the int3400_setup_gddv(), int3400_thermal_probe() and int3400_thermal_remove() functions in drivers/thermal/intel/int340x_thermal/int3400_thermal.c. A local user can perform a denial of service (DoS) attack.
211) Improper locking (CVE-ID: CVE-2022-48704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the radeon_suspend_kms() function in drivers/gpu/drm/radeon/radeon_device.c. A local user can perform a denial of service (DoS) attack.
212) NULL pointer dereference (CVE-ID: CVE-2022-48708)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pcs_set_mux() function in drivers/pinctrl/pinctrl-single.c. A local user can perform a denial of service (DoS) attack.
213) Memory leak (CVE-ID: CVE-2022-48709)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ice_add_adv_recipe() function in drivers/net/ethernet/intel/ice/ice_switch.c. A local user can perform a denial of service (DoS) attack.
214) NULL pointer dereference (CVE-ID: CVE-2022-48710)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the radeon_fp_native_mode() function in drivers/gpu/drm/radeon/radeon_connectors.c. A local user can perform a denial of service (DoS) attack.
215) Improper locking (CVE-ID: CVE-2023-0160)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
216) Use-after-free (CVE-ID: CVE-2023-1829)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcindex_delete() function. A local user can trigger a use-after-free error and execute arbitrary code with root privileges.
217) Out-of-bounds read (CVE-ID: CVE-2023-2860)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the SR-IPv6 implementation when processing seg6 attributes. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
218) Use-after-free (CVE-ID: CVE-2023-47233)
The vulnerability allows an attacker to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcm80211 in a brcmf_cfg80211_detach in the device unplugging (disconnect the USB by hotplug) code. An attacker with physical access to device can trigger a use-after-free error and escalate privileges on the system.
219) Improper locking (CVE-ID: CVE-2023-52591)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reiserfs_rename() function in fs/reiserfs/namei.c. A local user can perform a denial of service (DoS) attack.
220) Resource management error (CVE-ID: CVE-2023-52654)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the scm_fp_copy() function in net/core/scm.c, within the io_finish_async() and io_sqe_files_register() functions in fs/io_uring.c. A local user can perform a denial of service (DoS) attack.
221) Buffer overflow (CVE-ID: CVE-2023-52655)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the aqc111_rx_fixup() function in drivers/net/usb/aqc111.c. A local user can perform a denial of service (DoS) attack.
222) Integer overflow (CVE-ID: CVE-2023-52676)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the check_ptr_to_map_access() and check_stack_access_within_bounds() functions in kernel/bpf/verifier.c. A local user can execute arbitrary code.
223) NULL pointer dereference (CVE-ID: CVE-2023-52686)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the opal_event_init() function in arch/powerpc/platforms/powernv/opal-irqchip.c. A local user can perform a denial of service (DoS) attack.
224) Memory leak (CVE-ID: CVE-2023-52690)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the scom_debug_init_one() function in arch/powerpc/platforms/powernv/opal-xscom.c. A local user can perform a denial of service (DoS) attack.
225) Memory leak (CVE-ID: CVE-2023-52702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ovs_meter_cmd_set() function in net/openvswitch/meter.c. A local user can perform a denial of service (DoS) attack.
226) Use of uninitialized resource (CVE-ID: CVE-2023-52703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the kalmia_send_init_packet() function in drivers/net/usb/kalmia.c. A local user can perform a denial of service (DoS) attack.
227) Use-after-free (CVE-ID: CVE-2023-52707)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the psi_trigger_destroy() function in kernel/sched/psi.c. A local user can escalate privileges on the system.
228) Improper error handling (CVE-ID: CVE-2023-52708)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mmc_spi_probe() function in drivers/mmc/host/mmc_spi.c. A local user can perform a denial of service (DoS) attack.
229) Information disclosure (CVE-ID: CVE-2023-52730)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the sdio_read_func_cis() and sdio_free_func_cis() functions in drivers/mmc/core/sdio_cis.c, within the sdio_release_func(), sdio_alloc_func() and sdio_add_func() functions in drivers/mmc/core/sdio_bus.c. A local user can gain access to sensitive information.
230) Buffer overflow (CVE-ID: CVE-2023-52733)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the decompress_kernel() function in arch/s390/boot/compressed/decompressor.c. A local user can perform a denial of service (DoS) attack.
231) NULL pointer dereference (CVE-ID: CVE-2023-52736)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_hda_codec_cleanup_for_unbind() function in sound/pci/hda/hda_codec.c, within the hda_codec_driver_probe() and hda_codec_driver_remove() functions in sound/pci/hda/hda_bind.c. A local user can perform a denial of service (DoS) attack.
232) NULL pointer dereference (CVE-ID: CVE-2023-52738)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_fence_driver_sw_fini() function in drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c. A local user can perform a denial of service (DoS) attack.
233) Double free (CVE-ID: CVE-2023-52739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the free_the_page() function in mm/page_alloc.c. A local user can perform a denial of service (DoS) attack.
234) Resource management error (CVE-ID: CVE-2023-52740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the exit_must_hard_disable() function in arch/powerpc/kernel/interrupt.c. A local user can perform a denial of service (DoS) attack.
235) Use-after-free (CVE-ID: CVE-2023-52741)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uncached_fill_pages() and readpages_fill_pages() functions in fs/cifs/file.c. A local user can escalate privileges on the system.
236) Resource management error (CVE-ID: CVE-2023-52742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pl_vendor_req() function in drivers/net/usb/plusb.c. A local user can perform a denial of service (DoS) attack.
237) Resource management error (CVE-ID: CVE-2023-52743)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ice_module_init() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
238) NULL pointer dereference (CVE-ID: CVE-2023-52744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the irdma_add_mqh_4() function in drivers/infiniband/hw/irdma/cm.c. A local user can perform a denial of service (DoS) attack.
239) NULL pointer dereference (CVE-ID: CVE-2023-52745)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ipoib_intf_init() function in drivers/infiniband/ulp/ipoib/ipoib_main.c. A local user can perform a denial of service (DoS) attack.
240) Information disclosure (CVE-ID: CVE-2023-52747)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the user_exp_rcv_setup() function in drivers/infiniband/hw/hfi1/file_ops.c. A local user can gain access to sensitive information.
241) NULL pointer dereference (CVE-ID: CVE-2023-52753)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_stream_get_vblank_counter() and dc_stream_get_scanoutpos() functions in drivers/gpu/drm/amd/display/dc/core/dc_stream.c. A local user can perform a denial of service (DoS) attack.
242) Input validation error (CVE-ID: CVE-2023-52754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the imon_probe() function in drivers/media/rc/imon.c. A local user can perform a denial of service (DoS) attack.
243) Buffer overflow (CVE-ID: CVE-2023-52756)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the include/linux/pwm.h. A local user can escalate privileges on the system.
244) Reachable Assertion (CVE-ID: CVE-2023-52759)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the qd_check_sync() function in fs/gfs2/quota.c. A local user can perform a denial of service (DoS) attack.
245) Resource management error (CVE-ID: CVE-2023-52763)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the hci_dat_v1_init(), hci_dat_v1_cleanup() and hci_dat_v1_free_entry() functions in drivers/i3c/master/mipi-i3c-hci/dat_v1.c. A local user can perform a denial of service (DoS) attack.
246) Out-of-bounds read (CVE-ID: CVE-2023-52764)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the set_flicker() function in drivers/media/usb/gspca/cpia1.c. A local user can perform a denial of service (DoS) attack.
247) Out-of-bounds read (CVE-ID: CVE-2023-52766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hci_dma_irq_handler() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.
248) Improper locking (CVE-ID: CVE-2023-52774)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dasd_profile_start() function in drivers/s390/block/dasd.c. A local user can perform a denial of service (DoS) attack.
249) Incorrect calculation (CVE-ID: CVE-2023-52781)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the usb_get_bos_descriptor() function in drivers/usb/core/config.c. A local user can perform a denial of service (DoS) attack.
250) NULL pointer dereference (CVE-ID: CVE-2023-52788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i915_perf_open_ioctl(), i915_perf_add_config_ioctl() and i915_perf_remove_config_ioctl() functions in drivers/gpu/drm/i915/i915_perf.c. A local user can perform a denial of service (DoS) attack.
251) NULL pointer dereference (CVE-ID: CVE-2023-52789)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vcc_probe() and vcc_table_remove() functions in drivers/tty/vcc.c. A local user can perform a denial of service (DoS) attack.
252) Improper locking (CVE-ID: CVE-2023-52791)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/i2c/i2c-core.h. A local user can perform a denial of service (DoS) attack.
253) Use-after-free (CVE-ID: CVE-2023-52798)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath11k_wmi_pdev_dfs_radar_detected_event() function in drivers/net/wireless/ath/ath11k/wmi.c. A local user can escalate privileges on the system.
254) Out-of-bounds read (CVE-ID: CVE-2023-52799)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAllocCtl(), dbFindCtl(), dbAllocDmapLev(), dbAdjTree() and dbFindLeaf() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
255) Use-after-free (CVE-ID: CVE-2023-52800)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath11k_htt_pktlog() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can escalate privileges on the system.
256) Out-of-bounds read (CVE-ID: CVE-2023-52804)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
257) Out-of-bounds read (CVE-ID: CVE-2023-52805)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the diInitInode() and diAlloc() functions in fs/jfs/jfs_imap.c. A local user can perform a denial of service (DoS) attack.
258) NULL pointer dereference (CVE-ID: CVE-2023-52806)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_hdac_stream_assign() function in sound/hda/hdac_stream.c. A local user can perform a denial of service (DoS) attack.
259) Out-of-bounds read (CVE-ID: CVE-2023-52810)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
260) NULL pointer dereference (CVE-ID: CVE-2023-52811)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ibmvfc_get_event(), ibmvfc_queuecommand(), ibmvfc_bsg_timeout(), ibmvfc_bsg_plogi(), ibmvfc_bsg_request(), ibmvfc_reset_device(), ibmvfc_init_tmf(), ibmvfc_cancel_all_mq(), ibmvfc_abort_task_set(), ibmvfc_tgt_send_prli(), ibmvfc_tgt_send_plogi(), __ibmvfc_tgt_get_implicit_logout_evt(), ibmvfc_tgt_implicit_logout(), ibmvfc_tgt_move_login(), ibmvfc_adisc_timeout(), ibmvfc_tgt_adisc(), ibmvfc_tgt_query_target(), ibmvfc_discover_targets(), ibmvfc_channel_setup(), ibmvfc_channel_enquiry(), ibmvfc_npiv_login() and ibmvfc_npiv_logout() functions in drivers/scsi/ibmvscsi/ibmvfc.c. A local user can perform a denial of service (DoS) attack.
261) NULL pointer dereference (CVE-ID: CVE-2023-52814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_device_gpu_recover() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
262) Out-of-bounds read (CVE-ID: CVE-2023-52816)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the svm_range_apply_attrs() function in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can perform a denial of service (DoS) attack.
263) NULL pointer dereference (CVE-ID: CVE-2023-52817)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_debugfs_regs_smc_read() and amdgpu_debugfs_regs_smc_write() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c. A local user can perform a denial of service (DoS) attack.
264) Out-of-bounds read (CVE-ID: CVE-2023-52818)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/include/pptable.h, drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h. A local user can perform a denial of service (DoS) attack.
265) Out-of-bounds read (CVE-ID: CVE-2023-52819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h. A local user can perform a denial of service (DoS) attack.
266) NULL pointer dereference (CVE-ID: CVE-2023-52821)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the versatile_panel_get_modes() function in drivers/gpu/drm/panel/panel-arm-versatile.c. A local user can perform a denial of service (DoS) attack.
267) Use-after-free (CVE-ID: CVE-2023-52825)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svm_range_vram_node_free() function in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can escalate privileges on the system.
268) NULL pointer dereference (CVE-ID: CVE-2023-52826)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tpg110_get_modes() function in drivers/gpu/drm/panel/panel-tpo-tpg110.c. A local user can perform a denial of service (DoS) attack.
269) Integer overflow (CVE-ID: CVE-2023-52832)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the ieee80211_get_tx_power() function in net/mac80211/cfg.c. A local user can execute arbitrary code.
270) NULL pointer dereference (CVE-ID: CVE-2023-52833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btusb_mtk_hci_wmt_sync() function in drivers/bluetooth/btusb.c. A local user can perform a denial of service (DoS) attack.
271) Buffer overflow (CVE-ID: CVE-2023-52834)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the atl1c_set_mac_addr(), atl1c_init_ring_ptrs(), atl1c_free_ring_resources(), atl1c_rx_checksum() and atl1c_alloc_rx_buffer() functions in drivers/net/ethernet/atheros/atl1c/atl1c_main.c. A local user can escalate privileges on the system.
272) Improper error handling (CVE-ID: CVE-2023-52838)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the imsttfb_probe() function in drivers/video/fbdev/imsttfb.c. A local user can perform a denial of service (DoS) attack.
273) Use-after-free (CVE-ID: CVE-2023-52840)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rmi_unregister_function() function in drivers/input/rmi4/rmi_bus.c. A local user can escalate privileges on the system.
274) Memory leak (CVE-ID: CVE-2023-52841)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vidtv_mux_init() and vidtv_channel_si_destroy() functions in drivers/media/test-drivers/vidtv/vidtv_mux.c. A local user can perform a denial of service (DoS) attack.
275) NULL pointer dereference (CVE-ID: CVE-2023-52844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vidtv_psi_service_desc_init() and kstrdup() functions in drivers/media/test-drivers/vidtv/vidtv_psi.c. A local user can perform a denial of service (DoS) attack.
276) Use-after-free (CVE-ID: CVE-2023-52847)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bttv_remove() function in drivers/media/pci/bt8xx/bttv-driver.c. A local user can escalate privileges on the system.
277) NULL pointer dereference (CVE-ID: CVE-2023-52853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cp2112_gpio_irq_startup() and cp2112_probe() functions in drivers/hid/hid-cp2112.c. A local user can perform a denial of service (DoS) attack.
278) Use-after-free (CVE-ID: CVE-2023-52854)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL() function in kernel/padata.c. A local user can escalate privileges on the system.
279) NULL pointer dereference (CVE-ID: CVE-2023-52855)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.
280) NULL pointer dereference (CVE-ID: CVE-2023-52856)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lt8912_bridge_detach() function in drivers/gpu/drm/bridge/lontium-lt8912b.c. A local user can perform a denial of service (DoS) attack.
281) NULL pointer dereference (CVE-ID: CVE-2023-52858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init() and mtk_pericfg_init() functions in drivers/clk/mediatek/clk-mt7629.c. A local user can perform a denial of service (DoS) attack.
282) Buffer overflow (CVE-ID: CVE-2023-52864)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the wmi_dev_match() function in drivers/platform/x86/wmi.c. A local user can escalate privileges on the system.
283) NULL pointer dereference (CVE-ID: CVE-2023-52865)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init_early() and mtk_infrasys_init() functions in drivers/clk/mediatek/clk-mt6797.c. A local user can perform a denial of service (DoS) attack.
284) Buffer overflow (CVE-ID: CVE-2023-52867)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the drivers/gpu/drm/radeon/evergreen.c. A local user can escalate privileges on the system.
285) Buffer overflow (CVE-ID: CVE-2023-52868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the thermal_zone_bind_cooling_device() function in drivers/thermal/thermal_core.c. A local user can perform a denial of service (DoS) attack.
286) NULL pointer dereference (CVE-ID: CVE-2023-52870)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_mt6765_apmixed_probe(), clk_mt6765_top_probe() and clk_mt6765_ifr_probe() functions in drivers/clk/mediatek/clk-mt6765.c. A local user can perform a denial of service (DoS) attack.
287) Buffer overflow (CVE-ID: CVE-2023-52871)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the qcom_llcc_probe() function in drivers/soc/qcom/llcc-qcom.c. A local user can perform a denial of service (DoS) attack.
288) Race condition (CVE-ID: CVE-2023-52872)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the gsm_modem_upd_via_msc() function in drivers/tty/n_gsm.c. A local user can escalate privileges on the system.
289) NULL pointer dereference (CVE-ID: CVE-2023-52873)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_mt6779_apmixed_probe() and clk_mt6779_top_probe() functions in drivers/clk/mediatek/clk-mt6779.c. A local user can perform a denial of service (DoS) attack.
290) NULL pointer dereference (CVE-ID: CVE-2023-52875)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init_early(), mtk_infrasys_init() and mtk_pericfg_init() functions in drivers/clk/mediatek/clk-mt2701.c. A local user can perform a denial of service (DoS) attack.
291) NULL pointer dereference (CVE-ID: CVE-2023-52876)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_mt7629_ethsys_init() and clk_mt7629_sgmiisys_init() functions in drivers/clk/mediatek/clk-mt7629-eth.c. A local user can perform a denial of service (DoS) attack.
292) NULL pointer dereference (CVE-ID: CVE-2023-52877)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tcpm_pd_svdm() function in drivers/usb/typec/tcpm/tcpm.c. A local user can perform a denial of service (DoS) attack.
293) Out-of-bounds read (CVE-ID: CVE-2023-52878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the can_put_echo_skb() function in drivers/net/can/dev/skb.c. A local user can perform a denial of service (DoS) attack.
294) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-52880)
The vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to missing permissions checks within the gsmld_open() function in drivers/tty/n_gsm.c. A local user with CAP_NET_ADMIN capability can create a GSM network.
295) Race condition (CVE-ID: CVE-2023-6531)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition when the unix garbage collector's deletion of a SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. A local user can exploit the race and escalate privileges on the system.
296) Improper locking (CVE-ID: CVE-2024-0639)
The vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to improper locking within the sctp_auto_asconf_init() function in net/sctp/socket.c. A local user can crash the kernel.
297) Use-after-free (CVE-ID: CVE-2024-26739)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcf_mirred_to_dev() function in net/sched/act_mirred.c. A local user can escalate privileges on the system.
298) Resource management error (CVE-ID: CVE-2024-26764)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kiocb_set_cancel_fn() and aio_prep_rw() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.
299) Integer underflow (CVE-ID: CVE-2024-26828)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the parse_server_interfaces() function in fs/smb/client/smb2ops.c. A local user can execute arbitrary code.
300) Memory leak (CVE-ID: CVE-2024-26840)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kmem_cache_free() and cachefiles_daemon_unbind() functions in fs/cachefiles/bind.c. A local user can perform a denial of service (DoS) attack.
301) Use-after-free (CVE-ID: CVE-2024-26852)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_route_multipath_add() and list_for_each_entry_safe() functions in net/ipv6/route.c. A local user can escalate privileges on the system.
302) Race condition within a thread (CVE-ID: CVE-2024-26862)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the packet_setsockopt() and packet_getsockopt() functions in net/packet/af_packet.c, within the dev_queue_xmit_nit() function in net/core/dev.c. A local user can manipulate data.
303) Integer underflow (CVE-ID: CVE-2024-26921)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nf_ct_frag6_queue() and nf_ct_frag6_gather() functions in net/ipv6/netfilter/nf_conntrack_reasm.c, within the ip_frag_queue() and ip_defrag() functions in net/ipv4/ip_fragment.c, within the FRAG_CB(), inet_frag_queue_insert(), inet_frag_reasm_prepare(), EXPORT_SYMBOL() and inet_frag_reasm_finish() functions in net/ipv4/inet_fragment.c. A local user can execute arbitrary code.
304) Improper locking (CVE-ID: CVE-2024-26925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __nf_tables_abort() and nf_tables_abort() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
305) Use-after-free (CVE-ID: CVE-2024-26928)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_debug_files_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
306) Double free (CVE-ID: CVE-2024-26929)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a double free error within the qla2x00_els_dcmd_sp_free() and qla24xx_els_dcmd_iocb() functions in drivers/scsi/qla2xxx/qla_iocb.c. A local user can execute arbitrary code.
307) Double free (CVE-ID: CVE-2024-26930)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a double free error within the kfree() function in drivers/scsi/qla2xxx/qla_os.c. A local user can execute arbitrary code.
308) Use-after-free (CVE-ID: CVE-2024-27398)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the sco_sock_timeout() function in net/bluetooth/sco.c. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
309) Buffer overflow (CVE-ID: CVE-2024-27413)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the efi_capsule_open() function in drivers/firmware/efi/capsule-loader.c. A local user can escalate privileges on the system.
310) Use-after-free (CVE-ID: CVE-2024-35811)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcmf_notify_escan_complete() and brcmf_cfg80211_detach() functions in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. A local user can escalate privileges on the system.
311) Resource management error (CVE-ID: CVE-2024-35815)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the aio_setup_ring() and kiocb_set_cancel_fn() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.
312) Resource management error (CVE-ID: CVE-2024-35817)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_ttm_gart_bind() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can perform a denial of service (DoS) attack.
313) Use-after-free (CVE-ID: CVE-2024-35863)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the is_valid_oplock_break() function in fs/smb/client/misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
314) Use-after-free (CVE-ID: CVE-2024-35867)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_stats_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
315) Use-after-free (CVE-ID: CVE-2024-35868)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_stats_proc_write() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
316) Improper locking (CVE-ID: CVE-2024-35895)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
317) NULL pointer dereference (CVE-ID: CVE-2024-35904)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_sel_fs() function in security/selinux/selinuxfs.c. A local user can perform a denial of service (DoS) attack.
318) Out-of-bounds read (CVE-ID: CVE-2024-35905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the check_stack_access_within_bounds() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
319) Improper locking (CVE-ID: CVE-2024-35914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lock_rename() and unlock_rename() functions in fs/nfsd/vfs.c. A local user can perform a denial of service (DoS) attack.
320) NULL pointer dereference (CVE-ID: CVE-2024-36926)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pci_dma_bus_setup_pSeriesLP() function in arch/powerpc/platforms/pseries/iommu.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.