SB2024091406 - openEuler 24.03 LTS update for kernel
Published: September 14, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 93 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2024-36934)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bnad_debugfs_write_regrd() and bnad_debugfs_write_regwr() functions in drivers/net/ethernet/brocade/bna/bnad_debugfs.c. A local user can perform a denial of service (DoS) attack.
2) Improper locking (CVE-ID: CVE-2024-37078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_segctor_prepare_write() function in fs/nilfs2/segment.c. A local user can perform a denial of service (DoS) attack.
3) NULL pointer dereference (CVE-ID: CVE-2024-40959)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xfrm6_get_saddr() function in net/ipv6/xfrm6_policy.c. A local user can perform a denial of service (DoS) attack.
4) Race condition (CVE-ID: CVE-2024-40976)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the lima_sched_timedout_job() function in drivers/gpu/drm/lima/lima_sched.c. A local user can escalate privileges on the system.
5) Resource management error (CVE-ID: CVE-2024-40978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qedi_dbg_do_not_recover_cmd_read() function in drivers/scsi/qedi/qedi_debugfs.c. A local user can perform a denial of service (DoS) attack.
6) Use-after-free (CVE-ID: CVE-2024-41012)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fcntl_setlk() function in fs/locks.c. A local user can escalate privileges on the system.
7) Out-of-bounds read (CVE-ID: CVE-2024-41016)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ocfs2_xattr_find_entry() function in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.
8) NULL pointer dereference (CVE-ID: CVE-2024-41037)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hda_dai_suspend() function in sound/soc/sof/intel/hda-dai.c. A local user can perform a denial of service (DoS) attack.
9) Improper Initialization (CVE-ID: CVE-2024-41052)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the vfio_pci_ioctl_get_pci_hot_reset_info() function in drivers/vfio/pci/vfio_pci_core.c. A local user can perform a denial of service (DoS) attack.
10) Out-of-bounds read (CVE-ID: CVE-2024-41071)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ieee80211_prep_hw_scan() function in net/mac80211/scan.c. A local user can perform a denial of service (DoS) attack.
11) Resource management error (CVE-ID: CVE-2024-41082)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nvmf_reg_read32(), nvmf_reg_read64() and nvmf_reg_write32() functions in drivers/nvme/host/fabrics.c. A local user can perform a denial of service (DoS) attack.
12) NULL pointer dereference (CVE-ID: CVE-2024-41098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ata_host_release() function in drivers/ata/libata-core.c. A local user can perform a denial of service (DoS) attack.
13) Input validation error (CVE-ID: CVE-2024-42139)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ice_ptp_extts_event(), ice_ptp_cfg_extts(), ice_ptp_gpio_enable_e810(), ice_ptp_gpio_enable_e823(), ice_ptp_rebuild_owner() and ice_ptp_release() functions in drivers/net/ethernet/intel/ice/ice_ptp.c. A local user can perform a denial of service (DoS) attack.
14) Memory leak (CVE-ID: CVE-2024-42152)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvmet_sq_destroy() function in drivers/nvme/target/core.c. A local user can perform a denial of service (DoS) attack.
15) Improper locking (CVE-ID: CVE-2024-42153)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the wait_reset(), i2c_pnx_master_xmit(), i2c_pnx_master_rcv(), i2c_pnx_interrupt(), i2c_pnx_timeout(), i2c_pnx_xfer() and i2c_pnx_probe() functions in drivers/i2c/busses/i2c-pnx.c. A local user can perform a denial of service (DoS) attack.
16) Improper locking (CVE-ID: CVE-2024-42234)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the folio_migrate_mapping() function in mm/migrate.c, within the mem_cgroup_migrate() function in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.
17) NULL pointer dereference (CVE-ID: CVE-2024-42235)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the crst_table_alloc() and base_crst_alloc() functions in arch/s390/mm/pgalloc.c. A local user can perform a denial of service (DoS) attack.
18) Infinite loop (CVE-ID: CVE-2024-42237)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the cs_dsp_load(), cs_dsp_load_coeff() and regmap_async_complete() functions in drivers/firmware/cirrus/cs_dsp.c. A local user can perform a denial of service (DoS) attack.
19) Infinite loop (CVE-ID: CVE-2024-42238)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the cs_dsp_load() and cs_dsp_load_coeff() functions in drivers/firmware/cirrus/cs_dsp.c. A local user can perform a denial of service (DoS) attack.
20) Improper locking (CVE-ID: CVE-2024-42239)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __bpf_async_init(), drop_prog_refcnt(), BPF_CALL_1() and hrtimer_cancel() functions in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
21) Buffer overflow (CVE-ID: CVE-2024-42240)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYM_INNER_LABEL() function in arch/x86/entry/entry_64_compat.S. A local user can perform a denial of service (DoS) attack.
22) Resource management error (CVE-ID: CVE-2024-42241)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the shmem_confirm_swap() and shmem_is_huge() functions in mm/shmem.c. A local user can perform a denial of service (DoS) attack.
23) Improper error handling (CVE-ID: CVE-2024-42243)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the include/linux/pagemap.h. A local user can perform a denial of service (DoS) attack.
24) Improper error handling (CVE-ID: CVE-2024-42248)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ma35d1serial_probe() function in drivers/tty/serial/ma35d1_serial.c. A local user can perform a denial of service (DoS) attack.
25) Improper locking (CVE-ID: CVE-2024-42250)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cachefiles_daemon_poll() function in fs/cachefiles/daemon.c. A local user can perform a denial of service (DoS) attack.
26) Resource management error (CVE-ID: CVE-2024-42253)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pca953x_irq_bus_sync_unlock() function in drivers/gpio/gpio-pca953x.c. A local user can perform a denial of service (DoS) attack.
27) Input validation error (CVE-ID: CVE-2024-42258)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __thp_get_unmapped_area() function in mm/huge_memory.c. A local user can perform a denial of service (DoS) attack.
28) Buffer overflow (CVE-ID: CVE-2024-42259)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the i915_error_to_vmf_fault() and vm_fault_gtt() functions in drivers/gpu/drm/i915/gem/i915_gem_mman.c. A local user can perform a denial of service (DoS) attack.
29) Use-after-free (CVE-ID: CVE-2024-42271)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iucv_sever_path() function in net/iucv/af_iucv.c. A local user can escalate privileges on the system.
30) Use of uninitialized resource (CVE-ID: CVE-2024-42272)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the DEFINE_MUTEX() and offsetof() functions in net/sched/act_ct.c. A local user can perform a denial of service (DoS) attack.
31) Input validation error (CVE-ID: CVE-2024-42276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nvme_prep_rq() function in drivers/nvme/host/pci.c. A local user can perform a denial of service (DoS) attack.
32) NULL pointer dereference (CVE-ID: CVE-2024-42277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sprd_iommu_cleanup() function in drivers/iommu/sprd-iommu.c. A local user can perform a denial of service (DoS) attack.
33) Improper error handling (CVE-ID: CVE-2024-42279)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the REG_CONTROL2() and mchp_corespi_transfer_one() functions in drivers/spi/spi-microchip-core.c. A local user can perform a denial of service (DoS) attack.
34) Input validation error (CVE-ID: CVE-2024-42291)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ice_vc_fdir_reset_cnt_all(), ice_vc_add_fdir_fltr_post(), ice_vc_del_fdir_fltr_post() and ice_vc_add_fdir_fltr() functions in drivers/net/ethernet/intel/ice/ice_virtchnl_fdir.c, within the ice_parse_rx_flow_user_data() function in drivers/net/ethernet/intel/ice/ice_ethtool_fdir.c. A local user can perform a denial of service (DoS) attack.
35) Improper locking (CVE-ID: CVE-2024-42294)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the del_gendisk() function in block/genhd.c. A local user can perform a denial of service (DoS) attack.
36) Improper locking (CVE-ID: CVE-2024-42296)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the f2fs_convert_inline_inode() function in fs/f2fs/inline.c. A local user can perform a denial of service (DoS) attack.
37) NULL pointer dereference (CVE-ID: CVE-2024-42298)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qmc_audio_dai_parse() function in sound/soc/fsl/fsl_qmc_audio.c. A local user can perform a denial of service (DoS) attack.
38) Input validation error (CVE-ID: CVE-2024-42303)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pxp_probe() function in drivers/media/platform/nxp/imx-pxp.c. A local user can perform a denial of service (DoS) attack.
39) NULL pointer dereference (CVE-ID: CVE-2024-42307)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_cifs(), destroy_mids() and destroy_workqueue() functions in fs/smb/client/cifsfs.c. A local user can perform a denial of service (DoS) attack.
40) Use-after-free (CVE-ID: CVE-2024-42314)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the add_ra_bio_pages() function in fs/btrfs/compression.c. A local user can escalate privileges on the system.
41) Improper locking (CVE-ID: CVE-2024-42315)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the exfat_get_dentry_set() function in fs/exfat/dir.c. A local user can perform a denial of service (DoS) attack.
42) Integer underflow (CVE-ID: CVE-2024-42316)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the folio_rotate_reclaimable() function in mm/vmscan.c. A local user can execute arbitrary code.
43) Reachable assertion (CVE-ID: CVE-2024-42317)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the __thp_vma_allowable_orders() function in mm/huge_memory.c. A local user can perform a denial of service (DoS) attack.
44) NULL pointer dereference (CVE-ID: CVE-2024-42320)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dasd_copy_pair_store() function in drivers/s390/block/dasd_devmap.c. A local user can perform a denial of service (DoS) attack.
45) Resource management error (CVE-ID: CVE-2024-42321)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __skb_flow_dissect() function in net/core/flow_dissector.c. A local user can perform a denial of service (DoS) attack.
46) Input validation error (CVE-ID: CVE-2024-43817)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the include/linux/virtio_net.h. A local user can perform a denial of service (DoS) attack.
47) NULL pointer dereference (CVE-ID: CVE-2024-43818)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the st_es8336_late_probe() function in sound/soc/amd/acp-es8336.c. A local user can perform a denial of service (DoS) attack.
48) NULL pointer dereference (CVE-ID: CVE-2024-43821)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_xcvr_data_show() function in drivers/scsi/lpfc/lpfc_attr.c. A local user can perform a denial of service (DoS) attack.
49) Out-of-bounds read (CVE-ID: CVE-2024-43825)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iio_gts_build_avail_time_table() function in drivers/iio/industrialio-gts-helper.c. A local user can perform a denial of service (DoS) attack.
50) Improper locking (CVE-ID: CVE-2024-43826)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfs_wb_folio_cancel() and nfs_wb_folio() functions in fs/nfs/write.c, within the nfs_read_folio() function in fs/nfs/read.c, within the nfs_invalidate_folio() and nfs_launder_folio() functions in fs/nfs/file.c. A local user can perform a denial of service (DoS) attack.
51) NULL pointer dereference (CVE-ID: CVE-2024-43829)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qxl_add_mode() function in drivers/gpu/drm/qxl/qxl_display.c. A local user can perform a denial of service (DoS) attack.
52) Improper locking (CVE-ID: CVE-2024-43832)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the make_folio_secure() and folio_wait_writeback() functions in arch/s390/kernel/uv.c. A local user can perform a denial of service (DoS) attack.
53) NULL pointer dereference (CVE-ID: CVE-2024-43833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the v4l2_async_create_ancillary_links() function in drivers/media/v4l2-core/v4l2-async.c. A local user can perform a denial of service (DoS) attack.
54) NULL pointer dereference (CVE-ID: CVE-2024-43837)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/bpf_verifier.h. A local user can perform a denial of service (DoS) attack.
55) Resource management error (CVE-ID: CVE-2024-43841)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the virt_wifi_inform_bss(), virt_wifi_connect() and virt_wifi_connect_complete() functions in drivers/net/wireless/virt_wifi.c. A local user can perform a denial of service (DoS) attack.
56) Input validation error (CVE-ID: CVE-2024-43842)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the rtw89_sta_info_get_iter() function in drivers/net/wireless/realtek/rtw89/debug.c. A local user can perform a denial of service (DoS) attack.
57) Use of uninitialized resource (CVE-ID: CVE-2024-43845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the udf_rename() function in fs/udf/namei.c. A local user can perform a denial of service (DoS) attack.
58) Resource management error (CVE-ID: CVE-2024-43846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the objagg_obj_parent_assign() function in lib/objagg.c. A local user can perform a denial of service (DoS) attack.
59) Input validation error (CVE-ID: CVE-2024-43847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/net/wireless/ath/ath12k/hw.c. A local user can perform a denial of service (DoS) attack.
60) Input validation error (CVE-ID: CVE-2024-43849)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pdr_locator_new_server(), pdr_locator_del_server() and pdr_get_domain_list() functions in drivers/soc/qcom/pdr_interface.c. A local user can perform a denial of service (DoS) attack.
61) Resource management error (CVE-ID: CVE-2024-43850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bwmon_start() and bwmon_probe() functions in drivers/soc/qcom/icc-bwmon.c. A local user can perform a denial of service (DoS) attack.
62) Resource management error (CVE-ID: CVE-2024-43851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the DEFINE_PER_CPU_READ_MOSTLY(), xlnx_disable_percpu_irq() and xlnx_event_init_sgi() functions in drivers/soc/xilinx/xlnx_event_manager.c. A local user can perform a denial of service (DoS) attack.
63) Improper locking (CVE-ID: CVE-2024-43855)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the md_end_flush(), submit_flushes() and md_submit_flush_data() functions in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
64) Buffer overflow (CVE-ID: CVE-2024-43856)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dmam_free_coherent() function in kernel/dma/mapping.c. A local user can perform a denial of service (DoS) attack.
65) NULL pointer dereference (CVE-ID: CVE-2024-43859)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the f2fs_set_inode_flags() function in fs/f2fs/inode.c, within the f2fs_file_mmap() and f2fs_file_open() functions in fs/f2fs/file.c. A local user can perform a denial of service (DoS) attack.
66) Input validation error (CVE-ID: CVE-2024-43883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vhci_urb_enqueue(), vhci_shutdown_connection() and vhci_device_reset() functions in drivers/usb/usbip/vhci_hcd.c. A local user can perform a denial of service (DoS) attack.
67) NULL pointer dereference (CVE-ID: CVE-2024-43884)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pair_device() function in net/bluetooth/mgmt.c. A local user can perform a denial of service (DoS) attack.
68) Division by zero (CVE-ID: CVE-2024-43889)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the padata_do_multithreaded() function in kernel/padata.c. A local user can perform a denial of service (DoS) attack.
69) Buffer overflow (CVE-ID: CVE-2024-43890)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the get_free_elt(), tracing_map_clear() and tracing_map_create() functions in kernel/trace/tracing_map.c. A local user can escalate privileges on the system.
70) Use-after-free (CVE-ID: CVE-2024-43891)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the trigger_start(), event_trigger_regex_open() and event_trigger_regex_write() functions in kernel/trace/trace_events_trigger.c, within the event_inject_write() function in kernel/trace/trace_events_inject.c, within the hist_show() and hist_debug_show() functions in kernel/trace/trace_events_hist.c, within the event_enable_read(), event_enable_write(), f_next(), f_show(), event_filter_read(), event_filter_write() and event_callback() functions in kernel/trace/trace_events.c. A local user can escalate privileges on the system.
71) NULL pointer dereference (CVE-ID: CVE-2024-43895)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the is_dsc_need_re_compute() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c. A local user can perform a denial of service (DoS) attack.
72) Input validation error (CVE-ID: CVE-2024-43897)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __udp_gso_segment() function in net/ipv4/udp_offload.c, within the tcp_gso_segment() function in net/ipv4/tcp_offload.c. A local user can perform a denial of service (DoS) attack.
73) NULL pointer dereference (CVE-ID: CVE-2024-43898)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ext4_da_do_write_end() function in fs/ext4/inode.c, within the __block_commit_write() function in fs/buffer.c. A local user can perform a denial of service (DoS) attack.
74) NULL pointer dereference (CVE-ID: CVE-2024-43899)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn20_get_dcc_compression_cap() function in drivers/gpu/drm/amd/display/dc/resource/dcn20/dcn20_resource.c. A local user can perform a denial of service (DoS) attack.
75) Use-after-free (CVE-ID: CVE-2024-43900)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the load_firmware_cb() function in drivers/media/tuners/xc2028.c. A local user can escalate privileges on the system.
76) NULL pointer dereference (CVE-ID: CVE-2024-43902)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dm_suspend(), create_eml_sink() and amdgpu_dm_connector_get_modes() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
77) NULL pointer dereference (CVE-ID: CVE-2024-43905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vega10_find_dpm_states_clocks_in_dpm_table(), vega10_generate_dpm_level_enable_mask(), vega10_check_states_equal(), vega10_set_sclk_od(), vega10_set_mclk_od(), vega10_odn_update_power_state() and vega10_get_performance_level() functions in drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_hwmgr.c. A local user can perform a denial of service (DoS) attack.
78) NULL pointer dereference (CVE-ID: CVE-2024-43906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ta_if_invoke_debugfs_write() function in drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c. A local user can perform a denial of service (DoS) attack.
79) NULL pointer dereference (CVE-ID: CVE-2024-43907)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vega10_apply_state_adjust_rules() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/vega10_hwmgr.c, within the smu8_apply_state_adjust_rules() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu8_hwmgr.c, within the smu7_apply_state_adjust_rules() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c. A local user can perform a denial of service (DoS) attack.
80) NULL pointer dereference (CVE-ID: CVE-2024-43908)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_ras_interrupt_process_handler() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c. A local user can perform a denial of service (DoS) attack.
81) NULL pointer dereference (CVE-ID: CVE-2024-43909)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smu7_update_edc_leakage_table() and smu7_hwmgr_backend_init() functions in drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c. A local user can perform a denial of service (DoS) attack.
82) Input validation error (CVE-ID: CVE-2024-43912)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __nl80211_set_channel() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
83) Memory leak (CVE-ID: CVE-2024-43913)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the devm_apple_nvme_mempool_destroy() and apple_nvme_probe() functions in drivers/nvme/host/apple.c. A local user can perform a denial of service (DoS) attack.
84) Input validation error (CVE-ID: CVE-2024-43914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the reshape_request() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.
85) Use-after-free (CVE-ID: CVE-2024-44934)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the br_multicast_del_port() function in net/bridge/br_multicast.c. A local user can escalate privileges on the system.
86) NULL pointer dereference (CVE-ID: CVE-2024-44935)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __sctp_hash_endpoint() and __sctp_unhash_endpoint() functions in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.
87) Resource management error (CVE-ID: CVE-2024-44940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the NAPI_GRO_CB() function in net/ipv4/fou_core.c. A local user can perform a denial of service (DoS) attack.
88) Input validation error (CVE-ID: CVE-2024-44942)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the fs/f2fs/gc.c. A local user can perform a denial of service (DoS) attack.
89) Use-after-free (CVE-ID: CVE-2024-44946)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kcm_sendmsg(), KCM_STATS_ADD(), sk->sk_write_space() and init_kcm_sock() functions in net/kcm/kcmsock.c. A local user can escalate privileges on the system.
90) Memory leak (CVE-ID: CVE-2024-44947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fuse_notify_store() function in fs/fuse/dev.c. A local user can perform a denial of service (DoS) attack.
91) Resource management error (CVE-ID: CVE-2024-44961)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_job_prepare_job() function in drivers/gpu/drm/amd/amdgpu/amdgpu_job.c. A local user can perform a denial of service (DoS) attack.
92) Buffer overflow (CVE-ID: CVE-2024-44966)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the DATA_START_OFFSET_WORDS() and load_flat_binary() functions in fs/binfmt_flat.c. A local user can escalate privileges on the system.
93) Memory leak (CVE-ID: CVE-2024-44971)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm_sf2_mdio_register() function in drivers/net/dsa/bcm_sf2.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.