SB2025012911 - Multiple vulnerabilities in IBM Security Guardium
Published: January 29, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 354 secuirty vulnerabilities.
1) Improper locking (CVE-ID: CVE-2024-41064)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the eeh_pe_bus_get() function in arch/powerpc/kernel/eeh_pe.c. A local user can perform a denial of service (DoS) attack.
2) Input validation error (CVE-ID: CVE-2024-36887)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the e1000e_read_phy_reg_mdic() and e1000e_write_phy_reg_mdic() functions in drivers/net/ethernet/intel/e1000e/phy.c. A local user can perform a denial of service (DoS) attack.
3) Out-of-bounds read (CVE-ID: CVE-2024-26795)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the arch/riscv/include/asm/pgtable.h. A local user can perform a denial of service (DoS) attack.
4) Memory leak (CVE-ID: CVE-2024-40997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amd_pstate_epp_cpu_exit() function in drivers/cpufreq/amd-pstate.c. A local user can perform a denial of service (DoS) attack.
5) Improper error handling (CVE-ID: CVE-2024-46768)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the hp_wmi_notify() function in drivers/hwmon/hp-wmi-sensors.c. A local user can perform a denial of service (DoS) attack.
6) Buffer overflow (CVE-ID: CVE-2024-35825)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/usb/gadget/function/f_ncm.c. A local user can perform a denial of service (DoS) attack.
7) Improper locking (CVE-ID: CVE-2024-26854)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ice_dpll_init() function in drivers/net/ethernet/intel/ice/ice_dpll.c. A local user can perform a denial of service (DoS) attack.
8) Memory leak (CVE-ID: CVE-2024-35883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci1xxxx_spi_probe() function in drivers/spi/spi-pci1xxxx.c. A local user can perform a denial of service (DoS) attack.
9) Resource management error (CVE-ID: CVE-2024-27018)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to resource management error within the nf_ct_bridge_pre() function in net/bridge/netfilter/nf_conntrack_bridge.c, within the br_nf_local_in() function in net/bridge/br_netfilter_hooks.c, within the br_netif_receive_skb(), br_pass_frame_up(), br_handle_frame_finish() and br_handle_frame() functions in net/bridge/br_input.c. A local user can execute arbitrary code.
10) Buffer overflow (CVE-ID: CVE-2024-26870)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nfs4_listxattr() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
11) Out-of-bounds read (CVE-ID: CVE-2024-27042)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_discovery_reg_base_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c. A local user can perform a denial of service (DoS) attack.
12) Double free (CVE-ID: CVE-2024-26846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the LIST_HEAD(), nvme_fc_free_lport(), nvme_fc_init_module(), device_destroy() and nvme_fc_delete_controllers() functions in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.
13) Memory leak (CVE-ID: CVE-2024-26894)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the acpi_processor_power_exit() function in drivers/acpi/processor_idle.c. A local user can perform a denial of service (DoS) attack.
14) Use-after-free (CVE-ID: CVE-2024-35969)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ipv6_get_ifaddr() function in net/ipv6/addrconf.c, within the in6_ifa_hold() function in include/net/addrconf.h. A local user can escalate privileges on the system.
15) Resource management error (CVE-ID: CVE-2024-42087)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ili9881c_prepare() and ili9881c_unprepare() functions in drivers/gpu/drm/panel/panel-ilitek-ili9881c.c. A local user can perform a denial of service (DoS) attack.
16) Improper locking (CVE-ID: CVE-2024-35991)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the process_evl_entries() function in drivers/dma/idxd/irq.c, within the idxd_init_evl() function in drivers/dma/idxd/init.c, within the idxd_device_evl_setup() and idxd_device_evl_free() functions in drivers/dma/idxd/device.c, within the debugfs_evl_show() function in drivers/dma/idxd/debugfs.c, within the idxd_cdev_evl_drain_pasid() function in drivers/dma/idxd/cdev.c. A local user can perform a denial of service (DoS) attack.
17) Out-of-bounds read (CVE-ID: CVE-2024-46793)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snd_cht_mc_probe() function in sound/soc/intel/boards/cht_bsw_rt5672.c, within the snd_cht_mc_probe() function in sound/soc/intel/boards/cht_bsw_rt5645.c, within the snd_byt_wm5102_mc_probe() function in sound/soc/intel/boards/bytcr_wm5102.c, within the snd_byt_rt5651_mc_probe() function in sound/soc/intel/boards/bytcr_rt5651.c, within the snd_byt_rt5640_mc_probe() function in sound/soc/intel/boards/bytcr_rt5640.c, within the snd_byt_cht_es8316_mc_probe() function in sound/soc/intel/boards/bytcht_es8316.c, within the bytcht_da7213_probe() function in sound/soc/intel/boards/bytcht_da7213.c, within the snd_byt_cht_cx2072x_probe() function in sound/soc/intel/boards/bytcht_cx2072x.c, within the broxton_audio_probe() function in sound/soc/intel/boards/bxt_rt298.c. A local user can perform a denial of service (DoS) attack.
18) Use-after-free (CVE-ID: CVE-2024-26856)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sparx5_del_mact_entry() function in drivers/net/ethernet/microchip/sparx5/sparx5_mactable.c. A local user can escalate privileges on the system.
19) Out-of-bounds read (CVE-ID: CVE-2024-46731)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the atomctrl_retrieve_ac_timing() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c. A local user can perform a denial of service (DoS) attack.
20) Improper locking (CVE-ID: CVE-2024-36003)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ice_reset_vf() function in drivers/net/ethernet/intel/ice/ice_vf_lib.c. A local user can perform a denial of service (DoS) attack.
21) Memory leak (CVE-ID: CVE-2024-39499)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the event_deliver() function in drivers/misc/vmw_vmci/vmci_event.c. A local user can perform a denial of service (DoS) attack.
22) Input validation error (CVE-ID: CVE-2024-46736)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the smb2_rename_path() function in fs/smb/client/smb2inode.c. A local user can perform a denial of service (DoS) attack.
23) Input validation error (CVE-ID: CVE-2024-36880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qca_send_pre_shutdown_cmd(), qca_tlv_check_data() and qca_download_firmware() functions in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.
24) Input validation error (CVE-ID: CVE-2024-35965)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the l2cap_sock_setsockopt_old() and l2cap_sock_setsockopt() functions in net/bluetooth/l2cap_sock.c. A local user can perform a denial of service (DoS) attack.
25) Resource management error (CVE-ID: CVE-2024-35814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to double allocation of slots within the swiotlb_area_find_slots() function in kernel/dma/swiotlb.c. A local user can perform a denial of service (DoS) attack.
26) Out-of-bounds read (CVE-ID: CVE-2024-36883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the net_alloc_generic() and register_pernet_operations() functions in net/core/net_namespace.c. A local user can perform a denial of service (DoS) attack.
27) Buffer overflow (CVE-ID: CVE-2024-27407)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mi_enum_attr() function in fs/ntfs3/record.c. A local user can perform a denial of service (DoS) attack.
28) Memory leak (CVE-ID: CVE-2024-26833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dm_sw_fini() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
29) Input validation error (CVE-ID: CVE-2024-35801)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the fpu__init_cpu_xstate() function in arch/x86/kernel/fpu/xstate.c. A local user can perform a denial of service (DoS) attack.
30) Resource management error (CVE-ID: CVE-2024-36888)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kick_pool() function in kernel/workqueue.c. A local user can perform a denial of service (DoS) attack.
31) NULL pointer dereference (CVE-ID: CVE-2024-46739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hv_uio_channel_cb() function in drivers/uio/uio_hv_generic.c. A local user can perform a denial of service (DoS) attack.
32) Out-of-bounds read (CVE-ID: CVE-2024-40929)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iwl_mvm_scan_umac_dwell() and iwl_mvm_scan_umac_dwell_v10() functions in drivers/net/wireless/intel/iwlwifi/mvm/scan.c. A local user can perform a denial of service (DoS) attack.
33) Out-of-bounds read (CVE-ID: CVE-2024-35992)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the comphy_gbe_phy_init() function in drivers/phy/marvell/phy-mvebu-a3700-comphy.c. A local user can perform a denial of service (DoS) attack.
34) Use-after-free (CVE-ID: CVE-2024-35887)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ax25_dev_device_down() function in net/ax25/ax25_dev.c. A local user can escalate privileges on the system.
35) Use-after-free (CVE-ID: CVE-2023-52771)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the grandparent() function in drivers/cxl/core/port.c. A local user can escalate privileges on the system.
36) Memory leak (CVE-ID: CVE-2024-26896)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wfx_set_mfp_ap() function in drivers/net/wireless/silabs/wfx/sta.c. A local user can perform a denial of service (DoS) attack.
37) Incorrect calculation (CVE-ID: CVE-2024-36009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the net/ax25/af_ax25.c. A local user can perform a denial of service (DoS) attack.
38) Improper error handling (CVE-ID: CVE-2024-36481)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the parse_btf_field() function in kernel/trace/trace_probe.c. A local user can perform a denial of service (DoS) attack.
39) Out-of-bounds read (CVE-ID: CVE-2023-52768)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a boundary condition within the wilc_wlan_init() function in drivers/net/wireless/microchip/wilc1000/wlan.c. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
40) Out-of-bounds read (CVE-ID: CVE-2024-35976)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the xsk_setsockopt() function in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.
41) NULL pointer dereference (CVE-ID: CVE-2024-39506)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lio_vf_rep_copy_packet() function in drivers/net/ethernet/cavium/liquidio/lio_vf_rep.c. A local user can perform a denial of service (DoS) attack.
42) Use-after-free (CVE-ID: CVE-2024-35869)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the tcon_info_alloc() and tconInfoFree() functions in fs/smb/client/misc.c, within the dfs_cache_remount_fs() function in fs/smb/client/dfs_cache.c, within the get_session(), __dfs_mount_share() and dfs_mount_share() functions in fs/smb/client/dfs.c, within the match_session(), cifs_get_smb_ses(), cifs_mount_put_conns() and cifs_mount() functions in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
43) Memory leak (CVE-ID: CVE-2024-35912)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iwl_rfi_get_freq_table() function in drivers/net/wireless/intel/iwlwifi/mvm/rfi.c. A local user can perform a denial of service (DoS) attack.
44) Improper locking (CVE-ID: CVE-2024-26790)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the FSL_QDMA_CMD_PF BIT() and fsl_qdma_comp_fill_memcpy() functions in drivers/dma/fsl-qdma.c. A local user can perform a denial of service (DoS) attack.
45) Use-after-free (CVE-ID: CVE-2024-38612)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the IS_ENABLED() function in net/ipv6/seg6.c. A local user can escalate privileges on the system.
46) Improper locking (CVE-ID: CVE-2024-35795)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amdgpu_debugfs_mqd_read() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c. A local user can perform a denial of service (DoS) attack.
47) Memory leak (CVE-ID: CVE-2024-35877)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the follow_phys() function in mm/memory.c, within the is_cow_mapping(), free_pfn_range() and untrack_pfn() functions in arch/x86/mm/pat.c. A local user can perform a denial of service (DoS) attack.
48) Improper locking (CVE-ID: CVE-2024-26934)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the interface_authorized_store() function in drivers/usb/core/sysfs.c. A local user can execute arbitrary code.
49) Input validation error (CVE-ID: CVE-2024-41035)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the usb_parse_endpoint() function in drivers/usb/core/config.c. A local user can perform a denial of service (DoS) attack.
50) Improper locking (CVE-ID: CVE-2024-36894)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ffs_user_copy_worker() and ffs_epfile_async_io_complete() functions in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.
51) Improper locking (CVE-ID: CVE-2024-35910)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tcp_close() function in net/ipv4/tcp.c, within the inet_csk_clear_xmit_timers() function in net/ipv4/inet_connection_sock.c. A local user can perform a denial of service (DoS) attack.
52) Use-after-free (CVE-ID: CVE-2024-27043)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dvb_register_device() function in drivers/media/dvb-core/dvbdev.c. A local user can escalate privileges on the system.
53) Buffer overflow (CVE-ID: CVE-2024-26712)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the kasan_init_region() function in arch/powerpc/mm/kasan/kasan_init_32.c. A local user can perform a denial of service (DoS) attack.
54) Out-of-bounds read (CVE-ID: CVE-2021-47580)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the p_fill_from_dev_buffer(), resp_inquiry(), resp_requests(), resp_mode_sense(), resp_ie_l_pg(), resp_log_sense() and resp_report_zones() functions in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.
55) Improper locking (CVE-ID: CVE-2024-26785)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the iommufd_test_syz_conv_iova(), iommufd_test_syz_conv_iova_id(), iommufd_test_access_pages() and iommufd_test_access_rw() functions in drivers/iommu/iommufd/selftest.c. A local user can perform a denial of service (DoS) attack.
56) Resource management error (CVE-ID: CVE-2024-46730)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the acquire_otg_master_pipe_for_stream() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
57) Use-after-free (CVE-ID: CVE-2024-26800)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the struct_group(), tls_do_decryption() and tls_decrypt_sg() functions in net/tls/tls_sw.c. A local user can escalate privileges on the system.
58) Use of uninitialized resource (CVE-ID: CVE-2024-26805)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the netlink_group_mask() function in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
59) Improper locking (CVE-ID: CVE-2024-26847)
The vulnerability allows a local user to perform a denial of service attack (DoS) on the target system.
The vulnerability exists due to an error in arch/powerpc/kernel/rtas.c caused by usage of an incorrect function name. A local user can perform a denial of service (DoS) attack.
60) Use-after-free (CVE-ID: CVE-2024-26872)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the srpt_add_one() function in drivers/infiniband/ulp/srpt/ib_srpt.c. A local user can escalate privileges on the system.
61) Buffer overflow (CVE-ID: CVE-2024-35884)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the udp_gro_receive() function in net/ipv4/udp_offload.c, within the __udp_is_mcast_sock() function in net/ipv4/udp.c. A local user can perform a denial of service (DoS) attack.
62) Use-after-free (CVE-ID: CVE-2024-46781)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_finish_roll_forward() and nilfs_salvage_orphan_logs() functions in fs/nilfs2/recovery.c. A local user can escalate privileges on the system.
63) Memory leak (CVE-ID: CVE-2024-26888)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the msft_add_address_filter_sync() function in net/bluetooth/msft.c. A local user can perform a denial of service (DoS) attack.
64) NULL pointer dereference (CVE-ID: CVE-2024-46737)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nvmet_tcp_install_queue() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.
65) Buffer overflow (CVE-ID: CVE-2024-46726)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dcn_bw_update_from_pplib_fclks() function in drivers/gpu/drm/amd/display/dc/dml/calcs/dcn_calcs.c. A local user can perform a denial of service (DoS) attack.
66) Resource management error (CVE-ID: CVE-2024-36005)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nft_netdev_event() function in net/netfilter/nft_chain_filter.c. A local user can perform a denial of service (DoS) attack.
67) NULL pointer dereference (CVE-ID: CVE-2024-26747)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the usb_role_switch_get(), fwnode_usb_role_switch_get(), EXPORT_SYMBOL_GPL(), usb_role_switch_find_by_fwnode() and usb_role_switch_register() functions in drivers/usb/roles/class.c. A local user can perform a denial of service (DoS) attack.
68) Use-after-free (CVE-ID: CVE-2024-26801)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_error_reset() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
69) Buffer overflow (CVE-ID: CVE-2024-26853)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the igc_xdp_xmit() function in drivers/net/ethernet/intel/igc/igc_main.c. A local user can escalate privileges on the system.
70) Resource management error (CVE-ID: CVE-2024-35944)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dg_dispatch_as_host() function in drivers/misc/vmw_vmci/vmci_datagram.c. A local user can perform a denial of service (DoS) attack.
71) Improper error handling (CVE-ID: CVE-2024-36939)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nfs_net_init() function in fs/nfs/inode.c. A local user can perform a denial of service (DoS) attack.
72) Incorrect calculation (CVE-ID: CVE-2024-36007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the mlxsw_sp_acl_tcam_vregion_rehash_work(), mlxsw_sp_acl_tcam_rehash_ctx_vregion_changed(), mlxsw_sp_acl_tcam_vchunk_migrate_end(), mlxsw_sp_acl_tcam_vchunk_migrate_one(), mlxsw_sp_acl_tcam_vregion_migrate() and mlxsw_sp_acl_tcam_vregion_rehash_start() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
73) Use-after-free (CVE-ID: CVE-2024-46790)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the free_pages_prepare() function in mm/page_alloc.c. A local user can escalate privileges on the system.
74) Use-after-free (CVE-ID: CVE-2024-41040)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the net/sched/act_ct.c. A local user can escalate privileges on the system.
75) Out-of-bounds read (CVE-ID: CVE-2024-46743)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the of_irq_parse_one() function in drivers/of/irq.c. A local user can perform a denial of service (DoS) attack.
76) Integer underflow (CVE-ID: CVE-2024-46757)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the store_temp_offset() function in drivers/hwmon/nct6775.c. A local user can execute arbitrary code.
77) Input validation error (CVE-ID: CVE-2024-46775)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the perform_link_training_with_retries() function in drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training.c, within the hubbub2_program_watermarks() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_hubbub.c, within the dc_dmub_srv_cmd_run_list() and dc_dmub_srv_get_visual_confirm_color_cmd() functions in drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c. A local user can perform a denial of service (DoS) attack.
78) Improper locking (CVE-ID: CVE-2024-38628)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the free_ep_fback(), u_audio_set_volume(), u_audio_set_mute() and g_audio_setup() functions in drivers/usb/gadget/function/u_audio.c. A local user can perform a denial of service (DoS) attack.
79) Improper locking (CVE-ID: CVE-2024-26806)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cqspi_remove() and cqspi_resume() functions in drivers/spi/spi-cadence-quadspi.c. A local user can perform a denial of service (DoS) attack.
80) Improper locking (CVE-ID: CVE-2024-46750)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pci_bus_lock(), pci_bus_unlock(), pci_bus_trylock(), list_for_each_entry_continue_reverse(), pci_slot_lock() and pci_slot_trylock() functions in drivers/pci/pci.c. A local user can perform a denial of service (DoS) attack.
81) Out-of-bounds read (CVE-ID: CVE-2024-26980)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __handle_ksmbd_work() function in fs/smb/server/server.c. A local user can perform a denial of service (DoS) attack.
82) Improper locking (CVE-ID: CVE-2024-40977)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mt76s_tx_status_data() function in drivers/net/wireless/mediatek/mt76/sdio.c, within the mt7921s_mac_reset() function in drivers/net/wireless/mediatek/mt76/mt7921/sdio_mac.c, within the mt7921e_mac_reset() function in drivers/net/wireless/mediatek/mt76/mt7921/pci_mac.c, within the mt7921_mac_reset_work() function in drivers/net/wireless/mediatek/mt76/mt7921/mac.c. A local user can perform a denial of service (DoS) attack.
83) Buffer overflow (CVE-ID: CVE-2024-40941)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the iwl_mvm_mfu_assert_dump_notif() function in drivers/net/wireless/intel/iwlwifi/mvm/fw.c. A local user can perform a denial of service (DoS) attack.
84) Resource management error (CVE-ID: CVE-2024-41041)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sock_set_flag() and spin_unlock() functions in net/ipv4/udp.c. A local user can perform a denial of service (DoS) attack.
85) Input validation error (CVE-ID: CVE-2024-46744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the squashfs_read_inode() function in fs/squashfs/inode.c. A local user can perform a denial of service (DoS) attack.
86) Resource management error (CVE-ID: CVE-2024-27056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iwl_mvm_sta_ensure_queue() function in drivers/net/wireless/intel/iwlwifi/mvm/sta.c, within the __iwl_mvm_suspend() function in drivers/net/wireless/intel/iwlwifi/mvm/d3.c. A local user can perform a denial of service (DoS) attack.
87) Use-after-free (CVE-ID: CVE-2024-38581)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the amdgpu_mes_remove_ring() function in drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c. A local user can escalate privileges on the system.
88) Improper locking (CVE-ID: CVE-2024-26794)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the emit_fiemap_extent() function in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
89) NULL pointer dereference (CVE-ID: CVE-2024-40960)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt6_probe() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
90) Improper error handling (CVE-ID: CVE-2024-46783)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the sk_stream_error() function in net/ipv4/tcp_bpf.c. A local user can perform a denial of service (DoS) attack.
91) Use-after-free (CVE-ID: CVE-2024-46786)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fscache_exit() function in fs/fscache/main.c. A local user can escalate privileges on the system.
92) Use of Out-of-range Pointer Offset (CVE-ID: CVE-2024-26926)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the binder_get_object() function in drivers/android/binder.c. A local user can influence the pointer offset and potentially execute arbitrary code.
93) Improper error handling (CVE-ID: CVE-2024-41021)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the handle_fault_error_nolock() function in arch/s390/mm/fault.c. A local user can perform a denial of service (DoS) attack.
94) Input validation error (CVE-ID: CVE-2024-36881)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the userfaultfd_release() function in fs/userfaultfd.c. A local user can perform a denial of service (DoS) attack.
95) Memory leak (CVE-ID: CVE-2024-31076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the migrate_one_irq() function in kernel/irq/cpuhotplug.c, within the __send_cleanup_vector(), irq_complete_move() and irq_force_complete_move() functions in arch/x86/kernel/apic/vector.c. A local user can perform a denial of service (DoS) attack.
96) Race condition (CVE-ID: CVE-2024-26759)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the swapcache_prepare() function in mm/swapfile.c, within the do_swap_page() and folio_unlock() functions in mm/memory.c. A local user can escalate privileges on the system.
97) Infinite loop (CVE-ID: CVE-2024-26767)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the link_validate_dpia_bandwidth() function in drivers/gpu/drm/amd/display/dc/link/link_validation.c, within the get_firmware_info_v3_2(), get_integrated_info_v11(), get_integrated_info_v2_1() and get_integrated_info_v2_2() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
98) Incorrect calculation (CVE-ID: CVE-2024-35860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the bpf_kprobe_multi_link_fill_link_info() and bpf_uprobe_multi_link_dealloc() functions in kernel/trace/bpf_trace.c, within the bpf_link_inc() and bpf_raw_tp_link_fill_link_info() functions in kernel/bpf/syscall.c. A local user can perform a denial of service (DoS) attack.
99) Reachable Assertion (CVE-ID: CVE-2024-36000)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the alloc_huge_page() function in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.
100) Improper locking (CVE-ID: CVE-2024-35880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __io_remove_buffers() and io_unregister_pbuf_ring() functions in io_uring/kbuf.c, within the io_uring_validate_mmap_request() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
101) Memory leak (CVE-ID: CVE-2024-40910)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ax25_accept() function in net/ax25/af_ax25.c. A local user can perform a denial of service (DoS) attack.
102) Use-after-free (CVE-ID: CVE-2024-26866)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c. A local user can escalate privileges on the system.
103) Use of uninitialized resource (CVE-ID: CVE-2024-38619)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the short_pack() and alauda_check_media() functions in drivers/usb/storage/alauda.c. A local user can perform a denial of service (DoS) attack.
104) Buffer overflow (CVE-ID: CVE-2024-26885)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the dev_map_init_map() function in kernel/bpf/devmap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
105) Buffer overflow (CVE-ID: CVE-2024-35924)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ucsi_read_message_in(), ucsi_read_error(), ucsi_send_command() and ucsi_register() functions in drivers/usb/typec/ucsi/ucsi.c. A local user can perform a denial of service (DoS) attack.
106) Memory leak (CVE-ID: CVE-2024-26986)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kfd_create_process() function in drivers/gpu/drm/amd/amdkfd/kfd_process.c. A local user can perform a denial of service (DoS) attack.
107) Buffer overflow (CVE-ID: CVE-2024-35993)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the __clear_hugetlb_destructor(), add_hugetlb_folio(), __prep_new_hugetlb_folio() and prep_compound_gigantic_folio_for_demote() functions in mm/hugetlb.c, within the crash_save_vmcoreinfo_init() function in kernel/crash_core.c. A local user can perform a denial of service (DoS) attack.
108) Information disclosure (CVE-ID: CVE-2024-26901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to information disclosure within the do_sys_name_to_handle() function in fs/fhandle.c. A local user can perform a denial of service (DoS) attack.
109) Use-after-free (CVE-ID: CVE-2024-26909)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pmic_glink_altmode_probe() function in drivers/soc/qcom/pmic_glink_altmode.c. A local user can escalate privileges on the system.
110) Memory leak (CVE-ID: CVE-2024-46771)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm_notify() function in net/can/bcm.c. A local user can perform a denial of service (DoS) attack.
111) NULL pointer dereference (CVE-ID: CVE-2024-46749)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btnxpuart_close() and btnxpuart_flush() functions in drivers/bluetooth/btnxpuart.c. A local user can perform a denial of service (DoS) attack.
112) NULL pointer dereference (CVE-ID: CVE-2024-46742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the parse_durable_handle_context() and smb2_open() functions in fs/smb/server/smb2pdu.c, within the create_lease_buf() function in fs/smb/server/oplock.c. A local user can perform a denial of service (DoS) attack.
113) Out-of-bounds read (CVE-ID: CVE-2024-26593)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the i801_block_transaction_by_block() function in drivers/i2c/busses/i2c-i801.c. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
114) Integer underflow (CVE-ID: CVE-2024-26921)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nf_ct_frag6_queue() and nf_ct_frag6_gather() functions in net/ipv6/netfilter/nf_conntrack_reasm.c, within the ip_frag_queue() and ip_defrag() functions in net/ipv4/ip_fragment.c, within the FRAG_CB(), inet_frag_queue_insert(), inet_frag_reasm_prepare(), EXPORT_SYMBOL() and inet_frag_reasm_finish() functions in net/ipv4/inet_fragment.c. A local user can execute arbitrary code.
115) Double free (CVE-ID: CVE-2024-26782)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mptcp_inet6_sk() and mptcp_sk_clone() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
116) Memory leak (CVE-ID: CVE-2024-26900)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bind_rdev_to_array() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
117) Buffer overflow (CVE-ID: CVE-2023-52775)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the smcr_clnt_conf_first_link() function in net/smc/af_smc.c when handling SMC DECLINE messages. A remote attacker can send specially crafted SMC DECLINE message to the system, trigger memory corruption and perform a denial of service (DoS) attack.
118) Resource management error (CVE-ID: CVE-2024-35824)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the lis3lv02d_i2c_suspend() and lis3lv02d_i2c_resume() functions in drivers/misc/lis3lv02d/lis3lv02d_i2c.c. A local user can perform a denial of service (DoS) attack.
119) Division by zero (CVE-ID: CVE-2024-26720)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the wb_dirty_limits() function in mm/page-writeback.c. A local user can perform a denial of service (DoS) attack.
120) Information disclosure (CVE-ID: CVE-2024-35838)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the sta_info_free() function in net/mac80211/sta_info.c. A local user can gain access to sensitive information.
121) Resource management error (CVE-ID: CVE-2024-27410)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nl80211_set_interface() function in net/wireless/nl80211.c. A local user can manipulate with the interface mesh ID and perform a denial of service (DoS) attack.
122) Processor optimization removal or modification of security-critical code (CVE-ID: CVE-2024-35996)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to speculative execution in kernel/cpu.c. A local user can gain access to sensitive information.
123) NULL pointer dereference (CVE-ID: CVE-2024-26897)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath9k_wmi_event_tasklet() function in drivers/net/wireless/ath/ath9k/wmi.c, within the ath9k_tx_init() function in drivers/net/wireless/ath/ath9k/htc_drv_txrx.c, within the ath9k_htc_probe_device() function in drivers/net/wireless/ath/ath9k/htc_drv_init.c. A local user can perform a denial of service (DoS) attack.
124) Double free (CVE-ID: CVE-2023-52667)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the fs_any_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en/fs_tt_redirect.c. A local user can perform a denial of service (DoS) attack.
125) Improper locking (CVE-ID: CVE-2024-26925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __nf_tables_abort() and nf_tables_abort() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
126) Use of uninitialized resource (CVE-ID: CVE-2024-42272)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the DEFINE_MUTEX() and offsetof() functions in net/sched/act_ct.c. A local user can perform a denial of service (DoS) attack.
127) Double free (CVE-ID: CVE-2024-35835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the arfs_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c. A local user can perform a denial of service (DoS) attack.
128) Buffer overflow (CVE-ID: CVE-2023-52756)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the include/linux/pwm.h. A local user can escalate privileges on the system.
129) Race condition (CVE-ID: CVE-2024-24858)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.
130) NULL pointer dereference (CVE-ID: CVE-2024-36002)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpll_device_get_by_id(), dpll_pin_registration_find(), dpll_xa_ref_pin_add(), dpll_xa_ref_pin_del(), dpll_xa_ref_dpll_add(), dpll_xa_ref_dpll_del(), EXPORT_SYMBOL_GPL(), __dpll_pin_register(), dpll_pin_register(), dpll_pin_unregister(), dpll_pin_on_pin_register() and dpll_pin_on_pin_unregister() functions in drivers/dpll/dpll_core.c. A local user can perform a denial of service (DoS) attack.
131) Use-after-free (CVE-ID: CVE-2024-26865)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcp_twsk_purge() function in net/ipv4/tcp_minisocks.c. A local user can escalate privileges on the system.
132) Memory leak (CVE-ID: CVE-2024-27076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ipu_csc_scaler_release() function in drivers/staging/media/imx/imx-media-csc-scaler.c. A local user can perform a denial of service (DoS) attack.
133) Resource management error (CVE-ID: CVE-2024-36004)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the i40e_init_module() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
134) Memory leak (CVE-ID: CVE-2024-27078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tpg_alloc() function in drivers/media/common/v4l2-tpg/v4l2-tpg-core.c. A local user can perform a denial of service (DoS) attack.
135) Use-after-free (CVE-ID: CVE-2024-41045)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bpf_timer_delete_work(), __bpf_async_init() and __bpf_spin_unlock_irqrestore() functions in kernel/bpf/helpers.c. A local user can escalate privileges on the system.
136) Resource management error (CVE-ID: CVE-2024-26764)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kiocb_set_cancel_fn() and aio_prep_rw() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.
137) Division by zero (CVE-ID: CVE-2024-26777)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the sisfb_check_var() function in drivers/video/fbdev/sis/sis_main.c. A local user can perform a denial of service (DoS) attack.
138) Improper error handling (CVE-ID: CVE-2024-46752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the update_ref_for_cow() function in fs/btrfs/ctree.c. A local user can perform a denial of service (DoS) attack.
139) NULL pointer dereference (CVE-ID: CVE-2024-46720)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_device_gpu_recover() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
140) Improper locking (CVE-ID: CVE-2024-40972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_xattr_set_entry(), iput(), ext4_xattr_block_set() and ext4_xattr_ibody_set() functions in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
141) Out-of-bounds read (CVE-ID: CVE-2024-46747)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cougar_fix_g6_mapping() function in drivers/hid/hid-cougar.c. A local user can perform a denial of service (DoS) attack.
142) Use-after-free (CVE-ID: CVE-2024-26944)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_load_block_group_zone_info(), bitmap_free() and do_zone_finish() functions in fs/btrfs/zoned.c. A local user can escalate privileges on the system.
143) NULL pointer dereference (CVE-ID: CVE-2024-46715)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL(), iio_channel_read() and iio_channel_read_avail() functions in drivers/iio/inkern.c, within the iio_ev_state_store(), iio_ev_state_show() and iio_ev_value_show() functions in drivers/iio/industrialio-event.c, within the iio_read_channel_info() and iio_read_channel_info_avail() functions in drivers/iio/industrialio-core.c. A local user can perform a denial of service (DoS) attack.
144) NULL pointer dereference (CVE-ID: CVE-2024-36008)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ip_route_use_hint() function in net/ipv4/route.c. A local user can perform a denial of service (DoS) attack.
145) Use-after-free (CVE-ID: CVE-2024-35854)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_vregion_rehash() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.
146) Input validation error (CVE-ID: CVE-2024-42091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the xe_pat_dump() function in drivers/gpu/drm/xe/xe_pat.c. A local user can perform a denial of service (DoS) attack.
147) Use-after-free (CVE-ID: CVE-2024-35868)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_stats_proc_write() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
148) Infinite loop (CVE-ID: CVE-2024-35982)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the batadv_tt_local_resize_to_mtu() function in net/batman-adv/translation-table.c. A local user can perform a denial of service (DoS) attack.
149) Race condition (CVE-ID: CVE-2024-26779)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the ieee80211_check_fast_xmit() function in net/mac80211/tx.c, within the sta_info_insert_finish() function in net/mac80211/sta_info.c. A local user can escalate privileges on the system.
150) Improper locking (CVE-ID: CVE-2024-46791)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mcp251x_hw_wake() function in drivers/net/can/spi/mcp251x.c. A local user can perform a denial of service (DoS) attack.
151) Input validation error (CVE-ID: CVE-2024-46705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the xe_mmio_tile_vram_size(), xe_mmio_probe_vram(), devm_add_action_or_reset() and mmio_fini() functions in drivers/gpu/drm/xe/xe_mmio.c, within the xe_device_probe() function in drivers/gpu/drm/xe/xe_device.c. A local user can perform a denial of service (DoS) attack.
152) Input validation error (CVE-ID: CVE-2024-46716)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the msgdma_free_descriptor() and msgdma_chan_desc_cleanup() functions in drivers/dma/altera-msgdma.c. A local user can perform a denial of service (DoS) attack.
153) Buffer overflow (CVE-ID: CVE-2024-27405)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/usb/gadget/function/f_ncm.c. A local user can perform a denial of service (DoS) attack.
154) Improper locking (CVE-ID: CVE-2024-27013)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tun_put_user() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
155) Use of uninitialized resource (CVE-ID: CVE-2024-27431)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the cpu_map_bpf_prog_run_xdp() function in kernel/bpf/cpumap.c. A local user can perform a denial of service (DoS) attack.
156) Input validation error (CVE-ID: CVE-2024-35963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_sock_setsockopt_old() and hci_sock_setsockopt() functions in net/bluetooth/hci_sock.c. A local user can perform a denial of service (DoS) attack.
157) Out-of-bounds read (CVE-ID: CVE-2024-46764)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the btf_name_valid_section() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
158) Incorrect calculation (CVE-ID: CVE-2024-26752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the l2tp_ip6_sendmsg() function in net/l2tp/l2tp_ip6.c. A local user can perform a denial of service (DoS) attack.
159) Incorrect calculation (CVE-ID: CVE-2024-46767)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the of_phy_leds() function in drivers/net/phy/phy_device.c. A local user can perform a denial of service (DoS) attack.
160) NULL pointer dereference (CVE-ID: CVE-2024-36884)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nvidia_smmu_context_fault() function in drivers/iommu/arm/arm-smmu/arm-smmu-nvidia.c. A local user can perform a denial of service (DoS) attack.
161) NULL pointer dereference (CVE-ID: CVE-2024-38605)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_card_new() function in sound/core/init.c. A local user can perform a denial of service (DoS) attack.
162) NULL pointer dereference (CVE-ID: CVE-2024-26771)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the edma_probe() function in drivers/dma/ti/edma.c. A local user can perform a denial of service (DoS) attack.
163) Use-after-free (CVE-ID: CVE-2024-40954)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sk_common_release() function in net/core/sock.c. A local user can escalate privileges on the system.
164) Out-of-bounds read (CVE-ID: CVE-2023-52819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h. A local user can perform a denial of service (DoS) attack.
165) NULL pointer dereference (CVE-ID: CVE-2024-46755)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/wireless/marvell/mwifiex/main.h. A local user can perform a denial of service (DoS) attack.
166) Buffer overflow (CVE-ID: CVE-2024-26994)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the get_word() function in drivers/accessibility/speakup/main.c. A local user can perform a denial of service (DoS) attack.
167) Out-of-bounds read (CVE-ID: CVE-2024-39471)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sdma_v4_0_process_trap_irq() function in drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c. A local user can perform a denial of service (DoS) attack.
168) Improper locking (CVE-ID: CVE-2024-41005)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the netpoll_owner_active() function in net/core/netpoll.c. A local user can perform a denial of service (DoS) attack.
169) Resource management error (CVE-ID: CVE-2024-35989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the perf_event_cpu_offline() function in drivers/dma/idxd/perfmon.c. A local user can perform a denial of service (DoS) attack.
170) Resource management error (CVE-ID: CVE-2024-40978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qedi_dbg_do_not_recover_cmd_read() function in drivers/scsi/qedi/qedi_debugfs.c. A local user can perform a denial of service (DoS) attack.
171) Buffer overflow (CVE-ID: CVE-2024-35995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the show_cppc_data(), acpi_cppc_processor_probe(), cpc_read() and cpc_write() functions in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.
172) Resource management error (CVE-ID: CVE-2024-26788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the fsl_qdma_probe() function in drivers/dma/fsl-qdma.c. A local user can perform a denial of service (DoS) attack.
173) NULL pointer dereference (CVE-ID: CVE-2024-26978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the max310x_i2c_slave_addr() function in drivers/tty/serial/max310x.c. A local user can perform a denial of service (DoS) attack.
174) Input validation error (CVE-ID: CVE-2024-27015)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nf_flow_tuple_encap() function in net/netfilter/nf_flow_table_ip.c. A local user can perform a denial of service (DoS) attack.
175) Use-after-free (CVE-ID: CVE-2024-46745)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uinput_validate_absinfo() function in drivers/input/misc/uinput.c. A local user can escalate privileges on the system.
176) Input validation error (CVE-ID: CVE-2024-41056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cs_dsp_coeff_parse_alg() and cs_dsp_coeff_parse_coeff() functions in drivers/firmware/cirrus/cs_dsp.c. A local user can perform a denial of service (DoS) attack.
177) Use-after-free (CVE-ID: CVE-2024-26974)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the adf_device_reset_worker() and adf_dev_aer_schedule_reset() functions in drivers/crypto/qat/qat_common/adf_aer.c. A local user can escalate privileges on the system.
178) Improper locking (CVE-ID: CVE-2024-40998)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __ext4_fill_super() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
179) NULL pointer dereference (CVE-ID: CVE-2024-36479)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fpga_bridge_disable(), of_fpga_bridge_get(), fpga_bridge_dev_match(), fpga_bridge_get(), fpga_bridge_put(), ATTRIBUTE_GROUPS(), fpga_bridge_register() and ERR_PTR() functions in drivers/fpga/fpga-bridge.c, within the fpga_bridge_register() function in Documentation/driver-api/fpga/fpga-bridge.rst. A local user can perform a denial of service (DoS) attack.
180) NULL pointer dereference (CVE-ID: CVE-2024-41060)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the radeon_gem_va_update_vm() function in drivers/gpu/drm/radeon/radeon_gem.c. A local user can perform a denial of service (DoS) attack.
181) Memory leak (CVE-ID: CVE-2024-41076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfs4_set_security_label() function in fs/nfs/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
182) Use-after-free (CVE-ID: CVE-2024-35864)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_valid_lease_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
183) Integer underflow (CVE-ID: CVE-2024-46758)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the set_tcrit2(), set_tcrit1(), set_tcrit1_hyst() and set_offset() functions in drivers/hwmon/lm95234.c. A local user can execute arbitrary code.
184) Memory leak (CVE-ID: CVE-2024-46733)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the btrfs_qgroup_free_data() and extent_clear_unlock_delalloc() functions in fs/btrfs/inode.c. A local user can perform a denial of service (DoS) attack.
185) Input validation error (CVE-ID: CVE-2024-46717)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5e_handle_rx_cqe_mpwrq_shampo() function in drivers/net/ethernet/mellanox/mlx5/core/en_rx.c. A local user can perform a denial of service (DoS) attack.
186) Improper error handling (CVE-ID: CVE-2024-46784)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mana_destroy_txq(), mana_create_txq() and mana_destroy_rxq() functions in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.
187) Improper locking (CVE-ID: CVE-2024-40904)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the wdm_int_callback() function in drivers/usb/class/cdc-wdm.c. A local user can perform a denial of service (DoS) attack.
188) Improper locking (CVE-ID: CVE-2024-26781)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the subflow_get_info() function in net/mptcp/diag.c. A local user can perform a denial of service (DoS) attack.
189) Use-after-free (CVE-ID: CVE-2024-39494)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ima_eventname_init_common() function in security/integrity/ima/ima_template_lib.c, within the ima_collect_measurement() and ima_d_path() functions in security/integrity/ima/ima_api.c. A local user can escalate privileges on the system.
190) Use-after-free (CVE-ID: CVE-2024-26875)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pvr2_context_exit() function in drivers/media/usb/pvrusb2/pvrusb2-context.c. A local user can escalate privileges on the system.
191) Input validation error (CVE-ID: CVE-2024-35962)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the do_replace() and compat_do_replace() functions in net/ipv6/netfilter/ip6_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/ip_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/arp_tables.c. A local user can perform a denial of service (DoS) attack.
192) Improper locking (CVE-ID: CVE-2024-40912)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ieee80211_sta_ps_deliver_wakeup() function in net/mac80211/sta_info.c. A local user can perform a denial of service (DoS) attack.
193) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-35894)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions in mptcp_set_rcvlowat() function in net/mptcp/sockopt.c, which allow bpf accessing mptcp-level proto_ops from a tcp subflow scope. A local user can perform a denial of service (DoS) attack.
194) Race condition (CVE-ID: CVE-2024-24857)
The vulnerability allows a remote non-authenticated attacker to damange or delete data.
A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.
195) NULL pointer dereference (CVE-ID: CVE-2024-35946)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rtw89_ops_bss_info_changed() and rtw89_ops_remain_on_channel() functions in drivers/net/wireless/realtek/rtw89/mac80211.c. A local user can perform a denial of service (DoS) attack.
196) Resource management error (CVE-ID: CVE-2024-35807)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the EXT4_DESC_PER_BLOCK() function in fs/ext4/resize.c. A local user can perform a denial of service (DoS) attack.
197) NULL pointer dereference (CVE-ID: CVE-2024-27079)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the intel_pasid_setup_nested() function in drivers/iommu/intel/pasid.c, within the domain_context_clear() and intel_iommu_release_device() functions in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.
198) Out-of-bounds read (CVE-ID: CVE-2024-46722)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_atombios_init_mc_reg_table() function in drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c. A local user can perform a denial of service (DoS) attack.
199) Use-after-free (CVE-ID: CVE-2024-35843)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the prq_event_thread() function in drivers/iommu/intel/svm.c, within the intel_iommu_release_device() function in drivers/iommu/intel/iommu.c, within the alloc_iommu() function in drivers/iommu/intel/dmar.c. A local user can escalate privileges on the system.
200) Use-after-free (CVE-ID: CVE-2024-38570)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gfs2_gl_hash_clear() function in fs/gfs2/super.c, within the init_sbd() function in fs/gfs2/ops_fstype.c, within the gdlm_ast(), gdlm_bast() and gdlm_put_lock() functions in fs/gfs2/lock_dlm.c, within the glock_blocked_by_withdraw() and gfs2_gl_hash_clear() functions in fs/gfs2/glock.c. A local user can escalate privileges on the system.
201) Memory leak (CVE-ID: CVE-2024-46779)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the to_pvr_vm_gpuva(), pvr_vm_gpuva_unmap() and pvr_vm_gpuva_remap() functions in drivers/gpu/drm/imagination/pvr_vm.c. A local user can perform a denial of service (DoS) attack.
202) Improper locking (CVE-ID: CVE-2024-26837)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the switchdev_obj_eq() and switchdev_port_obj_del() functions in net/switchdev/switchdev.c, within the br_switchdev_mdb_replay_one() and br_switchdev_mdb_replay() functions in net/bridge/br_switchdev.c. A local user can perform a denial of service (DoS) attack.
203) NULL pointer dereference (CVE-ID: CVE-2024-41055)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/mmzone.h. A local user can perform a denial of service (DoS) attack.
204) NULL pointer dereference (CVE-ID: CVE-2024-36901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ip6_output() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.
205) Use of uninitialized resource (CVE-ID: CVE-2024-40931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
206) Buffer overflow (CVE-ID: CVE-2024-26843)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the riscv_enable_runtime_services() function in drivers/firmware/efi/riscv-runtime.c, within the arm_enable_runtime_services() function in drivers/firmware/efi/arm-runtime.c. A local user can perform a denial of service (DoS) attack.
207) NULL pointer dereference (CVE-ID: CVE-2024-26964)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xhci_map_temp_buffer() function in drivers/usb/host/xhci.c. A local user can perform a denial of service (DoS) attack.
208) Use-after-free (CVE-ID: CVE-2024-26804)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tnl_update_pmtu(), ip_md_tunnel_xmit() and ip_tunnel_xmit() functions in net/ipv4/ip_tunnel.c. A local user can escalate privileges on the system.
209) Resource management error (CVE-ID: CVE-2024-40988)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sumo_construct_vid_mapping_table() function in drivers/gpu/drm/radeon/sumo_dpm.c. A local user can perform a denial of service (DoS) attack.
210) Memory leak (CVE-ID: CVE-2024-35829)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lima_heap_alloc() function in drivers/gpu/drm/lima/lima_gem.c. A local user can perform a denial of service (DoS) attack.
211) NULL pointer dereference (CVE-ID: CVE-2024-36478)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nullb_update_nr_hw_queues(), nullb_device_power_store(), null_add_dev() and null_create_dev() functions in drivers/block/null_blk/main.c. A local user can perform a denial of service (DoS) attack.
212) Buffer overflow (CVE-ID: CVE-2023-52828)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bpf_tree_comp() function in kernel/bpf/core.c. A local user can perform a denial of service (DoS) attack.
213) Input validation error (CVE-ID: CVE-2024-40989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vgic_v3_free_redist_region() and vgic_v3_set_redist_base() functions in arch/arm64/kvm/vgic/vgic-mmio-v3.c, within the kvm_vgic_dist_destroy() function in arch/arm64/kvm/vgic/vgic-init.c. A local user can perform a denial of service (DoS) attack.
214) Division by zero (CVE-ID: CVE-2022-3061)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to missing checks of the "pixclock" value in the Linux kernel i740 driver. A local user can pass arbitrary values to the driver through ioctl() interface, trigger a divide by zero error and perform a denial of service (DoS) attack.
215) Division by zero (CVE-ID: CVE-2024-26778)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the savagefb_check_var() function in drivers/video/fbdev/savage/savagefb_driver.c. A local user can perform a denial of service (DoS) attack.
216) NULL pointer dereference (CVE-ID: CVE-2024-46765)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_xsk_pool_setup() function in drivers/net/ethernet/intel/ice/ice_xsk.c, within the ice_clear_hw_tbls(), ice_xdp_setup_prog() and ice_xdp() functions in drivers/net/ethernet/intel/ice/ice_main.c, within the ice_vsi_free(), ice_vsi_alloc() and ice_vsi_rebuild() functions in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.
217) Infinite loop (CVE-ID: CVE-2024-46729)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the dccg35_get_other_enabled_symclk_fe() function in drivers/gpu/drm/amd/display/dc/dcn35/dcn35_dccg.c. A local user can perform a denial of service (DoS) attack.
218) Out-of-bounds read (CVE-ID: CVE-2024-26952)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds read error within the smb2_tree_connect(), smb2_open(), smb2_query_dir(), smb2_get_ea(), smb2_set_info_file(), smb2_set_info(), fsctl_pipe_transceive() and smb2_ioctl() functions in fs/smb/server/smb2pdu.c, within the smb2_get_data_area_len() function in fs/smb/server/smb2misc.c. A local user can execute arbitrary code.
219) Buffer overflow (CVE-ID: CVE-2024-38623)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the fs/ntfs3/ntfs.h. A local user can perform a denial of service (DoS) attack.
220) Memory leak (CVE-ID: CVE-2024-35930)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_rcv_padisc() function in drivers/scsi/lpfc/lpfc_nportdisc.c. A local user can perform a denial of service (DoS) attack.
221) NULL pointer dereference (CVE-ID: CVE-2024-22099)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
222) Use-after-free (CVE-ID: CVE-2024-26886)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bt_sock_recvmsg() and bt_sock_ioctl() functions in net/bluetooth/af_bluetooth.c. A local user can escalate privileges on the system.
223) Memory leak (CVE-ID: CVE-2024-46789)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the alloc_tagging_slab_free_hook() function in mm/slub.c. A local user can perform a denial of service (DoS) attack.
224) Out-of-bounds read (CVE-ID: CVE-2024-35970)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the manage_oob() function in net/unix/af_unix.c. A local user can perform a denial of service (DoS) attack.
225) Integer overflow (CVE-ID: CVE-2021-47432)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the __genradix_iter_peek() function in lib/generic-radix-tree.c. A local user can execute arbitrary code.
226) Memory leak (CVE-ID: CVE-2023-52518)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hci_dev_close_sync() function in net/bluetooth/hci_sync.c, within the hci_release_dev() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
227) Improper locking (CVE-ID: CVE-2024-27072)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the usbtv_video_free() function in drivers/media/usb/usbtv/usbtv-video.c. A local user can perform a denial of service (DoS) attack.
228) NULL pointer dereference (CVE-ID: CVE-2024-38550)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the kirkwood_dma_hw_params() function in sound/soc/kirkwood/kirkwood-dma.c. A local user can perform a denial of service (DoS) attack.
229) Input validation error (CVE-ID: CVE-2021-47476)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sizeof() and ni6501_find_endpoints() functions in drivers/staging/comedi/drivers/ni_usb6501.c. A local user can perform a denial of service (DoS) attack.
230) Memory leak (CVE-ID: CVE-2023-52529)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sony_probe() function in drivers/hid/hid-sony.c. A local user can perform a denial of service attack.
231) Use-after-free (CVE-ID: CVE-2023-52576)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the add_early_ima_buffer() function in arch/x86/kernel/setup.c. A local user can escalate privileges on the system.
232) Use of uninitialized resource (CVE-ID: CVE-2024-26799)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the lpass_cdc_dma_daiops_trigger() function in sound/soc/qcom/lpass-cdc-dma.c. A local user can perform a denial of service (DoS) attack.
233) Buffer overflow (CVE-ID: CVE-2024-26889)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the hci_get_dev_info() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
234) Resource management error (CVE-ID: CVE-2021-47419)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the taprio_destroy() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
235) Resource management error (CVE-ID: CVE-2024-26880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __dm_internal_suspend() and __dm_internal_resume() functions in drivers/md/dm.c. A local user can perform a denial of service (DoS) attack.
236) NULL pointer dereference (CVE-ID: CVE-2024-34030)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the of_pci_prop_intr_map() function in drivers/pci/of_property.c. A local user can perform a denial of service (DoS) attack.
237) Resource management error (CVE-ID: CVE-2024-38565)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ar5523_probe() function in drivers/net/wireless/ath/ar5523/ar5523.c. A local user can perform a denial of service (DoS) attack.
238) Out-of-bounds read (CVE-ID: CVE-2024-38540)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bnxt_qplib_create_qp() function in drivers/infiniband/hw/bnxt_re/qplib_fp.c. A local user can perform a denial of service (DoS) attack.
239) Improper locking (CVE-ID: CVE-2024-26772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_find_by_goal() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
240) Input validation error (CVE-ID: CVE-2024-26581)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in net/netfilter/nft_set_rbtree.c. A locla user can perform a denial of service (DoS) attack.
241) Memory leak (CVE-ID: CVE-2024-26669)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fl_tmplt_destroy() function in net/sched/cls_flower.c, within the tcf_block_playback_offloads() and tc_chain_tmplt_add() functions in net/sched/cls_api.c, within the void() function in include/net/sch_generic.h. A local user can perform a denial of service (DoS) attack.
242) NULL pointer dereference (CVE-ID: CVE-2021-47440)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the encx24j600_spi_probe() function in drivers/net/ethernet/microchip/encx24j600.c, within the devm_regmap_init_encx24j600() function in drivers/net/ethernet/microchip/encx24j600-regmap.c. A local user can perform a denial of service (DoS) attack.
243) Out-of-bounds read (CVE-ID: CVE-2024-26789)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ctr_encrypt() function in arch/arm64/crypto/aes-neonbs-glue.c. A local user can perform a denial of service (DoS) attack.
244) Resource management error (CVE-ID: CVE-2023-52648)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmw_du_cursor_plane_prepare_fb() function in drivers/gpu/drm/vmwgfx/vmwgfx_kms.c. A local user can perform a denial of service (DoS) attack.
245) Buffer overflow (CVE-ID: CVE-2024-26589)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the adjust_ptr_min_max_vals() function in kernel/bpf/verifier.c. A local user can crash the OS kernel.
246) NULL pointer dereference (CVE-ID: CVE-2024-40959)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xfrm6_get_saddr() function in net/ipv6/xfrm6_policy.c. A local user can perform a denial of service (DoS) attack.
247) Infinite loop (CVE-ID: CVE-2024-38601)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the rb_check_list() and ring_buffer_resize() functions in kernel/trace/ring_buffer.c. A local user can perform a denial of service (DoS) attack.
248) Improper locking (CVE-ID: CVE-2024-40995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tcf_idr_check_alloc() and rcu_read_unlock() functions in net/sched/act_api.c. A local user can perform a denial of service (DoS) attack.
249) Improper locking (CVE-ID: CVE-2024-26686)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the do_task_stat() function in fs/proc/array.c. A local user can perform a denial of service (DoS) attack.
250) Incorrect calculation (CVE-ID: CVE-2024-27017)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to incorrect calculation within the nft_pipapo_walk() function in net/netfilter/nft_set_pipapo.c, within the nft_map_deactivate(), nf_tables_bind_set(), nft_map_activate(), nf_tables_dump_set(), nft_set_flush() and nf_tables_check_loops() functions in net/netfilter/nf_tables_api.c. A local user can manipulate data.
251) Race condition (CVE-ID: CVE-2024-26960)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the __swap_entry_free_locked() and free_swap_and_cache() functions in mm/swapfile.c. A local user can escalate privileges on the system.
252) NULL pointer dereference (CVE-ID: CVE-2024-40911)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cfg80211_get_station() function in net/wireless/util.c. A local user can perform a denial of service (DoS) attack.
253) Double free (CVE-ID: CVE-2023-52679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the of_unittest_parse_phandle_with_args() and of_unittest_parse_phandle_with_args_map() functions in drivers/of/unittest.c, within the of_parse_phandle_with_args_map() function in drivers/of/base.c. A local user can perform a denial of service (DoS) attack.
254) Memory leak (CVE-ID: CVE-2024-27012)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_rbtree_activate() and nft_rbtree_walk() functions in net/netfilter/nft_set_rbtree.c, within the nft_pipapo_activate() and nft_pipapo_walk() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_activate(), nft_rhash_walk(), nft_hash_activate() and nft_hash_walk() functions in net/netfilter/nft_set_hash.c, within the nft_bitmap_activate() and nft_bitmap_walk() functions in net/netfilter/nft_set_bitmap.c, within the nft_mapelem_deactivate(), nft_map_catchall_deactivate(), nft_setelem_validate(), nf_tables_bind_check_setelem(), nft_mapelem_activate(), nft_map_catchall_activate(), nf_tables_dump_setelem(), nft_setelem_activate(), nft_setelem_flush() and nf_tables_loop_check_setelem() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
255) Resource management error (CVE-ID: CVE-2024-39492)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cmdq_mbox_shutdown() function in drivers/mailbox/mtk-cmdq-mailbox.c. A local user can perform a denial of service (DoS) attack.
256) Integer overflow (CVE-ID: CVE-2024-23307)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow in raid5_cache_count() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
257) Improper locking (CVE-ID: CVE-2023-52791)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/i2c/i2c-core.h. A local user can perform a denial of service (DoS) attack.
258) Improper locking (CVE-ID: CVE-2024-42090)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the create_pinctrl() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.
259) Buffer overflow (CVE-ID: CVE-2024-35810)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vmw_du_cursor_mob_size() and vmw_du_cursor_plane_cleanup_fb() functions in drivers/gpu/drm/vmwgfx/vmwgfx_kms.c. A local user can perform a denial of service (DoS) attack.
260) NULL pointer dereference (CVE-ID: CVE-2024-26591)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the bpf_tracing_prog_attach() function in kernel/bpf/syscall.c. A local user can perform a denial of service (DoS) attack.
261) Improper locking (CVE-ID: CVE-2024-26740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mirred_egress_to_ingress_tcp_test() function in tools/testing/selftests/net/forwarding/tc_actions.sh, within the is_mirred_nested() and tcf_mirred_to_dev() functions in net/sched/act_mirred.c. A local user can perform a denial of service (DoS) attack.
262) NULL pointer dereference (CVE-ID: CVE-2024-0841)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the hugetlbfs_fill_super() function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. A local user can perform a denial of service (DoS) attack.
263) Improper locking (CVE-ID: CVE-2024-26627)
The vulnerability allows a local user to perform a denial of service attack (DoS).
The vulnerability exists due to improper locking when calling the scsi_host_busy() function. A local user can perform a denial of service attack.
264) Improper locking (CVE-ID: CVE-2024-36977)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __dwc3_gadget_get_frame() and __dwc3_stop_active_transfer() functions in drivers/usb/dwc3/gadget.c. A local user can perform a denial of service (DoS) attack.
265) Input validation error (CVE-ID: CVE-2024-41009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __aligned(), bpf_ringbuf_alloc(), bpf_ringbuf_restore_from_rec() and __bpf_ringbuf_reserve() functions in kernel/bpf/ringbuf.c. A local user can perform a denial of service (DoS) attack.
266) Improper locking (CVE-ID: CVE-2024-35990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xilinx_dpdma_chan_vsync_irq(), xilinx_dpdma_issue_pending() and xilinx_dpdma_chan_err_task() functions in drivers/dma/xilinx/xilinx_dpdma.c. A local user can perform a denial of service (DoS) attack.
267) Improper locking (CVE-ID: CVE-2024-36882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the page_cache_ra_order() function in mm/readahead.c. A local user can perform a denial of service (DoS) attack.
268) NULL pointer dereference (CVE-ID: CVE-2024-46707)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the access_gic_sgi() function in arch/arm64/kvm/sys_regs.c. A local user can perform a denial of service (DoS) attack.
269) Out-of-bounds read (CVE-ID: CVE-2024-42088)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the SND_SOC_DAILINK_DEFS() function in sound/soc/mediatek/mt8195/mt8195-mt6359.c. A local user can perform a denial of service (DoS) attack.
270) NULL pointer dereference (CVE-ID: CVE-2024-27041)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_fini() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
271) Improper locking (CVE-ID: CVE-2024-26907)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the set_eth_seg() function in drivers/infiniband/hw/mlx5/wr.c. A local user can execute arbitrary code.
272) NULL pointer dereference (CVE-ID: CVE-2024-35790)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hpd_show(), dp_altmode_probe(), dp_altmode_remove() and module_typec_altmode_driver() functions in drivers/usb/typec/altmodes/displayport.c. A local user can perform a denial of service (DoS) attack.
273) Incorrect calculation (CVE-ID: CVE-2024-35900)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the nf_tables_addchain() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
274) Race condition within a thread (CVE-ID: CVE-2024-27419)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the nr_state1_machine(), nr_state2_machine() and nr_state3_machine() functions in net/netrom/nr_in.c, within the nr_rx_frame() function in net/netrom/af_netrom.c. A local user can manipulate data.
275) Memory leak (CVE-ID: CVE-2024-39493)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the adf_device_reset_worker() and adf_dev_aer_schedule_reset() functions in drivers/crypto/qat/qat_common/adf_aer.c. A local user can perform a denial of service (DoS) attack.
276) Use-after-free (CVE-ID: CVE-2024-35855)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_ventry_activity_get() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.
277) Resource management error (CVE-ID: CVE-2024-41007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tcp_rtx_probe0_timed_out() function in net/ipv4/tcp_timer.c. A local user can perform a denial of service (DoS) attack.
278) Integer underflow (CVE-ID: CVE-2024-46759)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the adc128_set_in() and adc128_set_temp() functions in drivers/hwmon/adc128d818.c. A local user can execute arbitrary code.
279) NULL pointer dereference (CVE-ID: CVE-2024-26802)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the stmmac_fpe_stop_wq() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.
280) Out-of-bounds read (CVE-ID: CVE-2024-46723)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_cgs_get_firmware_info() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c. A local user can perform a denial of service (DoS) attack.
281) Use-after-free (CVE-ID: CVE-2024-27396)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gtp_dellink() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
282) Incorrect calculation (CVE-ID: CVE-2024-46748)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the cachefiles_prepare_write_subreq() function in fs/cachefiles/io.c. A local user can perform a denial of service (DoS) attack.
283) Input validation error (CVE-ID: CVE-2024-35799)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dce110_disable_stream() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_hw_sequencer.c. A local user can perform a denial of service (DoS) attack.
284) Division by zero (CVE-ID: CVE-2024-35925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the blk_rq_stat_init() function in block/blk-stat.c. A local user can perform a denial of service (DoS) attack.
285) Buffer overflow (CVE-ID: CVE-2024-35938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ARRAY_SIZE() function in drivers/net/wireless/ath/ath11k/mhi.c. A local user can perform a denial of service (DoS) attack.
286) Buffer overflow (CVE-ID: CVE-2024-46774)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYSCALL_DEFINE1() function in arch/powerpc/kernel/rtas.c. A local user can perform a denial of service (DoS) attack.
287) Buffer overflow (CVE-ID: CVE-2024-35987)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the setup_bootmem() function in arch/riscv/mm/init.c. A local user can perform a denial of service (DoS) attack.
288) NULL pointer dereference (CVE-ID: CVE-2024-46763)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fou_from_sock(), fou_gro_receive(), fou_gro_complete() and gue_gro_receive() functions in net/ipv4/fou.c. A local user can perform a denial of service (DoS) attack.
289) Improper locking (CVE-ID: CVE-2024-26769)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvmet_fc_tgt_a_get(), __nvmet_fc_finish_ls_req() and nvmet_fc_register_targetport() functions in drivers/nvme/target/fc.c. A local user can perform a denial of service (DoS) attack.
290) Resource management error (CVE-ID: CVE-2024-35994)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the EXPORT_SYMBOL_GPL() and qcom_scm_qseecom_app_send() functions in drivers/firmware/qcom/qcom_scm.c, within the __array_offs(), qsee_uefi_get_variable(), qsee_uefi_set_variable(), qsee_uefi_get_next_variable() and qsee_uefi_query_variable_info() functions in drivers/firmware/qcom/qcom_qseecom_uefisecapp.c. A local user can perform a denial of service (DoS) attack.
291) Buffer overflow (CVE-ID: CVE-2024-38616)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the carl9170_tx_release() function in drivers/net/wireless/ath/carl9170/tx.c. A local user can perform a denial of service (DoS) attack.
292) NULL pointer dereference (CVE-ID: CVE-2024-35919)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vpu_enc_check_ap_inst() function in drivers/media/platform/mediatek/vcodec/encoder/venc_vpu_if.c, within the fops_vcodec_open(), fops_vcodec_release() and mtk_vcodec_probe() functions in drivers/media/platform/mediatek/vcodec/encoder/mtk_vcodec_enc_drv.c, within the mtk_vcodec_vpu_reset_enc_handler() function in drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_vpu.c. A local user can perform a denial of service (DoS) attack.
293) Resource management error (CVE-ID: CVE-2024-26798)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the fbcon_do_set_font() function in drivers/video/fbdev/core/fbcon.c. A local user can perform a denial of service (DoS) attack.
294) Input validation error (CVE-ID: CVE-2024-46754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the net/core/filter.c. A local user can perform a denial of service (DoS) attack.
295) Infinite loop (CVE-ID: CVE-2024-26751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the GPIO_LOOKUP_IDX() function in arch/arm/mach-ep93xx/core.c. A local user can perform a denial of service (DoS) attack.
296) Improper error handling (CVE-ID: CVE-2024-36885)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nvkm_firmware_dtor() and nvkm_firmware_ctor() functions in drivers/gpu/drm/nouveau/nvkm/core/firmware.c. A local user can perform a denial of service (DoS) attack.
297) Memory leak (CVE-ID: CVE-2024-26919)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ulpi_register() function in drivers/usb/common/ulpi.c. A local user can perform a denial of service (DoS) attack.
298) Integer underflow (CVE-ID: CVE-2024-26927)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the sof_ipc3_fw_parse_ext_man() function in sound/soc/sof/ipc3-loader.c. A local user can execute arbitrary code.
299) Out-of-bounds read (CVE-ID: CVE-2024-26797)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the map_hw_resources() function in drivers/gpu/drm/amd/display/dc/dml2/dml2_wrapper.c. A local user can perform a denial of service (DoS) attack.
300) Out-of-bounds read (CVE-ID: CVE-2024-39277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_map_benchmark() function in kernel/dma/map_benchmark.c. A local user can perform a denial of service (DoS) attack.
301) Buffer overflow (CVE-ID: CVE-2024-41039)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the cs_dsp_adsp1_parse_sizes(), cs_dsp_adsp2_parse_sizes(), cs_dsp_load() and cs_dsp_buf_free() functions in drivers/firmware/cirrus/cs_dsp.c. A local user can escalate privileges on the system.
302) Improper error handling (CVE-ID: CVE-2024-46714)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the wbscl_set_scaler_filter() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_dwb_scl.c. A local user can perform a denial of service (DoS) attack.
303) Memory leak (CVE-ID: CVE-2024-35833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/dma/fsl-qdma.c. A local user can perform a denial of service (DoS) attack.
304) Out-of-bounds read (CVE-ID: CVE-2024-46847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the new_vmap_block() function in mm/vmalloc.c. A local user can perform a denial of service (DoS) attack.
305) Buffer overflow (CVE-ID: CVE-2024-38579)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the spu2_dump_omd() function in drivers/crypto/bcm/spu2.c. A local user can perform a denial of service (DoS) attack.
306) Double free (CVE-ID: CVE-2024-26932)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a double free error within the tcpm_port_unregister_pd() function in drivers/usb/typec/tcpm/tcpm.c. A local user can execute arbitrary code.
307) Improper locking (CVE-ID: CVE-2024-35821)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the write_begin_slow(), ubifs_write_begin() and ubifs_write_end() functions in fs/ubifs/file.c. A local user can perform a denial of service (DoS) attack.
308) Use of uninitialized resource (CVE-ID: CVE-2024-36889)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
309) Improper locking (CVE-ID: CVE-2024-35934)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smc_pnet_create_pnetids_list() function in net/smc/smc_pnet.c. A local user can perform a denial of service (DoS) attack.
310) Input validation error (CVE-ID: CVE-2024-41044)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ppp_read() and ppp_write() functions in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.
311) Use-after-free (CVE-ID: CVE-2024-35865)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_valid_oplock_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
312) Memory leak (CVE-ID: CVE-2024-41065)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the alloc_dispatch_log_kmem_cache() function in arch/powerpc/platforms/pseries/setup.c. A local user can perform a denial of service (DoS) attack.
313) Use-after-free (CVE-ID: CVE-2024-46740)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the binder_transaction() function in drivers/android/binder.c. A local user can escalate privileges on the system.
314) Infinite loop (CVE-ID: CVE-2024-35997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the __i2c_hid_command() and i2c_hid_irq() functions in drivers/hid/i2c-hid/i2c-hid-core.c. A local user can perform a denial of service (DoS) attack.
315) Use-after-free (CVE-ID: CVE-2024-39479)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the i915_hwmon_register() function in drivers/gpu/drm/i915/i915_hwmon.c. A local user can escalate privileges on the system.
316) Memory leak (CVE-ID: CVE-2024-26840)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kmem_cache_free() and cachefiles_daemon_unbind() functions in fs/cachefiles/bind.c. A local user can perform a denial of service (DoS) attack.
317) Race condition (CVE-ID: CVE-2024-27058)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the shmem_free_file_info(), shmem_get_next_id(), shmem_acquire_dquot(), shmem_is_empty_dquot() and shmem_release_dquot() functions in mm/shmem_quota.c. A local user can escalate privileges on the system.
318) Improper locking (CVE-ID: CVE-2024-26923)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper locking within the unix_gc() function in net/unix/garbage.c due to garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. A local user can execute arbitrary code with elevated privileges.
319) Memory leak (CVE-ID: CVE-2024-35893)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tcf_skbmod_dump() function in net/sched/act_skbmod.c. A local user can perform a denial of service (DoS) attack.
320) Use-after-free (CVE-ID: CVE-2024-35866)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_dump_full_key() function in fs/smb/client/ioctl.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
321) Memory leak (CVE-ID: CVE-2024-41023)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the enqueue_task_dl() function in kernel/sched/deadline.c. A local user can perform a denial of service (DoS) attack.
322) Improper resource shutdown or release (CVE-ID: CVE-2024-26786)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the iopt_add_access() function in drivers/iommu/iommufd/io_pagetable.c. A local user can perform a denial of service (DoS) attack.
323) Improper locking (CVE-ID: CVE-2024-35957)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the intel_iommu_probe_device() and intel_iommu_release_device() functions in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.
324) NULL pointer dereference (CVE-ID: CVE-2024-46719)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/usb/typec/ucsi/ucsi.h. A local user can perform a denial of service (DoS) attack.
325) Resource management error (CVE-ID: CVE-2024-36006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mlxsw_sp_acl_tcam_vchunk_migrate_one() and mlxsw_sp_acl_tcam_vchunk_migrate_all() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
326) Memory leak (CVE-ID: CVE-2024-38632)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vfio_intx_enable() function in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
327) Use-after-free (CVE-ID: CVE-2024-40958)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL() function in net/core/net_namespace.c. A local user can escalate privileges on the system.
328) NULL pointer dereference (CVE-ID: CVE-2024-35851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qca_prevent_wake() function in drivers/bluetooth/hci_qca.c. A local user can perform a denial of service (DoS) attack.
329) Integer overflow (CVE-ID: CVE-2024-46777)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the udf_fill_partdesc_info() function in fs/udf/super.c. A local user can execute arbitrary code.
330) Resource management error (CVE-ID: CVE-2024-27437)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vfio_intx_set_signal() function in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
331) Buffer overflow (CVE-ID: CVE-2024-41038)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the cs_dsp_coeff_parse_string(), cs_dsp_coeff_parse_int(), cs_dsp_coeff_parse_coeff() and cs_dsp_parse_coeff() functions in drivers/firmware/cirrus/cs_dsp.c. A local user can perform a denial of service (DoS) attack.
332) Memory leak (CVE-ID: CVE-2024-26839)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the init_credit_return() function in drivers/infiniband/hw/hfi1/pio.c. A local user can perform a denial of service (DoS) attack.
333) Out-of-bounds read (CVE-ID: CVE-2024-39462)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the clk_dvp_probe() function in drivers/clk/bcm/clk-bcm2711-dvp.c. A local user can perform a denial of service (DoS) attack.
334) Memory leak (CVE-ID: CVE-2024-26977)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci_iounmap() function in lib/pci_iomap.c. A local user can perform a denial of service (DoS) attack.
335) Use-after-free (CVE-ID: CVE-2024-35955)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the check_kprobe_address_safe() function in kernel/kprobes.c. A local user can escalate privileges on the system.
336) Input validation error (CVE-ID: CVE-2024-35988)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the arch/riscv/include/asm/pgtable.h. A local user can perform a denial of service (DoS) attack.
337) Improper error handling (CVE-ID: CVE-2024-35832)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bch2_snapshots_read() function in fs/bcachefs/snapshot.c. A local user can perform a denial of service (DoS) attack.
338) Improper locking (CVE-ID: CVE-2024-35998)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cifs_sync_mid_result() function in fs/smb/client/transport.c. A local user can perform a denial of service (DoS) attack.
339) Race condition (CVE-ID: CVE-2024-27009)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the ccw_device_set_online() function in drivers/s390/cio/device.c. A local user can escalate privileges on the system.
340) Resource management error (CVE-ID: CVE-2024-41097)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cxacru_bind() function in drivers/usb/atm/cxacru.c. A local user can perform a denial of service (DoS) attack.
341) NULL pointer dereference (CVE-ID: CVE-2024-42089)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fsl_asoc_card_probe() function in sound/soc/fsl/fsl-asoc-card.c. A local user can perform a denial of service (DoS) attack.
342) Use-after-free (CVE-ID: CVE-2024-36886)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a use-after-free error within the tipc_buf_append() function in net/tipc/msg.c when processing fragmented TIPC messages. A remote attacker can send specially crafted packets to the system, trigger a use-after-free error and execute arbitrary code on the system in the context of the kernel.
343) Out-of-bounds read (CVE-ID: CVE-2024-40901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mpt3sas_base_attach() and _base_check_ioc_facts_changes() functions in drivers/scsi/mpt3sas/mpt3sas_base.c. A local user can perform a denial of service (DoS) attack.
344) NULL pointer dereference (CVE-ID: CVE-2024-26984)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nv50_instobj_acquire() function in drivers/gpu/drm/nouveau/nvkm/subdev/instmem/nv50.c. A local user can perform a denial of service (DoS) attack.
345) Double free (CVE-ID: CVE-2024-35847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the its_vpe_irq_domain_alloc() function in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.
346) Improper locking (CVE-ID: CVE-2024-36922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the iwl_txq_reclaim() function in drivers/net/wireless/intel/iwlwifi/queue/tx.c. A local user can perform a denial of service (DoS) attack.
347) Improper error handling (CVE-ID: CVE-2024-46846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the rockchip_spi_suspend() and rockchip_spi_resume() functions in drivers/spi/spi-rockchip.c. A local user can perform a denial of service (DoS) attack.
348) Use-after-free (CVE-ID: CVE-2024-26939)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the active_to_vma() and i915_vma_pin_ww() functions in drivers/gpu/drm/i915/i915_vma.c. A local user can escalate privileges on the system.
349) NULL pointer dereference (CVE-ID: CVE-2024-26784)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the scmi_perf_domain_remove() function in drivers/pmdomain/arm/scmi_perf_domain.c. A local user can perform a denial of service (DoS) attack.
350) NULL pointer dereference (CVE-ID: CVE-2024-26859)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.h. A local user can perform a denial of service (DoS) attack.
351) Use-after-free (CVE-ID: CVE-2023-6270)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.
352) Use-after-free (CVE-ID: CVE-2024-26898)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tx() function in drivers/block/aoe/aoenet.c, within the aoecmd_cfg_pkts() function in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.
353) Improper locking (CVE-ID: CVE-2024-39501)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the uevent_show() function in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.
354) Use-after-free (CVE-ID: CVE-2024-26748)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cdns3_gadget_giveback() function in drivers/usb/cdns3/gadget.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.