SB20250520105 - Multiple vulnerabilities in Dell Storage Resource Manager (SRM) and Dell Storage Monitoring and Reporting (SMR)

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20250520105

SB20250520105 - Multiple vulnerabilities in Dell Storage Resource Manager (SRM) and Dell Storage Monitoring and Reporting (SMR)

Published: May 20, 2025 Updated: September 17, 2025

Security Bulletin ID SB20250520105
Severity
High
Patch available
YES
Number of vulnerabilities 115
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 10% Medium 37% Low 53%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 115 secuirty vulnerabilities.


1) Improper input validation (CVE-ID: CVE-2025-21490)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


2) Improper input validation (CVE-ID: CVE-2025-21519)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


3) Improper input validation (CVE-ID: CVE-2025-21518)

The vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.


4) Improper input validation (CVE-ID: CVE-2025-21505)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Components Services component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


5) Improper input validation (CVE-ID: CVE-2025-21503)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


6) Improper input validation (CVE-ID: CVE-2025-21501)

The vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.


7) Improper input validation (CVE-ID: CVE-2025-21500)

The vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.


8) Improper input validation (CVE-ID: CVE-2025-21499)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: DDL component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


9) Improper input validation (CVE-ID: CVE-2025-21497)

The vulnerability allows a remote privileged user to damange or delete data.

The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.


10) Improper input validation (CVE-ID: CVE-2025-21495)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Firewall component in MySQL Enterprise Firewall. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


11) Improper input validation (CVE-ID: CVE-2025-21493)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


12) Improper input validation (CVE-ID: CVE-2025-21491)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


13) Out-of-bounds read (CVE-ID: CVE-2024-37371)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling GSS message token. A remote attacker can send specially crafted token to the application, trigger an out-of-bounds read error and read contents of memory on the system.


14) Improper input validation (CVE-ID: CVE-2025-21521)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Thread Pooling component in MySQL Server. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.


15) Information disclosure (CVE-ID: CVE-2024-11053)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to an error when using a .netrc file for credentials and an instruction to follow HTTP redirects. The cURL library can leak credentials intended for the first URL prior to redirection. This however will only occur if the .netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.


16) Improper input validation (CVE-ID: CVE-2025-21502)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.


17) Improper input validation (CVE-ID: CVE-2025-0509)

The vulnerability allows a remote privileged user to execute arbitrary code.

The vulnerability exists due to improper input validation within the Install (Sparkle) component in Oracle Java SE. A remote privileged user can exploit this vulnerability to execute arbitrary code.


18) Permissions, privileges, and access controls (CVE-ID: CVE-2024-56337)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to incomplete mitigation for #VU101814(CVE-2024-50379) on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false). A remote attacker can upload malicious files to the server and execute them compromising the system.

The mitigation bypass depends on the version of Java used on the system.


19) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-50379)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to missing access restrictions to the default servlet. If the default servlet is write enabled (readonly initialisation parameter set to the non-default value of false) for a case insensitive file system, concurrent read and upload under load of the same file can bypass Tomcat's case sensitivity checks and cause an uploaded file to be treated as a JSP leading to remote code execution.


20) NULL pointer dereference (CVE-ID: CVE-2025-27113)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the xmlPatMatch() function in pattern.c. A remote attacker can pass specially crafted XML document to the affected application and perform a denial of service (DoS) attack.


21) Buffer overflow (CVE-ID: CVE-2025-26597)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the XkbChangeTypesOfKey() function. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.


22) Man-in-the-Middle (MitM) attack (CVE-ID: CVE-2025-26465)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to incorrect processing of user-supplied data in ssh(1). A remote attacker can perform server impersonation when VerifyHostKeyDNS enabled.


23) Stack-based buffer overflow (CVE-ID: CVE-2025-24928)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the xmlSnprintfElements() function in valid.c. A remote attacker can pass specially crafted XML data to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


24) Out-of-bounds read (CVE-ID: CVE-2025-21692)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ets_class_from_arg() function in net/sched/sch_ets.c. A local user can perform a denial of service (DoS) attack.


25) Integer overflow (CVE-ID: CVE-2025-1125)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow within the hfsplus_open_compressed_real() function when reading data from a hfs filesystem. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


26) Security features bypass (CVE-ID: CVE-2025-1118)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the dump command is not blocked when grub is in lockdown mode. A local user can read any data from the system memory.


27) Improper input validation (CVE-ID: CVE-2025-21520)

The vulnerability allows a local privileged user to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Server: Options component in MySQL Server. A local privileged user can exploit this vulnerability to gain access to sensitive information.


28) Improper input validation (CVE-ID: CVE-2025-21522)

The vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Parser component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.


29) Integer overflow (CVE-ID: CVE-2025-0690)

The vulnerability allows an attacker to escalate privileges on the system.

The vulnerability exists due to integer overflow when reading data from the keyboard input. An attacker with physical access to the system can trigger an integer overflow and execute arbitrary code with elevated privileges.


30) Information disclosure (CVE-ID: CVE-2023-32681)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. A remote attacker can gain unauthorized access to sensitive information on the system.


31) XML External Entity injection (CVE-ID: CVE-2017-9096)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF.


32) Incorrect Regular Expression (CVE-ID: CVE-2024-6232)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of .tar archives when processing it with regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.


33) Improper Neutralization of Argument Delimiters in a Command (CVE-ID: CVE-2024-47611)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to improper validation of arguments passed via command line to the application. A remote attacker can pass specially crafted input to the application (e.g. using a command with Unicode characters in a filename) and execute arbitrary OS commands on the system.


34) Information disclosure (CVE-ID: CVE-2024-37891)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to Prox-Authorization header is not stripped during cross-origin redirects when using urllib3's proxy support with ProxyManager. A remote attacker can gain obtain proxy credentials used by the library.


35) Security features bypass (CVE-ID: CVE-2024-35195)

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to the session object does not verify requests after making first request with verify=False. A local administrator can bypass authentication.


36) Resource exhaustion (CVE-ID: CVE-2024-7592)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the 'http.cookies' standard library module when parsing cookies that contained backslashes for quoted characters in the cookie value. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


37) Command Injection (CVE-ID: CVE-2024-6923)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to insufficient validation of newlines for email headers when serializing an email message. A remote attacker can inject arbitrary headers into serialized email messages.


38) Code Injection (CVE-ID: CVE-2024-6345)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when processing URL in the package_index module of pypa/setuptools. A remote attacker can send a specially crafted request and execute arbitrary code on the target system via download functions.


39) Race condition (CVE-ID: CVE-2024-3219)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a race condition within the socket module, which provides a pure-Python fallback to the socket.socketpair() function for platforms that don’t support AF_UNIX, such as Windows. This pure-Python implementation uses AF_INET or AF_INET6 to create a local connected pair of sockets. The connection between the two sockets was not verified before passing the two sockets back to the user, which leaves the server socket vulnerable to a connection race from a malicious local peer.


40) Resource exhaustion (CVE-ID: CVE-2024-2511)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to unbounded memory growth when processing TLSv1.3 sessions. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Successful exploitation of the vulnerability requires that the non-default SSL_OP_NO_TICKET option is being used in TLSv1.3.


41) Improper Certificate Validation (CVE-ID: CVE-2024-39689)

The vulnerability allows a remote attacker to modify data on the system.

The vulnerability exists due to Certifi python-certifi provide weaker than expected security, caused by the use of GLOBALTRUST root certificate. A remote attacker can trigger the vulnerability to launch further attacks on the system.


42) Out-of-bounds read (CVE-ID: CVE-2023-7104)

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the sessionReadRecord() function in ext/session/sqlite3session.c when processing a corrupt changeset. A remote user can send a specially crafted request to trigger an out-of-bounds read error and read contents of memory on the system or perform a denial of service attack.


43) Improper input validation (CVE-ID: CVE-2025-21523)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


44) Incorrect Regular Expression (CVE-ID: CVE-2022-40899)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation when processing the Set-Cookie header. A remote attacker can send a specially crafted HTTP request to the application and perform a regular expression denial of service (ReDoS) attack.


45) Resource exhaustion (CVE-ID: CVE-2020-22916)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when decompressing files. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


46) XML External Entity injection (CVE-ID: CVE-2021-33813)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied XML input within the SAXBuilder. A remote attacker can pass a specially crafted XML code to the affected application and view contents of arbitrary files on the system or initiate requests to external systems.

Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.


47) Uncontrolled Recursion (CVE-ID: CVE-2023-1370)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to uncontrolled recursion when processing nested arrays and objects. A remote attacker can pass specially crafted JSON data to the application and perform a denial of service (DoS) attack.


48) Improper input validation (CVE-ID: CVE-2025-21566)

The vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.


49) Improper input validation (CVE-ID: CVE-2025-21559)

The vulnerability allows a remote privileged user to damange or delete data.

The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.


50) Improper input validation (CVE-ID: CVE-2025-21555)

The vulnerability allows a remote privileged user to damange or delete data.

The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to damange or delete data.


51) Improper input validation (CVE-ID: CVE-2025-21548)

The vulnerability allows a remote privileged user to execute arbitrary code.

The vulnerability exists due to improper input validation within the Connector/Python component in MySQL Connectors. A remote privileged user can exploit this vulnerability to execute arbitrary code.


52) Improper input validation (CVE-ID: CVE-2025-21543)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Packaging component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


53) Improper input validation (CVE-ID: CVE-2025-21540)

The vulnerability allows a remote authenticated user to read and manipulate data.

The vulnerability exists due to improper input validation within the Server: Security: Privileges component in MySQL Server. A remote authenticated user can exploit this vulnerability to read and manipulate data.


54) Improper input validation (CVE-ID: CVE-2025-21531)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the InnoDB component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


55) Improper input validation (CVE-ID: CVE-2025-21529)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Information Schema component in MySQL Server. A remote privileged user can exploit this vulnerability to perform a denial of service (DoS) attack.


56) Integer overflow (CVE-ID: CVE-2025-0725)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow when handling gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING option using zlib 1.2.0.3 or older. A remote attacker can send specially crafted response to the application, trigger an integer overflow and execute arbitrary code on the target system.



57) Heap-based buffer overflow (CVE-ID: CVE-2025-0689)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the grub_udf_read_block() function when reading data from disk. A local user can trigger a heap-based buffer overflow and execute arbitrary code with elevated privileges.


58) Out-of-bounds write (CVE-ID: CVE-2023-4016)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing untrusted input. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.


59) NULL pointer dereference (CVE-ID: CVE-2024-45783)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error when failing to mount a HFS+. A local user can perform a denial of service (DoS) attack.


60) Use-after-free (CVE-ID: CVE-2024-54680)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the clean_demultiplex_info(), cifs_get_tcp_session(), cifs_crypto_secmech_release(), cifs_put_tcp_session() and generic_ip_connect() functions in fs/smb/client/connect.c. A local user can perform a denial of service (DoS) attack.


61) Use-after-free (CVE-ID: CVE-2024-53177)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the SMB2_query_info_free(), invalidate_all_cached_dirs(), smb2_cached_lease_break(), cached_dir_lease_break() and cfids_laundromat_worker() functions in fs/smb/client/cached_dir.c. A local user can escalate privileges on the system.


62) Use-after-free (CVE-ID: CVE-2024-53166)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bfq_choose_req(), bfqq_request_over_limit() and bfq_limit_depth() functions in block/bfq-iosched.c. A local user can escalate privileges on the system.


63) Input validation error (CVE-ID: CVE-2024-53144)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the hci_user_confirm_request_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.


64) Out-of-bounds write (CVE-ID: CVE-2024-53104)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an out-of-bounds read error within the uvc_parse_format() function in drivers/media/usb/uvc/uvc_driver.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.

Note, the vulnerability is being actively exploited in the wild.


65) Use-after-free (CVE-ID: CVE-2024-53095)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the clean_demultiplex_info(), cifs_put_tcp_session() and generic_ip_connect() functions in fs/smb/client/connect.c. A local user can escalate privileges on the system.


66) Off-by-one (CVE-ID: CVE-2024-52533)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an off-by-one error in gio/gsocks4aproxy.c when handling responses from SOCKS4 proxy. A remote attacker can trick the victim into connecting to a malicious SOCKS4 proxy server, trigger an off-by-one error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


67) Improper Encoding or Escaping of Output (CVE-ID: CVE-2024-52006)

The vulnerability allows a remote attacker to exfiltrate data.

The vulnerability exists due to newline confusion in credential helpers when interpreting single Carriage Return characters. A remote attacker can gain access to sensitive information.


68) Improper Encoding or Escaping of Output (CVE-ID: CVE-2024-50349)

The vulnerability allows a remote attacker to perform spoofing  attack.

The vulnerability exists due to incorrect handling of control sequences in account names when asking for credentials. A remote attacker can trick the victim into clicking on a specially crafted URL and trick users into providing passwords for trusted Git hosting sites when in fact they are then sent to untrusted sites that are under the attacker's control.


69) Use-after-free (CVE-ID: CVE-2024-50199)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the unuse_mm() function in mm/swapfile.c. A local user can escalate privileges on the system.


70) Inefficient regular expression complexity (CVE-ID: CVE-2024-49761)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when parsing an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.


71) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2024-47220)

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially crafted HTTP request containing both a Content-Length header and a Transfer-Encoding header to the server and smuggle arbitrary HTTP headers.

Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.


72) Out-of-bounds write (CVE-ID: CVE-2024-45782)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when reading a volume's name within the grub_fs_mount() function in HFS filesystem driver. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.


73) Use-after-free (CVE-ID: CVE-2024-56600)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the htons() function in net/ipv6/af_inet6.c. A local user can escalate privileges on the system.


74) Out-of-bounds write (CVE-ID: CVE-2024-45781)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when ready symbolic link name from a UFS filesystem. A local user can trigger an out-of-bounds write and execute arbitrary code.


75) Integer overflow (CVE-ID: CVE-2024-45780)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow when handling tar files. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


76) Integer overflow (CVE-ID: CVE-2024-45779)

The vulnerability allows a local user to corrupt data.

The vulnerability exists due to integer overflow within the BFS filesystem driver. A local user can trigger an integer overflow and corrupt data.


77) Integer overflow (CVE-ID: CVE-2024-45778)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow when reading BFS filesystem. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


78) Integer overflow (CVE-ID: CVE-2024-45777)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow within the grub_gettext_getstr_from_position() function when reading .mo file. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


79) Integer overflow (CVE-ID: CVE-2024-45776)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow within the grub_mofile_open() function when reading .mo file. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


80) Improper error handling (CVE-ID: CVE-2024-45775)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect handling of memory allocation failures within the grub_extcmd_dispatcher() function. A local user can perform a denial of service attack or corrupt the IVT data.


81) Out-of-bounds write (CVE-ID: CVE-2024-45774)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when parsing JPEG files. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.


82) Covert Timing Channel (CVE-ID: CVE-2024-13176)

The vulnerability allows a remote attacker to recover a private key.

The vulnerability exists due to a timing side-channel in ECDSA signature computations. A remote attacker can recover the private key and decrypt data.

Successful exploitation of the vulnerability requires that the attacker's process must either be located in the same physical computer or must have a very fast network connection with low latency.


83) Resource exhaustion (CVE-ID: CVE-2024-12133)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources processing a large number of SEQUENCE OF or SET OF elements in a certificate. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


84) Resource exhaustion (CVE-ID: CVE-2024-11187)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when handling DNS zones with numerous records in the Additional section. A remote attacker can trigger resource exhaustion by sending multiple queries to he affected server and perform a denial of service (DoS) attack.


85) Improper access control (CVE-ID: CVE-2024-8805)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions within the implementation of the HID over GATT Profile. A remote attacker on the local network can bypass implemented security restrictions and execute arbitrary code on the target system.


86) Use-after-free (CVE-ID: CVE-2024-56171)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the xmlSchemaIDCFillNodeTables() and xmlSchemaBubbleIDCNodeTables() functions in xmlschemas.c. A remote attacker can pass specially crafted XML document to the application, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


87) Use-after-free (CVE-ID: CVE-2024-56601)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the htons() function in net/ipv4/af_inet.c. A local user can escalate privileges on the system.


88) Integer overflow (CVE-ID: CVE-2025-0686)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow within the grub_romfs_read_symlink() function when performing a symlink lookup from a romfs filesystem. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


89) Buffer overflow (CVE-ID: CVE-2024-57792)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the set_charge_current_limit() function in drivers/power/supply/gpio-charger.c. A local user can perform a denial of service (DoS) attack.


90) Integer overflow (CVE-ID: CVE-2025-0685)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow when reading data from a jfs filesystem within the grub_jfs_lookup_symlink() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


91) Out-of-bounds write (CVE-ID: CVE-2025-0684)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when performing a symlink lookup from a reiserfs filesystem. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.


92) Integer overflow (CVE-ID: CVE-2025-0678)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow in squash4 fs module. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


93) Integer overflow (CVE-ID: CVE-2025-0677)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow when performing a symlink lookup within the grub_ufs_lookup_symlink() function in UFS filesystem driver. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.


94) Out-of-bounds write (CVE-ID: CVE-2025-0624)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the grub_net_search_config_file() function. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.


95) Use-after-free (CVE-ID: CVE-2025-0622)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error caused by not removing hooks when the related module is being unloaded. A local user can execute arbitrary code with elevated privileges.



96) Buffer overflow (CVE-ID: CVE-2025-0395)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when the assert() function fails. A remote attacker can trigger memory corruption and perform a denial of service (DoS) attack.


97) Information disclosure (CVE-ID: CVE-2025-0167)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to application can leak credentials when asked to use a .netrc file for credentials and to follow HTTP redirects. A remote attacker can gain access to sensitive information.


98) Improper locking (CVE-ID: CVE-2024-57897)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the svm_migrate_copy_to_vram() and svm_migrate_copy_to_ram() functions in drivers/gpu/drm/amd/amdkfd/kfd_migrate.c. A local user can perform a denial of service (DoS) attack.


99) Out-of-bounds read (CVE-ID: CVE-2024-57893)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the DEFINE_SPINLOCK() and snd_seq_oss_synth_sysex() functions in sound/core/seq/oss/seq_oss_synth.c. A local user can perform a denial of service (DoS) attack.


100) Use-after-free (CVE-ID: CVE-2024-57849)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cpumsf_pmu_stop() function in arch/s390/kernel/perf_cpum_sf.c. A local user can escalate privileges on the system.


101) Use-after-free (CVE-ID: CVE-2024-57798)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_dp_mst_up_req_work() and drm_dp_mst_handle_up_req() functions in drivers/gpu/drm/display/drm_dp_mst_topology.c. A local user can escalate privileges on the system.


102) Input validation error (CVE-ID: CVE-2024-57791)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the smc_clc_wait_msg() function in net/smc/smc_clc.c. A local user can perform a denial of service (DoS) attack.


103) Use-after-free (CVE-ID: CVE-2024-56602)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee802154_create() function in net/ieee802154/socket.c. A local user can escalate privileges on the system.


104) Use-after-free (CVE-ID: CVE-2024-56759)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btrfs_force_cow_block() and btrfs_cow_block() functions in fs/btrfs/ctree.c. A local user can escalate privileges on the system.


105) Heap-based buffer overflow (CVE-ID: CVE-2024-56737)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the fs/hfs.c when reading sblock data from HFS filesystem. A local user can trigger a heap-based buffer overflow and execute arbitrary code with elevated privileges.


106) Double free (CVE-ID: CVE-2024-56704)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the xen_9pfs_front_free() function in net/9p/trans_xen.c. A local user can perform a denial of service (DoS) attack.


107) Use-after-free (CVE-ID: CVE-2024-56664)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the sock_map_lookup_sys() function in net/core/sock_map.c. A local user can escalate privileges on the system.


108) NULL pointer dereference (CVE-ID: CVE-2024-56661)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cleanup_bearer() function in net/tipc/udp_media.c. A local user can perform a denial of service (DoS) attack.


109) Use-after-free (CVE-ID: CVE-2024-56658)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the LLIST_HEAD(), net_free() and cleanup_net() functions in net/core/net_namespace.c. A local user can escalate privileges on the system.


110) Out-of-bounds read (CVE-ID: CVE-2024-56650)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the led_tg_check() function in net/netfilter/xt_LED.c. A local user can perform a denial of service (DoS) attack.


111) Out-of-bounds read (CVE-ID: CVE-2024-56648)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the fill_frame_info() function in net/hsr/hsr_forward.c. A local user can perform a denial of service (DoS) attack.


112) Integer underflow (CVE-ID: CVE-2024-56645)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the j1939_session_new() function in net/can/j1939/transport.c. A local user can execute arbitrary code.


113) Use-after-free (CVE-ID: CVE-2024-56642)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cleanup_bearer() function in net/tipc/udp_media.c. A local user can escalate privileges on the system.


114) Use-after-free (CVE-ID: CVE-2024-56631)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the sg_release() function in drivers/scsi/sg.c. A local user can escalate privileges on the system.


115) Use-after-free (CVE-ID: CVE-2024-56623)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qla2x00_do_dpc() function in drivers/scsi/qla2xxx/qla_os.c. A local user can escalate privileges on the system.


Remediation

Install update from vendor's website.

References