SB20251015148 - SUSE update for the Linux Kernel
Published: October 15, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 346 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2023-31248)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in nft_chain_lookup_byid() function, which failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace. A local user ca trigger a use-after-free error and execute arbitrary code with elevated privileges.
2) NULL pointer dereference (CVE-ID: CVE-2023-3772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the xfrm_update_ae_params() function in the IP framework for transforming packets (XFRM subsystem). A local user with CAP_NET_ADMIN privileges can perform a denial of service (DoS) attack.
3) Out-of-bounds read (CVE-ID: CVE-2023-39197)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the Netfilter Connection Tracking (conntrack) in the Linux kernel in the nf_conntrack_dccp_packet() function in net/netfilter/nf_conntrack_proto_dccp.c. A remote attacker can send specially crafted DCCP packets to the system, trigger an out-of-bounds read error and read contents of memory on the system.
4) Out-of-bounds write (CVE-ID: CVE-2023-42753)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the netfilter subsystem in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
5) NULL pointer dereference (CVE-ID: CVE-2023-53147)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xfrm_update_ae_params() function in net/xfrm/xfrm_user.c. A local user can perform a denial of service (DoS) attack.
6) Resource management error (CVE-ID: CVE-2023-53148)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the igb_io_error_detected() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
7) NULL pointer dereference (CVE-ID: CVE-2023-53150)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla24xx_bsg_request() function in drivers/scsi/qla2xxx/qla_bsg.c. A local user can perform a denial of service (DoS) attack.
8) Memory leak (CVE-ID: CVE-2023-53151)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the flush_pending_writes() and raid10_unplug() functions in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
9) Resource management error (CVE-ID: CVE-2023-53152)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the psp_sw_fini() and psp_hw_fini() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c. A local user can perform a denial of service (DoS) attack.
10) Use of uninitialized resource (CVE-ID: CVE-2023-53165)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the udf_name_from_CS0() function in fs/udf/unicode.c. A local user can perform a denial of service (DoS) attack.
11) NULL pointer dereference (CVE-ID: CVE-2023-53167)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
12) Improper resource shutdown or release (CVE-ID: CVE-2023-53170)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the felix_parse_ports_node() function in drivers/net/dsa/ocelot/felix.c. A local user can perform a denial of service (DoS) attack.
13) Memory leak (CVE-ID: CVE-2023-53174)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the raid_component_add() function in drivers/scsi/raid_class.c. A local user can perform a denial of service (DoS) attack.
14) Input validation error (CVE-ID: CVE-2023-53175)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hv_pci_restore_msi_msg() function in drivers/pci/controller/pci-hyperv.c. A local user can perform a denial of service (DoS) attack.
15) Integer underflow (CVE-ID: CVE-2023-53177)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the hi846_set_ctrl() function in drivers/media/i2c/hi846.c. A local user can execute arbitrary code.
16) Out-of-bounds read (CVE-ID: CVE-2023-53179)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the MODULE_ALIAS() function in net/netfilter/ipset/ip_set_hash_netportnet.c. A local user can perform a denial of service (DoS) attack.
17) NULL pointer dereference (CVE-ID: CVE-2023-53180)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath12k_mac_mgmt_tx_wmi() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.
18) Memory leak (CVE-ID: CVE-2023-53181)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dma_resv_get_fences() function in drivers/dma-buf/dma-resv.c. A local user can perform a denial of service (DoS) attack.
19) Reachable assertion (CVE-ID: CVE-2023-53183)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the prepare_to_merge() and merge_reloc_roots() functions in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.
20) Buffer overflow (CVE-ID: CVE-2023-53184)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the vec_set_vector_length() function in arch/arm64/kernel/fpsimd.c. A local user can escalate privileges on the system.
21) Input validation error (CVE-ID: CVE-2023-53185)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the htc_process_conn_rsp() function in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
22) Use-after-free (CVE-ID: CVE-2023-53187)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fs/btrfs/block-group.h. A local user can escalate privileges on the system.
23) Integer underflow (CVE-ID: CVE-2023-53189)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the addrconf_del_dad_work() function in net/ipv6/addrconf.c. A local user can execute arbitrary code.
24) Improper locking (CVE-ID: CVE-2023-53192)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/net/vxlan.h. A local user can perform a denial of service (DoS) attack.
25) Memory leak (CVE-ID: CVE-2023-53195)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlxsw_m_linecards_init() function in drivers/net/ethernet/mellanox/mlxsw/minimal.c. A local user can perform a denial of service (DoS) attack.
26) Memory leak (CVE-ID: CVE-2023-53196)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dwc3_qcom_probe() function in drivers/usb/dwc3/dwc3-qcom.c. A local user can perform a denial of service (DoS) attack.
27) Integer overflow (CVE-ID: CVE-2023-53201)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the __send_message() and bnxt_qplib_alloc_rcfw_channel() functions in drivers/infiniband/hw/bnxt_re/qplib_rcfw.c. A local user can execute arbitrary code.
28) Improper locking (CVE-ID: CVE-2023-53204)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the unix_inflight(), unix_notinflight() and too_many_unix_fds() functions in net/unix/scm.c. A local user can perform a denial of service (DoS) attack.
29) Out-of-bounds read (CVE-ID: CVE-2023-53205)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the diag9c_forwarding_overrun() and __diag_time_slice_end_directed() functions in arch/s390/kvm/diag.c. A local user can perform a denial of service (DoS) attack.
30) NULL pointer dereference (CVE-ID: CVE-2023-53206)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the _pmbus_is_enabled(), _pmbus_get_flags() and pmbus_get_flags() functions in drivers/hwmon/pmbus/pmbus_core.c. A local user can perform a denial of service (DoS) attack.
31) Improper locking (CVE-ID: CVE-2023-53207)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ublk_ctrl_end_recovery() function in drivers/block/ublk_drv.c. A local user can perform a denial of service (DoS) attack.
32) Reachable assertion (CVE-ID: CVE-2023-53208)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the nested_svm_vmexit() function in arch/x86/kvm/svm/nested.c. A local user can perform a denial of service (DoS) attack.
33) NULL pointer dereference (CVE-ID: CVE-2023-53209)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mac80211_hwsim_select_tx_link() function in drivers/net/wireless/virtual/mac80211_hwsim.c. A local user can perform a denial of service (DoS) attack.
34) NULL pointer dereference (CVE-ID: CVE-2023-53210)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the r5l_log_flush_endio() function in drivers/md/raid5-cache.c. A local user can perform a denial of service (DoS) attack.
35) Resource management error (CVE-ID: CVE-2023-53215)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the load_balance() function in kernel/sched/fair.c. A local user can perform a denial of service (DoS) attack.
36) Improper locking (CVE-ID: CVE-2023-53217)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nubus_proc_rsrc_show(), nubus_proc_add_rsrc_mem() and nubus_proc_add_rsrc() functions in drivers/nubus/proc.c. A local user can perform a denial of service (DoS) attack.
37) NULL pointer dereference (CVE-ID: CVE-2023-53220)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the az6007_i2c_xfer() function in drivers/media/usb/dvb-usb-v2/az6007.c. A local user can perform a denial of service (DoS) attack.
38) Memory leak (CVE-ID: CVE-2023-53221)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bpf_trampoline_get_progs() and bpf_trampoline_update() functions in kernel/bpf/trampoline.c. A local user can perform a denial of service (DoS) attack.
39) Out-of-bounds read (CVE-ID: CVE-2023-53222)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fs/jfs/jfs_filsys.h. A local user can perform a denial of service (DoS) attack.
40) Out-of-bounds read (CVE-ID: CVE-2023-53226)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mwifiex_process_mgmt_packet() function in drivers/net/wireless/marvell/mwifiex/util.c. A local user can perform a denial of service (DoS) attack.
41) Memory leak (CVE-ID: CVE-2023-53230)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_smb3_do_mount() function in fs/smb/client/cifsfs.c. A local user can perform a denial of service (DoS) attack.
42) Improper locking (CVE-ID: CVE-2023-53231)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the z_erofs_decompress_kickoff() function in fs/erofs/zdata.c. A local user can perform a denial of service (DoS) attack.
43) Use-after-free (CVE-ID: CVE-2023-53235)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the include/drm/drm_kunit_helpers.h. A local user can escalate privileges on the system.
44) Out-of-bounds read (CVE-ID: CVE-2023-53238)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hisi_inno_phy_probe() function in drivers/phy/hisilicon/phy-hisi-inno-usb2.c. A local user can perform a denial of service (DoS) attack.
45) Improper error handling (CVE-ID: CVE-2023-53243)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the btrfs_reduce_alloc_profile() function in fs/btrfs/block-group.c. A local user can perform a denial of service (DoS) attack.
46) NULL pointer dereference (CVE-ID: CVE-2023-53245)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the storvsc_host_reset_handler() function in drivers/scsi/storvsc_drv.c. A local user can perform a denial of service (DoS) attack.
47) Improper locking (CVE-ID: CVE-2023-53247)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the btrfs_truncate_block() function in fs/btrfs/inode.c. A local user can perform a denial of service (DoS) attack.
48) NULL pointer dereference (CVE-ID: CVE-2023-53248)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_vm_bo_add(), amdgpu_vm_init() and amdgpu_vm_make_compute() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can perform a denial of service (DoS) attack.
49) Memory leak (CVE-ID: CVE-2023-53249)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx8mn_clocks_probe() function in drivers/clk/imx/clk-imx8mn.c. A local user can perform a denial of service (DoS) attack.
50) NULL pointer dereference (CVE-ID: CVE-2023-53251)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iwl_pcie_irq_rx_msix_handler() function in drivers/net/wireless/intel/iwlwifi/pcie/rx.c. A local user can perform a denial of service (DoS) attack.
51) Use-after-free (CVE-ID: CVE-2023-53252)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the restart_le_actions(), set_device_flags(), hci_conn_params_set() and remove_device() functions in net/bluetooth/mgmt.c. A local user can escalate privileges on the system.
52) Memory leak (CVE-ID: CVE-2023-53255)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the svc_create_memory_pool() function in drivers/firmware/stratix10-svc.c. A local user can perform a denial of service (DoS) attack.
53) Input validation error (CVE-ID: CVE-2023-53257)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ieee80211_rx_h_action() function in net/mac80211/rx.c. A local user can perform a denial of service (DoS) attack.
54) Integer underflow (CVE-ID: CVE-2023-53258)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the dcn314_populate_dml_pipes_from_context_fpu() function in drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c. A local user can execute arbitrary code.
55) NULL pointer dereference (CVE-ID: CVE-2023-53260)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ovl_permission() function in fs/overlayfs/inode.c. A local user can perform a denial of service (DoS) attack.
56) Memory leak (CVE-ID: CVE-2023-53261)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the acpi_validate_dsd_graph(), acpi_validate_coresight_graph() and acpi_coresight_parse_graph() functions in drivers/hwtracing/coresight/coresight-platform.c. A local user can perform a denial of service (DoS) attack.
57) Buffer overflow (CVE-ID: CVE-2023-53263)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nouveau_connector_create() function in drivers/gpu/drm/nouveau/nouveau_connector.c. A local user can escalate privileges on the system.
58) Information disclosure (CVE-ID: CVE-2023-53264)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the imxrt1050_clocks_probe() function in drivers/clk/imx/clk-imxrt1050.c. A local user can gain access to sensitive information.
59) Integer overflow (CVE-ID: CVE-2023-53272)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the ena_com_comp_status_to_errno() function in drivers/net/ethernet/amazon/ena/ena_com.c. A local user can execute arbitrary code.
60) Buffer overflow (CVE-ID: CVE-2023-53274)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the function in drivers/clk/mediatek/clk-mt8183.c. A local user can escalate privileges on the system.
61) Race condition within a thread (CVE-ID: CVE-2023-53275)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the EXPORT_SYMBOL_GPL() function in sound/hda/hdac_regmap.c. A local user can corrupt data.
62) Improper Initialization (CVE-ID: CVE-2023-53280)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the qla_nvme_ls_req() and qla_nvme_post_cmd() functions in drivers/scsi/qla2xxx/qla_nvme.c. A local user can perform a denial of service (DoS) attack.
63) Resource management error (CVE-ID: CVE-2023-53286)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mlx5_core_destroy_qp(), mlx5_core_xrcd_dealloc() and mlx5_core_destroy_rq_tracked() functions in drivers/infiniband/hw/mlx5/qpc.c. A local user can perform a denial of service (DoS) attack.
64) Resource management error (CVE-ID: CVE-2023-53287)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the drivers/usb/cdns3/core.h. A local user can perform a denial of service (DoS) attack.
65) Information disclosure (CVE-ID: CVE-2023-53288)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the drm_client_modeset_probe() function in drivers/gpu/drm/drm_client_modeset.c. A local user can gain access to sensitive information.
66) Resource management error (CVE-ID: CVE-2023-53291)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rcu_scale_cleanup() function in kernel/rcu/rcuscale.c. A local user can perform a denial of service (DoS) attack.
67) Input validation error (CVE-ID: CVE-2023-53292)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the blk_mq_elv_switch_none() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
68) Information disclosure (CVE-ID: CVE-2023-53303)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the vcap_dup_rule() function in drivers/net/ethernet/microchip/vcap/vcap_api.c. A local user can gain access to sensitive information.
69) Memory leak (CVE-ID: CVE-2023-53304)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_rbtree_get() and __nft_rbtree_insert() functions in net/netfilter/nft_set_rbtree.c. A local user can perform a denial of service (DoS) attack.
70) Use-after-free (CVE-ID: CVE-2023-53305)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_le_command_rej() function in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
71) Use of uninitialized resource (CVE-ID: CVE-2023-53309)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the radeon_cs_parser_init() function in drivers/gpu/drm/radeon/radeon_cs.c. A local user can perform a denial of service (DoS) attack.
72) Use-after-free (CVE-ID: CVE-2023-53311)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fs/nilfs2/the_nilfs.h. A local user can escalate privileges on the system.
73) Resource management error (CVE-ID: CVE-2023-53312)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/trace/events/net.h. A local user can perform a denial of service (DoS) attack.
74) Buffer overflow (CVE-ID: CVE-2023-53313)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the max_corrected_read_errors_store() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
75) Memory leak (CVE-ID: CVE-2023-53314)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ep93xxfb_probe() function in drivers/video/fbdev/ep93xx-fb.c. A local user can perform a denial of service (DoS) attack.
76) Use-after-free (CVE-ID: CVE-2023-53316)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dp_display_remove() function in drivers/gpu/drm/msm/dp/dp_display.c. A local user can escalate privileges on the system.
77) Use-after-free (CVE-ID: CVE-2023-53319)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the finalize_pkvm() function in arch/arm64/kvm/pkvm.c. A local user can escalate privileges on the system.
78) Input validation error (CVE-ID: CVE-2023-53321)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hwsim_cloned_frame_received_nl() function in drivers/net/wireless/mac80211_hwsim.c. A local user can perform a denial of service (DoS) attack.
79) Use-after-free (CVE-ID: CVE-2023-53322)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qla2x00_terminate_rport_io() function in drivers/scsi/qla2xxx/qla_attr.c. A local user can escalate privileges on the system.
80) Improper locking (CVE-ID: CVE-2023-53323)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext2_setsize() function in fs/ext2/inode.c. A local user can perform a denial of service (DoS) attack.
81) Memory leak (CVE-ID: CVE-2023-53324)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mdp5_plane_destroy_state() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_plane.c. A local user can perform a denial of service (DoS) attack.
82) NULL pointer dereference (CVE-ID: CVE-2023-53325)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_dp_aux_do_transfer() and mtk_dp_aux_transfer() functions in drivers/gpu/drm/mediatek/mtk_dp.c. A local user can perform a denial of service (DoS) attack.
83) NULL pointer dereference (CVE-ID: CVE-2023-53328)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ni_create_attr_list() function in fs/ntfs3/frecord.c. A local user can perform a denial of service (DoS) attack.
84) Input validation error (CVE-ID: CVE-2023-53331)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the persistent_ram_post_init() function in fs/pstore/ram_core.c. A local user can perform a denial of service (DoS) attack.
85) Out-of-bounds read (CVE-ID: CVE-2023-53333)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dccp_error() function in net/netfilter/nf_conntrack_proto_dccp.c. A local user can perform a denial of service (DoS) attack.
86) NULL pointer dereference (CVE-ID: CVE-2023-53336)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ipu_bridge_connect_sensor() function in drivers/media/pci/intel/ipu-bridge.c. A local user can perform a denial of service (DoS) attack.
87) Use-after-free (CVE-ID: CVE-2023-53338)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the run_lwt_bpf() and bpf_lwt_xmit_reroute() functions in net/core/lwt_bpf.c. A local user can escalate privileges on the system.
88) Improper error handling (CVE-ID: CVE-2023-53339)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the btrfs_cancel_balance() function in fs/btrfs/volumes.c. A local user can perform a denial of service (DoS) attack.
89) Resource management error (CVE-ID: CVE-2023-53342)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the prestera_util_neigh2nc_key() and prestera_kern_fib_info_nhc() functions in drivers/net/ethernet/marvell/prestera/prestera_router.c. A local user can perform a denial of service (DoS) attack.
90) NULL pointer dereference (CVE-ID: CVE-2023-53343)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the icmp6_dev() function in net/ipv6/icmp.c. A local user can perform a denial of service (DoS) attack.
91) Memory leak (CVE-ID: CVE-2023-53350)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qaic_attach_slice_bo_ioctl() function in drivers/accel/qaic/qaic_data.c. A local user can perform a denial of service (DoS) attack.
92) NULL pointer dereference (CVE-ID: CVE-2023-53352)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ttm_bo_evict_swapout_allowable() function in drivers/gpu/drm/ttm/ttm_bo.c. A local user can perform a denial of service (DoS) attack.
93) NULL pointer dereference (CVE-ID: CVE-2023-53354)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the skb_segment() function in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.
94) NULL pointer dereference (CVE-ID: CVE-2023-53356)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/usb/gadget/function/u_serial.c. A local user can perform a denial of service (DoS) attack.
95) Out-of-bounds read (CVE-ID: CVE-2023-53357)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __acquires() function in drivers/md/md-bitmap.c. A local user can perform a denial of service (DoS) attack.
96) NULL pointer dereference (CVE-ID: CVE-2023-53360)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfs_readhdr_alloc() and nfs_pageio_reset_read_mds() functions in fs/nfs/read.c. A local user can perform a denial of service (DoS) attack.
97) Input validation error (CVE-ID: CVE-2023-53362)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __fsl_mc_device_remove_if_not_in_mc() function in drivers/bus/fsl-mc/dprc-driver.c. A local user can perform a denial of service (DoS) attack.
98) NULL pointer dereference (CVE-ID: CVE-2023-53364)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the da9063_check_xvp_constraints() and da9063_regulator_probe() functions in drivers/regulator/da9063-regulator.c. A local user can perform a denial of service (DoS) attack.
99) Improper locking (CVE-ID: CVE-2023-53365)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ip6mr_cache_report() function in net/ipv6/ip6mr.c. A local user can perform a denial of service (DoS) attack.
100) Memory leak (CVE-ID: CVE-2023-53367)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hl_device_open() function in drivers/accel/habanalabs/common/habanalabs_drv.c. A local user can perform a denial of service (DoS) attack.
101) Improper error handling (CVE-ID: CVE-2023-53368)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the tracing_snapshot_open() and tracing_snapshot_write() functions in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
102) Buffer overflow (CVE-ID: CVE-2023-53369)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dcbnl_bcn_setcfg() function in net/dcb/dcbnl.c. A local user can perform a denial of service (DoS) attack.
103) Memory leak (CVE-ID: CVE-2023-53370)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_ring_fini() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c. A local user can perform a denial of service (DoS) attack.
104) Memory leak (CVE-ID: CVE-2023-53371)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5e_fs_tt_redirect_any_create() function in drivers/net/ethernet/mellanox/mlx5/core/en/fs_tt_redirect.c. A local user can perform a denial of service (DoS) attack.
105) Use-after-free (CVE-ID: CVE-2023-53374)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_conn_add() and hci_conn_unlink() functions in net/bluetooth/hci_conn.c. A local user can escalate privileges on the system.
106) Use-after-free (CVE-ID: CVE-2023-53377)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_compound_op() function in fs/smb/client/smb2inode.c. A local user can escalate privileges on the system.
107) Memory leak (CVE-ID: CVE-2023-53379)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tahvo_usb_probe() function in drivers/usb/phy/phy-tahvo.c. A local user can perform a denial of service (DoS) attack.
108) NULL pointer dereference (CVE-ID: CVE-2023-53380)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the raid10_sync_request() function in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
109) NULL pointer dereference (CVE-ID: CVE-2023-53384)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mwifiex_handle_uap_rx_forward() function in drivers/net/wireless/marvell/mwifiex/uap_txrx.c. A local user can perform a denial of service (DoS) attack.
110) Memory leak (CVE-ID: CVE-2023-53385)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mdp_get_subsys_id() function in drivers/media/platform/mediatek/mdp3/mtk-mdp3-comp.c. A local user can perform a denial of service (DoS) attack.
111) Use-after-free (CVE-ID: CVE-2023-53386)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_uuids_clear() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
112) Memory leak (CVE-ID: CVE-2023-53391)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the function in mm/shmem.c. A local user can perform a denial of service (DoS) attack.
113) Input validation error (CVE-ID: CVE-2023-53394)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5e_modify_rq_state() and mlx5e_rq_to_ready() functions in drivers/net/ethernet/mellanox/mlx5/core/en_main.c. A local user can perform a denial of service (DoS) attack.
114) Out-of-bounds read (CVE-ID: CVE-2023-53395)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the function in drivers/acpi/acpica/psopcode.c. A local user can perform a denial of service (DoS) attack.
115) Out-of-bounds read (CVE-ID: CVE-2023-53397)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the default_mismatch_handler() function in scripts/mod/modpost.c. A local user can perform a denial of service (DoS) attack.
116) Use-after-free (CVE-ID: CVE-2023-53401)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mod_objcg_state(), consume_obj_stock(), drain_obj_stock() and refill_obj_stock() functions in mm/memcontrol.c. A local user can escalate privileges on the system.
117) Out-of-bounds read (CVE-ID: CVE-2023-53420)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ntfs_list_ea() function in fs/ntfs3/xattr.c. A local user can perform a denial of service (DoS) attack.
118) NULL pointer dereference (CVE-ID: CVE-2023-53421)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blkcg_reset_stats() function in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
119) Memory leak (CVE-ID: CVE-2023-53424)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mtk_clk_simple_probe() function in drivers/clk/mediatek/clk-mtk.c. A local user can perform a denial of service (DoS) attack.
120) NULL pointer dereference (CVE-ID: CVE-2023-53425)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the load_requested_vpu() function in drivers/media/platform/mtk-vpu/mtk_vpu.c. A local user can perform a denial of service (DoS) attack.
121) Use-after-free (CVE-ID: CVE-2023-53426)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xsk_diag_fill() function in net/xdp/xsk_diag.c. A local user can escalate privileges on the system.
122) Buffer overflow (CVE-ID: CVE-2023-53428)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the scmi_powercap_unregister_all_zones(), scmi_powercap_get_parent_zone() and scmi_powercap_probe() functions in drivers/powercap/arm_scmi_powercap.c. A local user can escalate privileges on the system.
123) Memory leak (CVE-ID: CVE-2023-53429)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __extent_writepage() function in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
124) Use-after-free (CVE-ID: CVE-2023-53432)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fwnet_finish_incoming_packet() function in drivers/firewire/net.c. A local user can escalate privileges on the system.
125) Memory leak (CVE-ID: CVE-2023-53436)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the snic_tgt_create() function in drivers/scsi/snic/snic_disc.c. A local user can perform a denial of service (DoS) attack.
126) Improper error handling (CVE-ID: CVE-2023-53438)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/x86/kernel/cpu/mce/internal.h. A local user can perform a denial of service (DoS) attack.
127) Memory leak (CVE-ID: CVE-2023-53441)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the get_cpu_map_entry() and put_cpu_map_entry() functions in kernel/bpf/cpumap.c. A local user can perform a denial of service (DoS) attack.
128) NULL pointer dereference (CVE-ID: CVE-2023-53442)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_setup_tc() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
129) NULL pointer dereference (CVE-ID: CVE-2023-53444)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ttm_lru_bulk_move_pos_tail() and ttm_lru_bulk_move_del() functions in drivers/gpu/drm/ttm/ttm_resource.c. A local user can perform a denial of service (DoS) attack.
130) Use-after-free (CVE-ID: CVE-2023-53446)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pcie_aspm_exit_link_state() function in drivers/pci/pcie/aspm.c. A local user can escalate privileges on the system.
131) NULL pointer dereference (CVE-ID: CVE-2023-53447)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the f2fs_show_options(), default_options(), f2fs_remount() and f2fs_fill_super() functions in fs/f2fs/super.c. A local user can perform a denial of service (DoS) attack.
132) Improper resource shutdown or release (CVE-ID: CVE-2023-53448)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the imxfb_probe() function in drivers/video/fbdev/imxfb.c. A local user can perform a denial of service (DoS) attack.
133) Input validation error (CVE-ID: CVE-2023-53451)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qla24xx_build_scsi_type_6_iocbs() function in drivers/scsi/qla2xxx/qla_iocb.c. A local user can perform a denial of service (DoS) attack.
134) Buffer overflow (CVE-ID: CVE-2023-53454)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mt_post_parse() and mt_input_configured() functions in drivers/hid/hid-multitouch.c. A local user can perform a denial of service (DoS) attack.
135) Memory leak (CVE-ID: CVE-2023-53456)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qla4xxx_set_chap_entry(), qla4xxx_iface_set_param() and qla4xxx_sysfs_ddb_set_param() functions in drivers/scsi/qla4xxx/ql4_os.c. A local user can perform a denial of service (DoS) attack.
136) Input validation error (CVE-ID: CVE-2023-53457)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the jfs_link() function in fs/jfs/namei.c. A local user can perform a denial of service (DoS) attack.
137) Input validation error (CVE-ID: CVE-2023-53461)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the io_ring_exit_work() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
138) Buffer overflow (CVE-ID: CVE-2023-53462)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the fill_frame_info() function in net/hsr/hsr_forward.c. A local user can perform a denial of service (DoS) attack.
139) Race condition (CVE-ID: CVE-2023-53463)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the __ibmvnic_open() function in drivers/net/ethernet/ibm/ibmvnic.c. A local user can perform a denial of service (DoS) attack.
140) Buffer overflow (CVE-ID: CVE-2023-53465)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the function in drivers/soundwire/qcom.c. A local user can perform a denial of service (DoS) attack.
141) Input validation error (CVE-ID: CVE-2023-53472)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the lpc32xx_pwm_config(), lpc32xx_pwm_enable(), lpc32xx_pwm_disable() and lpc32xx_pwm_probe() functions in drivers/pwm/pwm-lpc32xx.c. A local user can perform a denial of service (DoS) attack.
142) Input validation error (CVE-ID: CVE-2023-53479)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cxl_parse_cfmws() function in drivers/cxl/acpi.c. A local user can perform a denial of service (DoS) attack.
143) Input validation error (CVE-ID: CVE-2023-53480)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the kset_register() function in lib/kobject.c. A local user can perform a denial of service (DoS) attack.
144) Buffer overflow (CVE-ID: CVE-2023-53485)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dbAllocDmapLev() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
145) Buffer overflow (CVE-ID: CVE-2023-53487)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rtas_flash_init() function in arch/powerpc/kernel/rtas_flash.c. A local user can perform a denial of service (DoS) attack.
146) Incorrect calculation (CVE-ID: CVE-2023-53488)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the free_cntrs() function in drivers/infiniband/hw/hfi1/chip.c. A local user can perform a denial of service (DoS) attack.
147) Input validation error (CVE-ID: CVE-2023-53490)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the subflow_state_change() and mptcp_subflow_queue_clean() functions in net/mptcp/subflow.c. A local user can perform a denial of service (DoS) attack.
148) Input validation error (CVE-ID: CVE-2023-53491)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the print_unknown_bootoptions() function in init/main.c. A local user can perform a denial of service (DoS) attack.
149) Input validation error (CVE-ID: CVE-2023-53492)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nf_tables_updchain(), nft_chain_lookup_byid(), nf_tables_newrule() and nft_verdict_init() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
150) Input validation error (CVE-ID: CVE-2023-53493)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the decode_message() function in drivers/accel/qaic/qaic_control.c. A local user can perform a denial of service (DoS) attack.
151) Out-of-bounds write (CVE-ID: CVE-2023-53495)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the mvpp2_ethtool_get_rxnfc() function in drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c. A local user can execute arbitrary code.
152) Buffer overflow (CVE-ID: CVE-2023-53496)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the build_socket_tables() function in arch/x86/kernel/apic/x2apic_uv_x.c. A local user can perform a denial of service (DoS) attack.
153) Buffer overflow (CVE-ID: CVE-2023-53500)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the xfrmi_xmit() function in net/xfrm/xfrm_interface_core.c. A local user can perform a denial of service (DoS) attack.
154) Incorrect calculation (CVE-ID: CVE-2023-53501)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the put_pasid_state() function in drivers/iommu/amd/iommu_v2.c. A local user can perform a denial of service (DoS) attack.
155) Buffer overflow (CVE-ID: CVE-2023-53504)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bnxt_re_remove() function in drivers/infiniband/hw/bnxt_re/main.c. A local user can perform a denial of service (DoS) attack.
156) Memory leak (CVE-ID: CVE-2023-53505)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the load_timings_from_dt() and tegra_clk_register_emc() functions in drivers/clk/tegra/clk-tegra124-emc.c. A local user can perform a denial of service (DoS) attack.
157) Improper resource shutdown or release (CVE-ID: CVE-2023-53507)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the mlx5_uninit_one() function in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.
158) Input validation error (CVE-ID: CVE-2023-53508)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ublk_ctrl_start_dev() function in drivers/block/ublk_drv.c. A local user can perform a denial of service (DoS) attack.
159) Input validation error (CVE-ID: CVE-2023-53510)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ufshcd_queuecommand(), ufshcd_exec_dev_cmd(), ufshcd_release_scsi_cmd(), ufshcd_issue_devman_upiu_cmd() and ufshcd_advanced_rpmb_req_handler() functions in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
160) Buffer overflow (CVE-ID: CVE-2023-53515)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the virtio_mmio_release_dev() and virtio_mmio_probe() functions in drivers/virtio/virtio_mmio.c. A local user can perform a denial of service (DoS) attack.
161) Input validation error (CVE-ID: CVE-2023-53516)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the function in drivers/net/macvlan.c. A local user can perform a denial of service (DoS) attack.
162) Buffer overflow (CVE-ID: CVE-2023-53518)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the devfreq_dev_release() function in drivers/devfreq/devfreq.c. A local user can perform a denial of service (DoS) attack.
163) Input validation error (CVE-ID: CVE-2023-53519)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the include/media/v4l2-mem2mem.h. A local user can perform a denial of service (DoS) attack.
164) Race condition (CVE-ID: CVE-2023-53520)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the hci_suspend_notifier() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
165) Incorrect calculation (CVE-ID: CVE-2023-53523)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the gs_cmd_reset(), gs_usb_get_timestamp(), gs_usb_receive_bulk_callback(), gs_can_open() and gs_can_close() functions in drivers/net/can/usb/gs_usb.c. A local user can perform a denial of service (DoS) attack.
166) Buffer overflow (CVE-ID: CVE-2023-53526)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the jbd2_journal_try_remove_checkpoint() function in fs/jbd2/checkpoint.c. A local user can perform a denial of service (DoS) attack.
167) Buffer overflow (CVE-ID: CVE-2023-53527)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the tb_handle_dp_bandwidth_request() function in drivers/thunderbolt/tb.c. A local user can perform a denial of service (DoS) attack.
168) Input validation error (CVE-ID: CVE-2023-53528)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the flush_recv_queue() function in drivers/infiniband/sw/rxe/rxe_resp.c. A local user can perform a denial of service (DoS) attack.
169) Input validation error (CVE-ID: CVE-2023-53530)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tcm_qla2xxx_free_cmd() and tcm_qla2xxx_handle_data() functions in drivers/scsi/qla2xxx/tcm_qla2xxx.c. A local user can perform a denial of service (DoS) attack.
170) Race condition (CVE-ID: CVE-2023-53531)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the null_poll() and null_timeout_rq() functions in drivers/block/null_blk/main.c. A local user can perform a denial of service (DoS) attack.
171) Error handling (CVE-ID: CVE-2024-26584)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when handling backlogging of crypto requests in net/tls/tls_sw.c. A remote attacker can send specially crafted traffic to the system and perform a denial of service attack.
172) Infinite loop (CVE-ID: CVE-2024-58090)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the !defined() function in kernel/sched/core.c. A local user can perform a denial of service (DoS) attack.
173) Use-after-free (CVE-ID: CVE-2024-58240)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tls_do_decryption() function in net/tls/tls_sw.c. A local user can escalate privileges on the system.
174) Improper locking (CVE-ID: CVE-2025-22022)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/usb/host/xhci.h. A local user can perform a denial of service (DoS) attack.
175) Improper locking (CVE-ID: CVE-2025-38119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ufshcd_err_handler() function in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
176) Improper locking (CVE-ID: CVE-2025-38234)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the find_lowest_rq() and find_lock_lowest_rq() functions in kernel/sched/rt.c. A local user can perform a denial of service (DoS) attack.
177) NULL pointer dereference (CVE-ID: CVE-2025-38255)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the group_cpus_evenly() function in lib/group_cpus.c. A local user can perform a denial of service (DoS) attack.
178) Use-after-free (CVE-ID: CVE-2025-38263)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the CLOSURE_CALLBACK() function in drivers/md/bcache/super.c. A local user can escalate privileges on the system.
179) Input validation error (CVE-ID: CVE-2025-38351)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the kvm_hv_vcpu_flush_tlb() function in arch/x86/kvm/hyperv.c. A local user can perform a denial of service (DoS) attack.
180) Resource management error (CVE-ID: CVE-2025-38402)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the idpf_get_rxfh_key_size() and idpf_get_rxfh_indir_size() functions in drivers/net/ethernet/intel/idpf/idpf_ethtool.c. A local user can perform a denial of service (DoS) attack.
181) Resource management error (CVE-ID: CVE-2025-38408)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the irq_domain_create_sim_full() function in kernel/irq/irq_sim.c. A local user can perform a denial of service (DoS) attack.
182) Memory leak (CVE-ID: CVE-2025-38418)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rproc_resource_cleanup() function in drivers/remoteproc/remoteproc_core.c. A local user can perform a denial of service (DoS) attack.
183) Memory leak (CVE-ID: CVE-2025-38419)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rproc_attach() function in drivers/remoteproc/remoteproc_core.c. A local user can perform a denial of service (DoS) attack.
184) Buffer overflow (CVE-ID: CVE-2025-38456)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ipmi_create_user() function in drivers/char/ipmi/ipmi_msghandler.c. A local user can escalate privileges on the system.
185) Buffer overflow (CVE-ID: CVE-2025-38465)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the netlink_skb_set_owner_r(), netlink_alloc_large_skb(), netlink_unicast_kernel(), EXPORT_SYMBOL_GPL() and netlink_dump() functions in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
186) Buffer overflow (CVE-ID: CVE-2025-38466)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the perf_uprobe_event_init() function in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.
187) Use-after-free (CVE-ID: CVE-2025-38488)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the crypt_message() function in fs/smb/client/smb2ops.c. A local user can escalate privileges on the system.
188) Improper error handling (CVE-ID: CVE-2025-38514)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the rxrpc_alloc_incoming_call() function in net/rxrpc/call_accept.c. A local user can perform a denial of service (DoS) attack.
189) NULL pointer dereference (CVE-ID: CVE-2025-38526)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_lag_is_switchdev_running() function in drivers/net/ethernet/intel/ice/ice_lag.c. A local user can perform a denial of service (DoS) attack.
190) Use-after-free (CVE-ID: CVE-2025-38527)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cifs_oplock_break() and cifs_put_tlink() functions in fs/smb/client/file.c. A local user can escalate privileges on the system.
191) Use-after-free (CVE-ID: CVE-2025-38533)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wx_alloc_mapped_page() and wx_alloc_rx_buffers() functions in drivers/net/ethernet/wangxun/libwx/wx_lib.c. A local user can escalate privileges on the system.
192) Reachable assertion (CVE-ID: CVE-2025-38544)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the rxrpc_service_prealloc_one() function in net/rxrpc/call_accept.c. A local user can perform a denial of service (DoS) attack.
193) Out-of-bounds read (CVE-ID: CVE-2025-38556)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snto32() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.
194) Use of uninitialized resource (CVE-ID: CVE-2025-38574)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the pptp_xmit() function in drivers/net/ppp/pptp.c. A local user can perform a denial of service (DoS) attack.
195) Use-after-free (CVE-ID: CVE-2025-38584)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL(), padata_find_next(), padata_do_serial(), padata_alloc_pd() and padata_free_shell() functions in kernel/padata.c. A local user can escalate privileges on the system.
196) NULL pointer dereference (CVE-ID: CVE-2025-38590)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5e_ipsec_offload_handle_rx_skb() function in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_rxtx.c. A local user can perform a denial of service (DoS) attack.
197) NULL pointer dereference (CVE-ID: CVE-2025-38593)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/net/bluetooth/hci_core.h. A local user can perform a denial of service (DoS) attack.
198) Use-after-free (CVE-ID: CVE-2025-38595)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dmabuf_exp_from_pages() function in drivers/xen/gntdev-dmabuf.c. A local user can escalate privileges on the system.
199) NULL pointer dereference (CVE-ID: CVE-2025-38597)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vop2_create_crtcs() function in drivers/gpu/drm/rockchip/rockchip_drm_vop2.c. A local user can perform a denial of service (DoS) attack.
200) NULL pointer dereference (CVE-ID: CVE-2025-38605)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the u32_encode_bits() function in drivers/net/wireless/ath/ath12k/dp_tx.c. A local user can perform a denial of service (DoS) attack.
201) Infinite loop (CVE-ID: CVE-2025-38614)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the ep_poll() and ep_loop_check_proc() functions in fs/eventpoll.c. A local user can perform a denial of service (DoS) attack.
202) Out-of-bounds read (CVE-ID: CVE-2025-38616)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tls_rx_rec_wait() function in net/tls/tls_sw.c, within the tls_strp_load_anchor_with_queue() and tls_strp_msg_load() functions in net/tls/tls_strp.c. A local user can perform a denial of service (DoS) attack.
203) Improper error handling (CVE-ID: CVE-2025-38622)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the include/net/udp.h. A local user can perform a denial of service (DoS) attack.
204) Improper error handling (CVE-ID: CVE-2025-38623)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the pnv_php_set_attention_state(), pnv_php_enable() and pnv_php_enable_msix() functions in drivers/pci/hotplug/pnv_php.c, within the pci_hp_add_devices() function in arch/powerpc/kernel/pci-hotplug.c. A local user can perform a denial of service (DoS) attack.
205) Out-of-bounds read (CVE-ID: CVE-2025-38639)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nfacct_mt_checkentry() function in net/netfilter/xt_nfacct.c. A local user can perform a denial of service (DoS) attack.
206) Improper locking (CVE-ID: CVE-2025-38640)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nf_hook_run_bpf() function in net/netfilter/nf_bpf_link.c. A local user can perform a denial of service (DoS) attack.
207) Improper locking (CVE-ID: CVE-2025-38643)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cfg80211_check_and_end_cac() function in net/wireless/reg.c. A local user can perform a denial of service (DoS) attack.
208) NULL pointer dereference (CVE-ID: CVE-2025-38645)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_init_once() function in drivers/net/ethernet/mellanox/mlx5/core/main.c, within the mlx5_dm_create() and kfree() functions in drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c, within the handle_alloc_dm_memic() function in drivers/infiniband/hw/mlx5/dm.c. A local user can perform a denial of service (DoS) attack.
209) Use-after-free (CVE-ID: CVE-2025-38659)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the signal_our_withdraw() function in fs/gfs2/util.c. A local user can escalate privileges on the system.
210) Input validation error (CVE-ID: CVE-2025-38660)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the parse_longname() function in fs/ceph/crypto.c. A local user can perform a denial of service (DoS) attack.
211) NULL pointer dereference (CVE-ID: CVE-2025-38664)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_copy_and_init_pkg() function in drivers/net/ethernet/intel/ice/ice_ddp.c. A local user can perform a denial of service (DoS) attack.
212) NULL pointer dereference (CVE-ID: CVE-2025-38668)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the regulator_remove_coupling() function in drivers/regulator/core.c. A local user can perform a denial of service (DoS) attack.
213) Buffer overflow (CVE-ID: CVE-2025-38676)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the parse_ivrs_acpihid() function in drivers/iommu/amd/init.c. A local user can escalate privileges on the system.
214) Resource management error (CVE-ID: CVE-2025-38678)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nf_tables_updchain() and nft_flowtable_update() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
215) Memory leak (CVE-ID: CVE-2025-38679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the event_seq_changed() function in drivers/media/platform/qcom/venus/hfi_msgs.c. A local user can perform a denial of service (DoS) attack.
216) Out-of-bounds read (CVE-ID: CVE-2025-38680)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the uvc_parse_format() function in drivers/media/usb/uvc/uvc_driver.c. A local user can perform a denial of service (DoS) attack.
217) Use-after-free (CVE-ID: CVE-2025-38681)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ptdump_walk_pgd() function in mm/ptdump.c, within the ptdump_show() function in arch/s390/mm/dump_pagetables.c, within the ptdump_show() function in arch/arm64/mm/ptdump_debugfs.c. A local user can escalate privileges on the system.
218) NULL pointer dereference (CVE-ID: CVE-2025-38683)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the netvsc_probe(), netvsc_remove(), netvsc_suspend(), netvsc_event_set_vf_ns() and netvsc_netdev_event() functions in drivers/net/hyperv/netvsc_drv.c. A local user can perform a denial of service (DoS) attack.
219) NULL pointer dereference (CVE-ID: CVE-2025-38684)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ets_qdisc_change() function in net/sched/sch_ets.c. A local user can perform a denial of service (DoS) attack.
220) Out-of-bounds read (CVE-ID: CVE-2025-38685)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the con2fb_init_display() and fbcon_set_disp() functions in drivers/video/fbdev/core/fbcon.c. A local user can perform a denial of service (DoS) attack.
221) Use-after-free (CVE-ID: CVE-2025-38687)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the comedi_device_detach_cleanup() function in drivers/comedi/drivers.c, within the is_device_busy() and do_devconfig_ioctl() functions in drivers/comedi/comedi_fops.c. A local user can escalate privileges on the system.
222) Use-after-free (CVE-ID: CVE-2025-38691)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext_tree_encode_commit(), ext_tree_prepare_commit() and dprintk() functions in fs/nfs/blocklayout/extent_tree.c. A local user can escalate privileges on the system.
223) Infinite loop (CVE-ID: CVE-2025-38692)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the exfat_hash_init(), exfat_read_root(), exfat_verify_boot_region(), __exfat_fill_super() and exfat_fill_super() functions in fs/exfat/super.c, within the exfat_check_dir_empty() function in fs/exfat/namei.c, within the exfat_count_num_clusters() function in fs/exfat/fatent.c, within the exfat_find_dir_entry() and exfat_count_dir_entries() functions in fs/exfat/dir.c. A local user can perform a denial of service (DoS) attack.
224) NULL pointer dereference (CVE-ID: CVE-2025-38693)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the w7090p_tuner_write_serpar() and w7090p_tuner_read_serpar() functions in drivers/media/dvb-frontends/dib7000p.c. A local user can perform a denial of service (DoS) attack.
225) NULL pointer dereference (CVE-ID: CVE-2025-38694)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dib7090p_rw_on_apb() function in drivers/media/dvb-frontends/dib7000p.c. A local user can perform a denial of service (DoS) attack.
226) NULL pointer dereference (CVE-ID: CVE-2025-38695)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_sli4_vport_delete_fcp_xri_aborted() function in drivers/scsi/lpfc/lpfc_scsi.c. A local user can perform a denial of service (DoS) attack.
227) Out-of-bounds read (CVE-ID: CVE-2025-38697)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAllocAG() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
228) Input validation error (CVE-ID: CVE-2025-38698)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the jfs_open() function in fs/jfs/file.c. A local user can perform a denial of service (DoS) attack.
229) Input validation error (CVE-ID: CVE-2025-38701)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ext4_create_inline_data(), ext4_update_inline_data() and ext4_inline_data_truncate() functions in fs/ext4/inline.c. A local user can perform a denial of service (DoS) attack.
230) Buffer overflow (CVE-ID: CVE-2025-38702)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the do_register_framebuffer() function in drivers/video/fbdev/core/fbmem.c. A local user can escalate privileges on the system.
231) NULL pointer dereference (CVE-ID: CVE-2025-38705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_set_pp_power_profile_mode() and parse_input_od_command_lines() functions in drivers/gpu/drm/amd/pm/amdgpu_pm.c. A local user can perform a denial of service (DoS) attack.
232) NULL pointer dereference (CVE-ID: CVE-2025-38706)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_soc_remove_pcm_runtime() function in sound/soc/soc-core.c. A local user can perform a denial of service (DoS) attack.
233) Buffer overflow (CVE-ID: CVE-2025-38709)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the loop_set_dio(), loop_set_block_size(), lo_simple_ioctl() and lo_ioctl() functions in drivers/block/loop.c. A local user can escalate privileges on the system.
234) Input validation error (CVE-ID: CVE-2025-38712)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the PTR_ERR() function in fs/hfsplus/xattr.c. A local user can perform a denial of service (DoS) attack.
235) Out-of-bounds read (CVE-ID: CVE-2025-38713)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hfsplus_uni2asc() function in fs/hfsplus/unicode.c. A local user can perform a denial of service (DoS) attack.
236) Out-of-bounds read (CVE-ID: CVE-2025-38714)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the is_bnode_offset_valid(), hfs_bnode_write(), hfs_bnode_clear(), hfs_bnode_copy() and hfs_bnode_move() functions in fs/hfsplus/bnode.c. A local user can perform a denial of service (DoS) attack.
237) Out-of-bounds read (CVE-ID: CVE-2025-38715)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the is_bnode_offset_valid(), hfs_bnode_read(), hfs_bnode_write(), hfs_bnode_clear(), hfs_bnode_copy() and hfs_bnode_move() functions in fs/hfs/bnode.c. A local user can perform a denial of service (DoS) attack.
238) Memory leak (CVE-ID: CVE-2025-38721)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ctnetlink_done(), ctnetlink_get_id(), NFNL_MSG_TYPE() and local_bh_enable() functions in net/netfilter/nf_conntrack_netlink.c. A local user can perform a denial of service (DoS) attack.
239) Use-after-free (CVE-ID: CVE-2025-38722)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hl_release_dmabuf() and export_dmabuf() functions in drivers/accel/habanalabs/common/memory.c. A local user can escalate privileges on the system.
240) Use-after-free (CVE-ID: CVE-2025-38724)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfsd4_setclientid_confirm() function in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.
241) NULL pointer dereference (CVE-ID: CVE-2025-38725)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ax88772_init_mdio() function in drivers/net/usb/asix_devices.c. A local user can perform a denial of service (DoS) attack.
242) Improper locking (CVE-ID: CVE-2025-38727)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the netlink_attachskb() function in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
243) Out-of-bounds read (CVE-ID: CVE-2025-38729)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the validate_uac3_feature_unit() and FUNC() functions in sound/usb/validate.c. A local user can perform a denial of service (DoS) attack.
244) Improper locking (CVE-ID: CVE-2025-38730)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the io_bundle_nbufs(), io_sendmsg(), io_net_kbuf_recyle(), io_send_zc() and io_sendmsg_zc() functions in io_uring/net.c. A local user can perform a denial of service (DoS) attack.
245) Memory leak (CVE-ID: CVE-2025-38732)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nf_send_reset6() and nf_send_unreach6() functions in net/ipv6/netfilter/nf_reject_ipv6.c, within the nf_send_reset() and nf_send_unreach() functions in net/ipv4/netfilter/nf_reject_ipv4.c. A local user can perform a denial of service (DoS) attack.
246) Use-after-free (CVE-ID: CVE-2025-38734)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smc_listen_work() function in net/smc/af_smc.c. A local user can escalate privileges on the system.
247) NULL pointer dereference (CVE-ID: CVE-2025-38735)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gve_shutdown() function in drivers/net/ethernet/google/gve/gve_main.c. A local user can perform a denial of service (DoS) attack.
248) Out-of-bounds read (CVE-ID: CVE-2025-38736)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ax88772_init_mdio() function in drivers/net/usb/asix_devices.c. A local user can perform a denial of service (DoS) attack.
249) NULL pointer dereference (CVE-ID: CVE-2025-39675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mod_hdcp_hdcp1_create_session() function in drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c. A local user can perform a denial of service (DoS) attack.
250) Integer underflow (CVE-ID: CVE-2025-39677)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the pie_change() function in net/sched/sch_pie.c, within the hhf_change() function in net/sched/sch_hhf.c, within the fq_pie_change() function in net/sched/sch_fq_pie.c, within the fq_codel_change() function in net/sched/sch_fq_codel.c, within the fq_load_priomap() and fq_change() functions in net/sched/sch_fq.c, within the codel_change() function in net/sched/sch_codel.c. A local user can execute arbitrary code.
251) NULL pointer dereference (CVE-ID: CVE-2025-39678)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hsmp_metric_tbl_read() function in drivers/platform/x86/amd/hsmp/hsmp.c. A local user can perform a denial of service (DoS) attack.
252) Memory leak (CVE-ID: CVE-2025-39679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvif_vmm_ctor() function in drivers/gpu/drm/nouveau/nvif/vmm.c. A local user can perform a denial of service (DoS) attack.
253) Use of uninitialized resource (CVE-ID: CVE-2025-39681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the bsp_init_hygon() function in arch/x86/kernel/cpu/hygon.c. A local user can perform a denial of service (DoS) attack.
254) Memory leak (CVE-ID: CVE-2025-39682)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the decrypt_skb() and tls_sw_recvmsg() functions in net/tls/tls_sw.c. A local user can perform a denial of service (DoS) attack.
255) Memory leak (CVE-ID: CVE-2025-39684)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the do_insnlist_ioctl() and do_insn_ioctl() functions in drivers/comedi/comedi_fops.c. A local user can perform a denial of service (DoS) attack.
256) Out-of-bounds read (CVE-ID: CVE-2025-39685)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the pcl726_attach() function in drivers/comedi/drivers/pcl726.c. A local user can perform a denial of service (DoS) attack.
257) Memory leak (CVE-ID: CVE-2025-39686)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the insn_rw_emulate_bits() function in drivers/comedi/drivers.c. A local user can perform a denial of service (DoS) attack.
258) Use-after-free (CVE-ID: CVE-2025-39691)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __end_buffer_read_notouch() function in fs/buffer.c. A local user can escalate privileges on the system.
259) NULL pointer dereference (CVE-ID: CVE-2025-39693)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_connector_atomic_check() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
260) Improper error handling (CVE-ID: CVE-2025-39694)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the sclpint_to_sccb(), __sclp_find_req() and sclp_interrupt_handler() functions in drivers/s390/char/sclp.c. A local user can perform a denial of service (DoS) attack.
261) Input validation error (CVE-ID: CVE-2025-39701)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the applicable_image() function in drivers/acpi/pfr_update.c. A local user can perform a denial of service (DoS) attack.
262) Input validation error (CVE-ID: CVE-2025-39703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hsr_handle_frame() function in net/hsr/hsr_slave.c. A local user can perform a denial of service (DoS) attack.
263) NULL pointer dereference (CVE-ID: CVE-2025-39705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_destruct() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
264) NULL pointer dereference (CVE-ID: CVE-2025-39706)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the kfd_exit() function in drivers/gpu/drm/amd/amdkfd/kfd_module.c. A local user can perform a denial of service (DoS) attack.
265) NULL pointer dereference (CVE-ID: CVE-2025-39709)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the venus_probe() function in drivers/media/platform/qcom/venus/core.c. A local user can perform a denial of service (DoS) attack.
266) Out-of-bounds read (CVE-ID: CVE-2025-39710)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the venus_write_queue() and venus_read_queue() functions in drivers/media/platform/qcom/venus/hfi_venus.c. A local user can perform a denial of service (DoS) attack.
267) Improper locking (CVE-ID: CVE-2025-39713)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rain_interrupt() function in drivers/media/cec/usb/rainshadow/rainshadow-cec.c. A local user can perform a denial of service (DoS) attack.
268) Improper locking (CVE-ID: CVE-2025-39714)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the usbtv_configure_for_norm() function in drivers/media/usb/usbtv/usbtv-video.c. A local user can perform a denial of service (DoS) attack.
269) Buffer overflow (CVE-ID: CVE-2025-39718)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the virtio_transport_rx_work() function in net/vmw_vsock/virtio_transport.c. A local user can perform a denial of service (DoS) attack.
270) Out-of-bounds read (CVE-ID: CVE-2025-39719)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ARRAY_SIZE() and bno055_get_regmask() functions in drivers/iio/imu/bno055/bno055.c. A local user can perform a denial of service (DoS) attack.
271) Use-after-free (CVE-ID: CVE-2025-39721)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the adf_misc_wq_queue_delayed_work() function in drivers/crypto/intel/qat/qat_common/adf_isr.c, within the adf_dev_shutdown() function in drivers/crypto/intel/qat/qat_common/adf_init.c. A local user can escalate privileges on the system.
272) Improper error handling (CVE-ID: CVE-2025-39724)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the serial8250_do_startup() function in drivers/tty/serial/8250/8250_port.c. A local user can perform a denial of service (DoS) attack.
273) Buffer overflow (CVE-ID: CVE-2025-39726)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ism_cmd() and ism_probe() functions in drivers/s390/net/ism_drv.c. A local user can perform a denial of service (DoS) attack.
274) Input validation error (CVE-ID: CVE-2025-39730)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nfs_fh_to_dentry() function in fs/nfs/export.c. A local user can perform a denial of service (DoS) attack.
275) Resource management error (CVE-ID: CVE-2025-39732)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ath11k_mac_op_set_bitrate_mask() function in drivers/net/wireless/ath/ath11k/mac.c. A local user can perform a denial of service (DoS) attack.
276) Infinite loop (CVE-ID: CVE-2025-39738)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the create_reloc_root() function in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.
277) Improper error handling (CVE-ID: CVE-2025-39739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the function in drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c. A local user can perform a denial of service (DoS) attack.
278) Division by zero (CVE-ID: CVE-2025-39742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the find_hw_thread_mask() function in drivers/infiniband/hw/hfi1/affinity.c. A local user can perform a denial of service (DoS) attack.
279) Input validation error (CVE-ID: CVE-2025-39743)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the jfs_evict_inode() function in fs/jfs/inode.c. A local user can perform a denial of service (DoS) attack.
280) Improper locking (CVE-ID: CVE-2025-39744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kernel/rcu/tree_plugin.h. A local user can perform a denial of service (DoS) attack.
281) Input validation error (CVE-ID: CVE-2025-39746)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ath10k_wmi_cmd_send() function in drivers/net/wireless/ath/ath10k/wmi.c. A local user can perform a denial of service (DoS) attack.
282) Improper locking (CVE-ID: CVE-2025-39749)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kernel/rcu/tree_plugin.h. A local user can perform a denial of service (DoS) attack.
283) Out-of-bounds read (CVE-ID: CVE-2025-39750)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath12k_dp_peer_setup() function in drivers/net/wireless/ath/ath12k/dp.c. A local user can perform a denial of service (DoS) attack.
284) Buffer overflow (CVE-ID: CVE-2025-39751)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the add_tuning_control() function in sound/pci/hda/patch_ca0132.c. A local user can escalate privileges on the system.
285) Improper locking (CVE-ID: CVE-2025-39754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smaps_hugetlb_range() function in fs/proc/task_mmu.c. A local user can perform a denial of service (DoS) attack.
286) Out-of-bounds read (CVE-ID: CVE-2025-39757)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the convert_chmap_v3() and snd_usb_get_audioformat_uac3() functions in sound/usb/stream.c. A local user can perform a denial of service (DoS) attack.
287) Out-of-bounds read (CVE-ID: CVE-2025-39758)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the siw_tcp_sendpages() function in drivers/infiniband/sw/siw/siw_qp_tx.c. A local user can perform a denial of service (DoS) attack.
288) Use-after-free (CVE-ID: CVE-2025-39759)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_check_quota_leak() and btrfs_qgroup_rescan() functions in fs/btrfs/qgroup.c. A local user can escalate privileges on the system.
289) Out-of-bounds read (CVE-ID: CVE-2025-39760)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the usb_parse_ss_endpoint_companion() function in drivers/usb/core/config.c. A local user can perform a denial of service (DoS) attack.
290) Out-of-bounds read (CVE-ID: CVE-2025-39761)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath12k_dp_peer_setup() function in drivers/net/wireless/ath/ath12k/dp.c. A local user can perform a denial of service (DoS) attack.
291) Improper locking (CVE-ID: CVE-2025-39763)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ghes_do_proc() function in drivers/acpi/apei/ghes.c. A local user can perform a denial of service (DoS) attack.
292) Memory leak (CVE-ID: CVE-2025-39764)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ctnetlink_expect_event(), ctnetlink_exp_dump_table(), ctnetlink_exp_ct_dump_table(), ctnetlink_dump_exp_ct() and ctnetlink_get_expect() functions in net/netfilter/nf_conntrack_netlink.c. A local user can perform a denial of service (DoS) attack.
293) Resource management error (CVE-ID: CVE-2025-39766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cake_enqueue() function in net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.
294) Improper locking (CVE-ID: CVE-2025-39770)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gso_features_check() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
295) NULL pointer dereference (CVE-ID: CVE-2025-39772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hibmc_load() function in drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c. A local user can perform a denial of service (DoS) attack.
296) Improper locking (CVE-ID: CVE-2025-39773)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the net/bridge/br_private.h. A local user can perform a denial of service (DoS) attack.
297) Improper locking (CVE-ID: CVE-2025-39782)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the jbd2_log_do_checkpoint() function in fs/jbd2/checkpoint.c. A local user can perform a denial of service (DoS) attack.
298) Use-after-free (CVE-ID: CVE-2025-39783)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pci_epf_remove_cfs() function in drivers/pci/endpoint/pci-epf-core.c. A local user can escalate privileges on the system.
299) Incorrect calculation (CVE-ID: CVE-2025-39787)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the qcom_mdt_get_size(), qcom_mdt_read_metadata() and __qcom_mdt_load() functions in drivers/soc/qcom/mdt_loader.c. A local user can perform a denial of service (DoS) attack.
300) Double free (CVE-ID: CVE-2025-39790)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the parse_xfer_event() function in drivers/bus/mhi/host/main.c. A local user can perform a denial of service (DoS) attack.
301) Improper error handling (CVE-ID: CVE-2025-39797)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the xfrm_state_lookup_byspi() and xfrm_alloc_spi() functions in net/xfrm/xfrm_state.c. A local user can perform a denial of service (DoS) attack.
302) Input validation error (CVE-ID: CVE-2025-39798)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nfs4_server_capabilities() function in fs/nfs/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
303) Resource management error (CVE-ID: CVE-2025-39800)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the btrfs_copy_root() function in fs/btrfs/ctree.c. A local user can perform a denial of service (DoS) attack.
304) Resource management error (CVE-ID: CVE-2025-39801)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __dwc3_stop_active_transfer() and dwc3_clear_stall_all_ep() functions in drivers/usb/dwc3/gadget.c. A local user can perform a denial of service (DoS) attack.
305) Input validation error (CVE-ID: CVE-2025-39806)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mt_report_fixup() function in drivers/hid/hid-multitouch.c. A local user can perform a denial of service (DoS) attack.
306) Resource management error (CVE-ID: CVE-2025-39808)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ntrig_report_version() function in drivers/hid/hid-ntrig.c. A local user can perform a denial of service (DoS) attack.
307) Buffer overflow (CVE-ID: CVE-2025-39810)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the bnxt_set_xps_mapping(), bnxt_trim_dflt_sh_rings(), bnxt_set_dflt_rings() and bnxt_init_dflt_ring_mode() functions in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can escalate privileges on the system.
308) Input validation error (CVE-ID: CVE-2025-39823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the kvm_sched_yield() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
309) Resource management error (CVE-ID: CVE-2025-39824)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the asus_probe() function in drivers/hid/hid-asus.c. A local user can perform a denial of service (DoS) attack.
310) Race condition (CVE-ID: CVE-2025-39825)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the cifs_rename2() function in fs/smb/client/inode.c. A local user can escalate privileges on the system.
311) Race condition (CVE-ID: CVE-2025-39826)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rose_timer_expiry() function in net/rose/rose_timer.c. A local user can escalate privileges on the system.
312) Resource management error (CVE-ID: CVE-2025-39827)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rose_add_node(), rose_del_node(), rose_add_loopback_node(), rose_del_loopback_node(), rose_rt_device_down(), rose_clear_routes(), rose_neigh_show() and rose_rt_free() functions in net/rose/rose_route.c. A local user can perform a denial of service (DoS) attack.
313) Improper locking (CVE-ID: CVE-2025-39832)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/net/ethernet/mellanox/mlx5/core/fw_reset.h. A local user can perform a denial of service (DoS) attack.
314) Improper locking (CVE-ID: CVE-2025-39833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hfcpci_softirq() and HFC_init() functions in drivers/isdn/hardware/mISDN/hfcpci.c. A local user can perform a denial of service (DoS) attack.
315) Memory leak (CVE-ID: CVE-2025-39835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xfs_da_read_buf() function in fs/xfs/libxfs/xfs_da_btree.c. A local user can perform a denial of service (DoS) attack.
316) NULL pointer dereference (CVE-ID: CVE-2025-39838)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cifs_strndup_to_utf16() function in fs/smb/client/cifs_unicode.c. A local user can perform a denial of service (DoS) attack.
317) Out-of-bounds read (CVE-ID: CVE-2025-39839)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the batadv_nc_skb_decode_packet() function in net/batman-adv/network-coding.c. A local user can perform a denial of service (DoS) attack.
318) NULL pointer dereference (CVE-ID: CVE-2025-39842)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ocfs2_clear_inode() function in fs/ocfs2/inode.c. A local user can perform a denial of service (DoS) attack.
319) Improper Initialization (CVE-ID: CVE-2025-39844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the include/linux/vmalloc.h. A local user can perform a denial of service (DoS) attack.
320) Resource management error (CVE-ID: CVE-2025-39845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sync_global_pgds() function in arch/x86/mm/init_64.c. A local user can perform a denial of service (DoS) attack.
321) NULL pointer dereference (CVE-ID: CVE-2025-39846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __iodyn_find_io_region() function in drivers/pcmcia/rsrc_iodyn.c. A local user can perform a denial of service (DoS) attack.
322) Memory leak (CVE-ID: CVE-2025-39847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pad_compress_skb() and ppp_send_frame() functions in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.
323) Input validation error (CVE-ID: CVE-2025-39848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ax25_rcv() function in net/ax25/ax25_in.c. A local user can perform a denial of service (DoS) attack.
324) Buffer overflow (CVE-ID: CVE-2025-39849)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the __cfg80211_connect_result() function in net/wireless/sme.c. A local user can escalate privileges on the system.
325) NULL pointer dereference (CVE-ID: CVE-2025-39850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arp_reduce() and neigh_reduce() functions in drivers/net/vxlan/vxlan_core.c. A local user can perform a denial of service (DoS) attack.
326) NULL pointer dereference (CVE-ID: CVE-2025-39853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i40e_client_add_instance() function in drivers/net/ethernet/intel/i40e/i40e_client.c. A local user can perform a denial of service (DoS) attack.
327) Use-after-free (CVE-ID: CVE-2025-39854)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ice_ll_ts_intr() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can escalate privileges on the system.
328) NULL pointer dereference (CVE-ID: CVE-2025-39857)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smc_ib_is_sg_need_sync() function in net/smc/smc_ib.c. A local user can perform a denial of service (DoS) attack.
329) Use-after-free (CVE-ID: CVE-2025-39860)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_sock_release() function in net/bluetooth/l2cap_sock.c. A local user can escalate privileges on the system.
330) Use-after-free (CVE-ID: CVE-2025-39861)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __vhci_create_device(), vhci_open() and vhci_release() functions in drivers/bluetooth/hci_vhci.c. A local user can escalate privileges on the system.
331) Use-after-free (CVE-ID: CVE-2025-39863)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcmf_btcoex_detach() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/btcoex.c. A local user can escalate privileges on the system.
332) Use-after-free (CVE-ID: CVE-2025-39864)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cfg80211_update_known_bss() function in net/wireless/scan.c. A local user can escalate privileges on the system.
333) NULL pointer dereference (CVE-ID: CVE-2025-39865)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/tee/tee_shm.c. A local user can perform a denial of service (DoS) attack.
334) Out-of-bounds read (CVE-ID: CVE-2025-39869)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the edma_setup_from_hw() function in drivers/dma/ti/edma.c. A local user can perform a denial of service (DoS) attack.
335) Double free (CVE-ID: CVE-2025-39870)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the idxd_setup_wqs() function in drivers/dma/idxd/init.c. A local user can perform a denial of service (DoS) attack.
336) Use-after-free (CVE-ID: CVE-2025-39871)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the idxd_remove() function in drivers/dma/idxd/init.c. A local user can escalate privileges on the system.
337) Use-after-free (CVE-ID: CVE-2025-39873)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xcan_write_frame() function in drivers/net/can/xilinx_can.c. A local user can escalate privileges on the system.
338) Use-after-free (CVE-ID: CVE-2025-39882)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mtk_drm_get_all_drm_priv() function in drivers/gpu/drm/mediatek/mtk_drm_drv.c. A local user can escalate privileges on the system.
339) Improper locking (CVE-ID: CVE-2025-39885)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ocfs2_extent_map_get_blocks(), ocfs2_fiemap_inline() and ocfs2_fiemap() functions in fs/ocfs2/extent_map.c. A local user can perform a denial of service (DoS) attack.
340) Buffer overflow (CVE-ID: CVE-2025-39889)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the l2cap_connect() function in net/bluetooth/l2cap_core.c. A local user can perform a denial of service (DoS) attack.
341) Memory leak (CVE-ID: CVE-2025-39891)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the _mwifiex_fw_dpc() and mwifiex_uninit_sw() functions in drivers/net/wireless/marvell/mwifiex/main.c. A local user can perform a denial of service (DoS) attack.
342) Out-of-bounds read (CVE-ID: CVE-2025-39907)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the stm32_fmc2_nfc_xfer() and stm32_fmc2_nfc_dma_setup() functions in drivers/mtd/nand/raw/stm32_fmc2_nand.c. A local user can perform a denial of service (DoS) attack.
343) NULL pointer dereference (CVE-ID: CVE-2025-39920)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the do_validate_mem() function in drivers/pcmcia/rsrc_nonstatic.c. A local user can perform a denial of service (DoS) attack.
344) Improper error handling (CVE-ID: CVE-2025-39923)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bam_dma_probe() function in drivers/dma/qcom/bam_dma.c. A local user can perform a denial of service (DoS) attack.
345) Resource management error (CVE-ID: CVE-2025-39925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the j1939_sk_netdev_event_netdown() function in net/can/j1939/socket.c. A local user can perform a denial of service (DoS) attack.
346) Input validation error (CVE-ID: CVE-2025-40300)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vcpu_enter_guest() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.