SB2025111937 - SUSE update for the Linux Kernel
Published: November 19, 2025 Updated: January 16, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 190 secuirty vulnerabilities.
1) NULL pointer dereference (CVE-ID: CVE-2023-53538)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_tree_mod_log_insert_key(), btrfs_tree_mod_log_insert_move() and btrfs_tree_mod_log_eb_copy() functions in fs/btrfs/tree-mod-log.c. A local user can perform a denial of service (DoS) attack.
2) Buffer overflow (CVE-ID: CVE-2023-53539)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the save_state() and rxe_requester() functions in drivers/infiniband/sw/rxe/rxe_req.c. A local user can perform a denial of service (DoS) attack.
3) Input validation error (CVE-ID: CVE-2023-53540)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cfg80211_mlme_auth() and cfg80211_mlme_assoc() functions in net/wireless/mlme.c. A local user can perform a denial of service (DoS) attack.
4) Out-of-bounds read (CVE-ID: CVE-2023-53541)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the write_oob_to_regs() function in drivers/mtd/nand/raw/brcmnand/brcmnand.c. A local user can perform a denial of service (DoS) attack.
5) Out-of-bounds read (CVE-ID: CVE-2023-53543)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the function in drivers/vdpa/vdpa.c. A local user can perform a denial of service (DoS) attack.
6) Improper locking (CVE-ID: CVE-2023-53545)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amdgpu_driver_postclose_kms() function in drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c. A local user can perform a denial of service (DoS) attack.
7) Memory leak (CVE-ID: CVE-2023-53546)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5dr_cmd_create_reformat_ctx() function in drivers/net/ethernet/mellanox/mlx5/core/steering/dr_cmd.c. A local user can perform a denial of service (DoS) attack.
8) Resource management error (CVE-ID: CVE-2023-53548)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the function in drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.
9) Input validation error (CVE-ID: CVE-2023-53550)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the amd_pstate_update_status(), show_status() and cpufreq_freq_attr_ro() functions in drivers/cpufreq/amd-pstate.c. A local user can perform a denial of service (DoS) attack.
10) Memory leak (CVE-ID: CVE-2023-53552)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the i915_fence_release() function in drivers/gpu/drm/i915/i915_request.c. A local user can perform a denial of service (DoS) attack.
11) Buffer overflow (CVE-ID: CVE-2023-53553)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the mousevsc_on_receive() function in drivers/hid/hid-hyperv.c. A local user can escalate privileges on the system.
12) Buffer overflow (CVE-ID: CVE-2023-53554)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ks_wlan_set_encode_ext() function in drivers/staging/ks7010/ks_wlan_net.c. A local user can escalate privileges on the system.
13) NULL pointer dereference (CVE-ID: CVE-2023-53555)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the damos_new_filter() function in mm/damon/core.c. A local user can perform a denial of service (DoS) attack.
14) Use-after-free (CVE-ID: CVE-2023-53556)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iavf_alloc_q_vectors() function in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can escalate privileges on the system.
15) Resource management error (CVE-ID: CVE-2023-53557)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the unregister_fprobe() function in kernel/trace/fprobe.c. A local user can perform a denial of service (DoS) attack.
16) Improper locking (CVE-ID: CVE-2023-53558)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kernel/rcu/tasks.h. A local user can perform a denial of service (DoS) attack.
17) Use-after-free (CVE-ID: CVE-2023-53559)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vti_tunnel_xmit() function in net/ipv4/ip_vti.c. A local user can escalate privileges on the system.
18) Use-after-free (CVE-ID: CVE-2023-53560)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the event_hist_trigger_func() function in kernel/trace/trace_events_hist.c. A local user can escalate privileges on the system.
19) Improper locking (CVE-ID: CVE-2023-53563)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amd_pstate_ut_check_perf() and amd_pstate_ut_check_freq() functions in drivers/cpufreq/amd-pstate-ut.c. A local user can perform a denial of service (DoS) attack.
20) Memory leak (CVE-ID: CVE-2023-53568)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the zcdn_create() function in drivers/s390/crypto/zcrypt_api.c. A local user can perform a denial of service (DoS) attack.
21) Integer overflow (CVE-ID: CVE-2023-53570)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the nl80211_parse_mbssid_elems() function in net/wireless/nl80211.c. A local user can execute arbitrary code.
22) Use-after-free (CVE-ID: CVE-2023-53572)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the imx_clk_scu_alloc_dev() function in drivers/clk/imx/clk-scu.c. A local user can escalate privileges on the system.
23) Memory leak (CVE-ID: CVE-2023-53574)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rtw_core_deinit() function in drivers/net/wireless/realtek/rtw88/main.c. A local user can perform a denial of service (DoS) attack.
24) Out-of-bounds read (CVE-ID: CVE-2023-53575)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iwl_mvm_sec_key_add() function in drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c. A local user can perform a denial of service (DoS) attack.
25) Buffer overflow (CVE-ID: CVE-2023-53577)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the put_cpu_map_entry(), cpu_map_kthread_stop(), cpu_map_bpf_prog_run() and __cpu_map_entry_alloc() functions in kernel/bpf/cpumap.c. A local user can perform a denial of service (DoS) attack.
26) Memory leak (CVE-ID: CVE-2023-53579)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mvebu_gpio_probe_syscon() and mvebu_gpio_probe() functions in drivers/gpio/gpio-mvebu.c. A local user can perform a denial of service (DoS) attack.
27) Improper locking (CVE-ID: CVE-2023-53580)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the EXPORT_SYMBOL_GPL() and gadget_unbind_driver() functions in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.
28) Improper locking (CVE-ID: CVE-2023-53581)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the remove_unready_flow() and mlx5e_tc_del_fdb_flow() functions in drivers/net/ethernet/mellanox/mlx5/core/en_tc.c. A local user can perform a denial of service (DoS) attack.
29) Improper error handling (CVE-ID: CVE-2023-53583)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the riscv_pmu_start() function in drivers/perf/riscv_pmu.c. A local user can perform a denial of service (DoS) attack.
30) Improper locking (CVE-ID: CVE-2023-53585)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the BPF_CALL_3() function in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
31) Resource management error (CVE-ID: CVE-2023-53588)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ieee80211_probe_client() function in net/mac80211/cfg.c. A local user can perform a denial of service (DoS) attack.
32) Memory leak (CVE-ID: CVE-2023-53593)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_readpage_worker() function in fs/cifs/file.c. A local user can perform a denial of service (DoS) attack.
33) Memory leak (CVE-ID: CVE-2023-53596)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the device_del() function in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.
34) Memory leak (CVE-ID: CVE-2023-53597)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_demultiplex_thread() function in fs/smb/client/connect.c. A local user can perform a denial of service (DoS) attack.
35) NULL pointer dereference (CVE-ID: CVE-2023-53599)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the af_alg_alloc_areq() function in crypto/af_alg.c. A local user can perform a denial of service (DoS) attack.
36) Out-of-bounds read (CVE-ID: CVE-2023-53600)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iptunnel_pmtud_build_icmp() function in net/ipv4/ip_tunnel_core.c. A local user can perform a denial of service (DoS) attack.
37) Resource management error (CVE-ID: CVE-2023-53601)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bond_xmit_hash() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
38) Memory leak (CVE-ID: CVE-2023-53602)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath11k_update_stats_event() function in drivers/net/wireless/ath/ath11k/wmi.c. A local user can perform a denial of service (DoS) attack.
39) NULL pointer dereference (CVE-ID: CVE-2023-53603)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla24xx_issue_sa_replace_iocb() function in drivers/scsi/qla2xxx/qla_edif.c. A local user can perform a denial of service (DoS) attack.
40) Memory leak (CVE-ID: CVE-2023-53611)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the try_smi_init() function in drivers/char/ipmi/ipmi_si_intf.c. A local user can perform a denial of service (DoS) attack.
41) Use-after-free (CVE-ID: CVE-2023-53613)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL() and devm_register_dax_mapping() functions in drivers/dax/bus.c. A local user can escalate privileges on the system.
42) Improper locking (CVE-ID: CVE-2023-53615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qlt_free_session_done() and qlt_unreg_sess() functions in drivers/scsi/qla2xxx/qla_target.c. A local user can perform a denial of service (DoS) attack.
43) Double free (CVE-ID: CVE-2023-53616)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the diUnmount() function in fs/jfs/jfs_imap.c. A local user can perform a denial of service (DoS) attack.
44) Memory leak (CVE-ID: CVE-2023-53617)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the aspeed_socinfo_init() function in drivers/soc/aspeed/aspeed-socinfo.c. A local user can perform a denial of service (DoS) attack.
45) Input validation error (CVE-ID: CVE-2023-53618)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the check_root_key() function in fs/btrfs/tree-checker.c. A local user can perform a denial of service (DoS) attack.
46) Use-after-free (CVE-ID: CVE-2023-53619)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_conntrack_helper_register() and nf_conntrack_helper_fini() functions in net/netfilter/nf_conntrack_helper.c. A local user can escalate privileges on the system.
47) NULL pointer dereference (CVE-ID: CVE-2023-53621)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mem_cgroup_alloc() and mem_cgroup_css_online() functions in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.
48) Improper locking (CVE-ID: CVE-2023-53622)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gfs2_show_options() function in fs/gfs2/super.c. A local user can perform a denial of service (DoS) attack.
49) Memory leak (CVE-ID: CVE-2023-53631)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the init_bios_attributes() function in drivers/platform/x86/dell/dell-wmi-sysman/sysman.c. A local user can perform a denial of service (DoS) attack.
50) Improper locking (CVE-ID: CVE-2023-53632)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_destroy_q_counters() and mlx5e_nic_init() functions in drivers/net/ethernet/mellanox/mlx5/core/en_main.c. A local user can perform a denial of service (DoS) attack.
51) Memory leak (CVE-ID: CVE-2023-53633)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the find_and_map_user_pages() function in drivers/accel/qaic/qaic_control.c. A local user can perform a denial of service (DoS) attack.
52) Use-after-free (CVE-ID: CVE-2023-53638)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the octep_device_cleanup() and octep_remove() functions in drivers/net/ethernet/marvell/octeon_ep/octep_main.c. A local user can escalate privileges on the system.
53) Use-after-free (CVE-ID: CVE-2023-53645)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the less() and rbtree_refcounted_node_ref_escapes() functions in tools/testing/selftests/bpf/progs/refcounted_kptr_fail.c. A local user can escalate privileges on the system.
54) Out-of-bounds read (CVE-ID: CVE-2023-53646)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the function in drivers/gpu/drm/i915/i915_perf.c. A local user can perform a denial of service (DoS) attack.
55) NULL pointer dereference (CVE-ID: CVE-2023-53647)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vmbus_acpi_add() function in drivers/hv/vmbus_drv.c. A local user can perform a denial of service (DoS) attack.
56) NULL pointer dereference (CVE-ID: CVE-2023-53648)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_ac97_mixer() function in sound/pci/ac97/ac97_codec.c. A local user can perform a denial of service (DoS) attack.
57) Memory leak (CVE-ID: CVE-2023-53649)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the evlist__free_syscall_tp_fields() function in tools/perf/builtin-trace.c. A local user can perform a denial of service (DoS) attack.
58) Memory leak (CVE-ID: CVE-2023-53650)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mipid_spi_probe() function in drivers/video/fbdev/omap/lcd_mipid.c. A local user can perform a denial of service (DoS) attack.
59) Out-of-bounds read (CVE-ID: CVE-2023-53652)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the function in drivers/vdpa/vdpa.c. A local user can perform a denial of service (DoS) attack.
60) NULL pointer dereference (CVE-ID: CVE-2023-53653)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the venc_g_parm() and venc_s_parm() functions in drivers/media/platform/amphion/venc.c. A local user can perform a denial of service (DoS) attack.
61) Input validation error (CVE-ID: CVE-2023-53654)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cgx_lmac_write() function in drivers/net/ethernet/marvell/octeontx2/af/cgx.c. A local user can perform a denial of service (DoS) attack.
62) Input validation error (CVE-ID: CVE-2023-53656)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hisi_pcie_pmu_offline_cpu() function in drivers/perf/hisilicon/hisi_pcie_pmu.c. A local user can perform a denial of service (DoS) attack.
63) NULL pointer dereference (CVE-ID: CVE-2023-53657)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_eswitch_port_start_xmit() function in drivers/net/ethernet/intel/ice/ice_eswitch.c. A local user can perform a denial of service (DoS) attack.
64) Use-after-free (CVE-ID: CVE-2023-53658)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bcm_qspi_probe() function in drivers/spi/spi-bcm-qspi.c. A local user can escalate privileges on the system.
65) Out-of-bounds read (CVE-ID: CVE-2023-53659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iavf_set_channels() function in drivers/net/ethernet/intel/iavf/iavf_ethtool.c. A local user can perform a denial of service (DoS) attack.
66) Use-after-free (CVE-ID: CVE-2023-53660)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __cpu_map_ring_cleanup() function in kernel/bpf/cpumap.c. A local user can escalate privileges on the system.
67) Memory leak (CVE-ID: CVE-2023-53662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_fname_setup_filename() and ext4_fname_prepare_lookup() functions in fs/ext4/crypto.c. A local user can perform a denial of service (DoS) attack.
68) Reachable assertion (CVE-ID: CVE-2023-53663)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the nested_vmcb02_prepare_control() function in arch/x86/kvm/svm/nested.c. A local user can perform a denial of service (DoS) attack.
69) Double free (CVE-ID: CVE-2023-53665)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mddev_unlock() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
70) Improper error handling (CVE-ID: CVE-2023-53666)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the wcd938x_mbhc_init() function in sound/soc/codecs/wcd938x.c. A local user can perform a denial of service (DoS) attack.
71) Improper locking (CVE-ID: CVE-2023-53668)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ring_buffer_size() function in kernel/trace/ring_buffer.c. A local user can perform a denial of service (DoS) attack.
72) Memory leak (CVE-ID: CVE-2023-53670)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvme_init_ctrl() function in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
73) Resource management error (CVE-ID: CVE-2023-53672)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the lookup_inline_extent_backref() function in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.
74) Use-after-free (CVE-ID: CVE-2023-53673)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_cs_disconnect() function in net/bluetooth/hci_event.c. A local user can escalate privileges on the system.
75) Memory leak (CVE-ID: CVE-2023-53674)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the devm_clk_notifier_register() function in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
76) NULL pointer dereference (CVE-ID: CVE-2023-53681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __bch_btree_node_alloc() function in drivers/md/bcache/btree.c. A local user can perform a denial of service (DoS) attack.
77) NULL pointer dereference (CVE-ID: CVE-2023-53686)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the handshake_nl_accept_doit() and handshake_nl_done_doit() functions in net/handshake/netlink.c. A local user can perform a denial of service (DoS) attack.
78) Memory leak (CVE-ID: CVE-2023-53687)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the s3c24xx_serial_getclk() function in drivers/tty/serial/samsung.c. A local user can perform a denial of service (DoS) attack.
79) Memory leak (CVE-ID: CVE-2023-53693)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gadget_bind() function in drivers/usb/gadget/legacy/raw_gadget.c. A local user can perform a denial of service (DoS) attack.
80) Memory leak (CVE-ID: CVE-2023-53697)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the unregister_nvdimm_pmu() function in drivers/nvdimm/nd_perf.c. A local user can perform a denial of service (DoS) attack.
81) Integer underflow (CVE-ID: CVE-2023-53698)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the xsk_bind() function in net/xdp/xsk.c. A local user can execute arbitrary code.
82) Resource management error (CVE-ID: CVE-2023-53699)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the setup_bootmem() and paging_init() functions in arch/riscv/mm/init.c. A local user can perform a denial of service (DoS) attack.
83) Out-of-bounds read (CVE-ID: CVE-2023-53703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the float_to_int() function in drivers/hid/amd-sfh-hid/sfh1_1/amd_sfh_desc.c. A local user can perform a denial of service (DoS) attack.
84) Memory leak (CVE-ID: CVE-2023-53704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx8mp_clocks_probe() function in drivers/clk/imx/clk-imx8mp.c. A local user can perform a denial of service (DoS) attack.
85) Use of uninitialized resource (CVE-ID: CVE-2023-53707)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the amdgpu_cs_pass1() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c. A local user can perform a denial of service (DoS) attack.
86) Memory leak (CVE-ID: CVE-2023-53708)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpi_device_get_constraints_amd() function in drivers/acpi/x86/s2idle.c. A local user can perform a denial of service (DoS) attack.
87) Buffer overflow (CVE-ID: CVE-2023-53711)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nfs_file_direct_read() function in fs/nfs/direct.c. A local user can perform a denial of service (DoS) attack.
88) Use of uninitialized resource (CVE-ID: CVE-2023-53713)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the arch/arm64/include/asm/fpsimdmacros.h. A local user can perform a denial of service (DoS) attack.
89) NULL pointer dereference (CVE-ID: CVE-2023-53718)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the update_max_tr_single() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
90) NULL pointer dereference (CVE-ID: CVE-2023-53721)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath12k_mac_op_hw_scan() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.
91) Out-of-bounds read (CVE-ID: CVE-2023-53722)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the raid1_remove_disk() function in drivers/md/raid1.c. A local user can perform a denial of service (DoS) attack.
92) Memory leak (CVE-ID: CVE-2023-53725)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ttc_timer_probe() function in drivers/clocksource/timer-cadence-ttc.c. A local user can perform a denial of service (DoS) attack.
93) Out-of-bounds read (CVE-ID: CVE-2023-53726)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_csum() function in arch/arm64/lib/csum.c. A local user can perform a denial of service (DoS) attack.
94) Improper locking (CVE-ID: CVE-2023-53727)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fq_pie_change() function in net/sched/sch_fq_pie.c. A local user can perform a denial of service (DoS) attack.
95) Improper locking (CVE-ID: CVE-2023-53728)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the posix_timer_by_id() function in kernel/time/posix-timers.c. A local user can perform a denial of service (DoS) attack.
96) Out-of-bounds read (CVE-ID: CVE-2023-53729)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qmi_decode_string_elem() function in drivers/soc/qcom/qmi_encdec.c. A local user can perform a denial of service (DoS) attack.
97) Improper locking (CVE-ID: CVE-2023-53730)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the adjust_inuse_and_calc_cost() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.
98) Improper locking (CVE-ID: CVE-2023-53731)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __netlink_diag_dump() function in net/netlink/diag.c. A local user can perform a denial of service (DoS) attack.
99) Input validation error (CVE-ID: CVE-2023-53733)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the u32_set_parms() and u32_change() functions in net/sched/cls_u32.c. A local user can perform a denial of service (DoS) attack.
100) Input validation error (CVE-ID: CVE-2025-38008)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the kvm_xen_vcpu_set_attr() function in arch/x86/kvm/xen.c. A local user can perform a denial of service (DoS) attack.
101) Improper locking (CVE-ID: CVE-2025-38539)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __register_event() and __trace_add_event_dirs() functions in kernel/trace/trace_events.c. A local user can perform a denial of service (DoS) attack.
102) Improper locking (CVE-ID: CVE-2025-38552)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the subflow_sched_work_if_closed() and mptcp_subflow_fail() functions in net/mptcp/subflow.c, within the mptcp_data_ready(), __mptcp_finish_join(), __mptcp_retrans(), __mptcp_init_sock() and mptcp_finish_join() functions in net/mptcp/protocol.c, within the mptcp_pm_mp_fail_received() function in net/mptcp/pm.c. A local user can perform a denial of service (DoS) attack.
103) Use-after-free (CVE-ID: CVE-2025-38653)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the proc_reg_open() function in fs/proc/inode.c, within the pde_set_flags() function in fs/proc/generic.c. A local user can escalate privileges on the system.
104) Use-after-free (CVE-ID: CVE-2025-38699)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfad_im_probe() function in drivers/scsi/bfa/bfad_im.c. A local user can escalate privileges on the system.
105) NULL pointer dereference (CVE-ID: CVE-2025-38700)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iscsi_conn_setup() function in drivers/scsi/libiscsi.c. A local user can perform a denial of service (DoS) attack.
106) Improper locking (CVE-ID: CVE-2025-38718)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sctp_rcv() function in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.
107) NULL pointer dereference (CVE-ID: CVE-2025-39673)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ppp_fill_forward_path(), ppp_unregister_channel(), ppp_connect_channel() and ppp_disconnect_channel() functions in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.
108) NULL pointer dereference (CVE-ID: CVE-2025-39676)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla4xxx_get_ep_fwdb() function in drivers/scsi/qla4xxx/ql4_os.c. A local user can perform a denial of service (DoS) attack.
109) Out-of-bounds read (CVE-ID: CVE-2025-39683)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the trace_get_user() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
110) Improper locking (CVE-ID: CVE-2025-39697)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfs_page_set_inode_ref(), nfs_page_group_lock() and nfs_inode_remove_request() functions in fs/nfs/write.c, within the nfs_page_group_unlock() function in fs/nfs/pagelist.c. A local user can perform a denial of service (DoS) attack.
111) Resource management error (CVE-ID: CVE-2025-39702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the seg6_hmac_validate_skb() function in net/ipv6/seg6_hmac.c. A local user can perform a denial of service (DoS) attack.
112) Resource management error (CVE-ID: CVE-2025-39756)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the alloc_fdtable() function in fs/file.c. A local user can perform a denial of service (DoS) attack.
113) Input validation error (CVE-ID: CVE-2025-39794)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tegra_cpu_reset_handler_enable() function in arch/arm/mach-tegra/reset.c. A local user can perform a denial of service (DoS) attack.
114) Improper error handling (CVE-ID: CVE-2025-39797)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the xfrm_state_lookup_byspi() and xfrm_alloc_spi() functions in net/xfrm/xfrm_state.c. A local user can perform a denial of service (DoS) attack.
115) Input validation error (CVE-ID: CVE-2025-39812)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sctp_v6_from_sk() function in net/sctp/ipv6.c. A local user can perform a denial of service (DoS) attack.
116) Resource management error (CVE-ID: CVE-2025-39813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ftrace_dump() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
117) Out-of-bounds write (CVE-ID: CVE-2025-39828)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the vcc_sendmsg() function in net/atm/common.c. A local user can execute arbitrary code.
118) Use-after-free (CVE-ID: CVE-2025-39841)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lpfc_nvmet_defer_rcv() function in drivers/scsi/lpfc/lpfc_nvmet.c. A local user can escalate privileges on the system.
119) NULL pointer dereference (CVE-ID: CVE-2025-39851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/vxlan/vxlan_private.h. A local user can perform a denial of service (DoS) attack.
120) Use-after-free (CVE-ID: CVE-2025-39866)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __mark_inode_dirty() function in fs/fs-writeback.c. A local user can escalate privileges on the system.
121) NULL pointer dereference (CVE-ID: CVE-2025-39876)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fec_enet_phy_reset_after_clk_enable() function in drivers/net/ethernet/freescale/fec_main.c. A local user can perform a denial of service (DoS) attack.
122) Use-after-free (CVE-ID: CVE-2025-39881)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the of_on(), kernfs_seq_stop_active(), kernfs_seq_start(), kernfs_file_read_iter(), kernfs_fop_write_iter(), kernfs_vma_open(), kernfs_vma_fault(), kernfs_vma_page_mkwrite(), kernfs_vma_access(), kernfs_fop_mmap() and kernfs_fop_poll() functions in fs/kernfs/file.c. A local user can escalate privileges on the system.
123) NULL pointer dereference (CVE-ID: CVE-2025-39895)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sched_numa_find_nth_cpu() function in kernel/sched/topology.c. A local user can perform a denial of service (DoS) attack.
124) NULL pointer dereference (CVE-ID: CVE-2025-39902)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the object_err() function in mm/slub.c. A local user can perform a denial of service (DoS) attack.
125) Resource management error (CVE-ID: CVE-2025-39911)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the i40e_vsi_request_irq_msix() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
126) Infinite loop (CVE-ID: CVE-2025-39931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the af_alg_sendmsg() function in crypto/af_alg.c. A local user can perform a denial of service (DoS) attack.
127) NULL pointer dereference (CVE-ID: CVE-2025-39934)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the anx7625_i2c_probe() function in drivers/gpu/drm/bridge/analogix/anx7625.c. A local user can perform a denial of service (DoS) attack.
128) NULL pointer dereference (CVE-ID: CVE-2025-39937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rfkill_gpio_acpi_probe() function in net/rfkill/rfkill-gpio.c. A local user can perform a denial of service (DoS) attack.
129) NULL pointer dereference (CVE-ID: CVE-2025-39938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the q6apm_lpass_dai_prepare() function in sound/soc/qcom/qdsp6/q6apm-lpass-dais.c. A local user can perform a denial of service (DoS) attack.
130) Use-after-free (CVE-ID: CVE-2025-39945)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cnic_cm_stop_bnx2x_hw() function in drivers/net/ethernet/broadcom/cnic.c. A local user can escalate privileges on the system.
131) Out-of-bounds read (CVE-ID: CVE-2025-39946)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tls_rx_msg_size() function in net/tls/tls_sw.c. A local user can perform a denial of service (DoS) attack.
132) NULL pointer dereference (CVE-ID: CVE-2025-39947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/mlx5/driver.h. A local user can perform a denial of service (DoS) attack.
133) Memory leak (CVE-ID: CVE-2025-39948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/net/ethernet/intel/ice/ice_txrx.h. A local user can perform a denial of service (DoS) attack.
134) Improper error handling (CVE-ID: CVE-2025-39949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the qed_protection_override_dump() function in drivers/net/ethernet/qlogic/qed/qed_debug.c. A local user can perform a denial of service (DoS) attack.
135) Buffer overflow (CVE-ID: CVE-2025-39952)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the drivers/net/wireless/microchip/wilc1000/wlan_cfg.h. A local user can escalate privileges on the system.
136) Resource management error (CVE-ID: CVE-2025-39955)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tcp_disconnect() function in net/ipv4/tcp.c. A local user can perform a denial of service (DoS) attack.
137) Input validation error (CVE-ID: CVE-2025-39957)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ieee80211_register_hw() function in net/mac80211/main.c. A local user can perform a denial of service (DoS) attack.
138) Use-after-free (CVE-ID: CVE-2025-39965)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xfrm_alloc_spi() function in net/xfrm/xfrm_state.c. A local user can escalate privileges on the system.
139) Integer overflow (CVE-ID: CVE-2025-39967)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the fbcon_set_font() function in drivers/video/fbdev/core/fbcon.c. A local user can execute arbitrary code.
140) Buffer overflow (CVE-ID: CVE-2025-39968)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the i40e_vc_del_cloud_filter() and i40e_vc_add_cloud_filter() functions in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can escalate privileges on the system.
141) Input validation error (CVE-ID: CVE-2025-39969)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h. A local user can perform a denial of service (DoS) attack.
142) Out-of-bounds read (CVE-ID: CVE-2025-39970)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the i40e_validate_cloud_filter() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.
143) Input validation error (CVE-ID: CVE-2025-39971)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the i40e_vc_config_queues_msg() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.
144) Input validation error (CVE-ID: CVE-2025-39972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the i40e_validate_queue_map() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.
145) Input validation error (CVE-ID: CVE-2025-39973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the i40e_config_vsi_tx_queue() and i40e_config_vsi_rx_queue() functions in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.
146) Use-after-free (CVE-ID: CVE-2025-39978)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the otx2_tc_add_flow() function in drivers/net/ethernet/marvell/octeontx2/nic/otx2_tc.c. A local user can escalate privileges on the system.
147) Use-after-free (CVE-ID: CVE-2025-39981)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the net/bluetooth/mgmt_util.h. A local user can escalate privileges on the system.
148) Use-after-free (CVE-ID: CVE-2025-39982)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_conn_complete_evt() and le_conn_complete_evt() functions in net/bluetooth/hci_event.c. A local user can escalate privileges on the system.
149) Buffer overflow (CVE-ID: CVE-2025-39985)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the function in drivers/net/can/usb/mcba_usb.c. A local user can escalate privileges on the system.
150) Buffer overflow (CVE-ID: CVE-2025-39986)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the function in drivers/net/can/sun4i_can.c. A local user can escalate privileges on the system.
151) Buffer overflow (CVE-ID: CVE-2025-39987)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the function in drivers/net/can/spi/hi311x.c. A local user can escalate privileges on the system.
152) Buffer overflow (CVE-ID: CVE-2025-39988)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the function in drivers/net/can/usb/etas_es58x/es58x_core.c. A local user can escalate privileges on the system.
153) NULL pointer dereference (CVE-ID: CVE-2025-39991)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath11k_qmi_m3_load() function in drivers/net/wireless/ath/ath11k/qmi.c. A local user can perform a denial of service (DoS) attack.
154) Use-after-free (CVE-ID: CVE-2025-39993)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the display_open(), send_packet(), vfd_write(), lcd_write() and imon_disconnect() functions in drivers/media/rc/imon.c. A local user can escalate privileges on the system.
155) Use-after-free (CVE-ID: CVE-2025-39994)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xc5000_release() function in drivers/media/tuners/xc5000.c. A local user can escalate privileges on the system.
156) Use-after-free (CVE-ID: CVE-2025-39995)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tc358743_probe() function in drivers/media/i2c/tc358743.c. A local user can escalate privileges on the system.
157) Use-after-free (CVE-ID: CVE-2025-39996)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the flexcop_pci_remove() function in drivers/media/pci/b2c2/flexcop-pci.c. A local user can escalate privileges on the system.
158) Use-after-free (CVE-ID: CVE-2025-39997)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_usbmidi_free() function in sound/usb/midi.c. A local user can escalate privileges on the system.
159) Use-after-free (CVE-ID: CVE-2025-40000)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ser_reset_trx_st_hdl() function in drivers/net/wireless/realtek/rtw89/ser.c. A local user can escalate privileges on the system.
160) Improper locking (CVE-ID: CVE-2025-40005)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cqspi_indirect_read_execute(), cqspi_indirect_write_execute(), cqspi_exec_mem_op(), cqspi_probe() and cqspi_remove() functions in drivers/spi/spi-cadence-quadspi.c. A local user can perform a denial of service (DoS) attack.
161) NULL pointer dereference (CVE-ID: CVE-2025-40010)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the afs_use_server() function in fs/afs/server.c. A local user can perform a denial of service (DoS) attack.
162) NULL pointer dereference (CVE-ID: CVE-2025-40011)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the oaktrail_hdmi_teardown() function in drivers/gpu/drm/gma500/oaktrail_hdmi.c. A local user can perform a denial of service (DoS) attack.
163) NULL pointer dereference (CVE-ID: CVE-2025-40013)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the audioreach_widget_load_module_common() function in sound/soc/qcom/qdsp6/topology.c. A local user can perform a denial of service (DoS) attack.
164) Resource management error (CVE-ID: CVE-2025-40016)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the drivers/media/usb/uvc/uvcvideo.h. A local user can perform a denial of service (DoS) attack.
165) Use-after-free (CVE-ID: CVE-2025-40018)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __ip_vs_ftp_exit() and ip_vs_ftp_init() functions in net/netfilter/ipvs/ip_vs_ftp.c. A local user can escalate privileges on the system.
166) Input validation error (CVE-ID: CVE-2025-40019)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the essiv_aead_crypt() function in crypto/essiv.c. A local user can perform a denial of service (DoS) attack.
167) Out-of-bounds read (CVE-ID: CVE-2025-40020)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the peak_usb_update_ts_now() function in drivers/net/can/usb/peak_usb/pcan_usb_core.c. A local user can perform a denial of service (DoS) attack.
168) NULL pointer dereference (CVE-ID: CVE-2025-40029)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fsl_mc_bus_probe() function in drivers/bus/fsl-mc/fsl-mc-bus.c. A local user can perform a denial of service (DoS) attack.
169) NULL pointer dereference (CVE-ID: CVE-2025-40032)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pci_epf_test_clean_dma_chan() function in drivers/pci/endpoint/functions/pci-epf-test.c. A local user can perform a denial of service (DoS) attack.
170) Memory leak (CVE-ID: CVE-2025-40035)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the uinput_ff_upload_to_user() function in drivers/input/misc/uinput.c. A local user can perform a denial of service (DoS) attack.
171) Memory leak (CVE-ID: CVE-2025-40036)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fastrpc_put_args() function in drivers/misc/fastrpc.c. A local user can perform a denial of service (DoS) attack.
172) Input validation error (CVE-ID: CVE-2025-40043)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nci_core_reset_ntf_packet(), nci_core_conn_credits_ntf_packet(), nci_core_generic_error_ntf_packet(), nci_core_conn_intf_error_ntf_packet(), nci_clear_target_list(), nci_rf_discover_ntf_packet(), nci_store_general_bytes_nfc_dep(), nci_rf_intf_activated_ntf_packet(), nci_rf_deactivate_ntf_packet(), nci_nfcee_discover_ntf_packet() and nci_ntf_packet() functions in net/nfc/nci/ntf.c. A local user can perform a denial of service (DoS) attack.
173) Use-after-free (CVE-ID: CVE-2025-40044)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the udf_current_aext() function in fs/udf/inode.c. A local user can escalate privileges on the system.
174) Use of uninitialized resource (CVE-ID: CVE-2025-40049)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the fs/squashfs/squashfs_fs_i.h. A local user can perform a denial of service (DoS) attack.
175) Input validation error (CVE-ID: CVE-2025-40051)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the copy_from_iotlb() function in drivers/vhost/vringh.c. A local user can perform a denial of service (DoS) attack.
176) Use-after-free (CVE-ID: CVE-2025-40052)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fill_transform_hdr(), smb2_aead_req_alloc() and crypt_message() functions in fs/smb/client/smb2ops.c. A local user can escalate privileges on the system.
177) Input validation error (CVE-ID: CVE-2025-40056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the copy_to_iotlb() function in drivers/vhost/vringh.c. A local user can perform a denial of service (DoS) attack.
178) Incorrect calculation (CVE-ID: CVE-2025-40058)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the drivers/iommu/intel/iommu.h. A local user can perform a denial of service (DoS) attack.
179) NULL pointer dereference (CVE-ID: CVE-2025-40060)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arm_trbe_alloc_buffer() function in drivers/hwtracing/coresight/coresight-trbe.c. A local user can perform a denial of service (DoS) attack.
180) Use-after-free (CVE-ID: CVE-2025-40061)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the do_task() function in drivers/infiniband/sw/rxe/rxe_task.c. A local user can escalate privileges on the system.
181) Double free (CVE-ID: CVE-2025-40062)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the qm_diff_regs_init() function in drivers/crypto/hisilicon/debugfs.c. A local user can perform a denial of service (DoS) attack.
182) Improper locking (CVE-ID: CVE-2025-40071)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gsm_send_packet(), gsm_dlci_open() and gsm_modem_upd_via_msc() functions in drivers/tty/n_gsm.c. A local user can perform a denial of service (DoS) attack.
183) Resource management error (CVE-ID: CVE-2025-40078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sock_addr_is_valid_access() function in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
184) Input validation error (CVE-ID: CVE-2025-40080)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nbd_get_socket() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
185) Out-of-bounds read (CVE-ID: CVE-2025-40082)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hfsplus_listxattr() function in fs/hfsplus/xattr.c. A local user can perform a denial of service (DoS) attack.
186) NULL pointer dereference (CVE-ID: CVE-2025-40085)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the get_alias_quirk() function in sound/usb/card.c. A local user can perform a denial of service (DoS) attack.
187) Resource management error (CVE-ID: CVE-2025-40087)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nfsd4_ff_proc_getdeviceinfo() function in fs/nfsd/flexfilelayout.c. A local user can perform a denial of service (DoS) attack.
188) Out-of-bounds read (CVE-ID: CVE-2025-40088)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hfsplus_strcasecmp() and hfsplus_strcmp() functions in fs/hfsplus/unicode.c. A local user can perform a denial of service (DoS) attack.
189) Double free (CVE-ID: CVE-2025-40096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the drm_sched_job_add_implicit_dependencies() function in drivers/gpu/drm/scheduler/sched_main.c. A local user can perform a denial of service (DoS) attack.
190) Reachable assertion (CVE-ID: CVE-2025-40100)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the populate_free_space_tree() function in fs/btrfs/free-space-tree.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.