SB2026012869 - SUSE update for the Linux Kernel
Published: January 28, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 395 secuirty vulnerabilities.
1) Integer overflow (CVE-ID: CVE-2023-42752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow within the __alloc_skb() function. A local user can trigger integer overflow and crash the kernel.
2) Memory leak (CVE-ID: CVE-2023-53743)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci_register_host_bridge() function in drivers/pci/probe.c. A local user can perform a denial of service (DoS) attack.
3) Use-after-free (CVE-ID: CVE-2023-53750)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the imx_pinconf_set_scu() function in drivers/pinctrl/freescale/pinctrl-scu.c. A local user can escalate privileges on the system.
4) Input validation error (CVE-ID: CVE-2023-53752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the kmalloc_reserve() function in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.
5) Improper locking (CVE-ID: CVE-2023-53759)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hidraw_open() function in drivers/hid/hidraw.c. A local user can perform a denial of service (DoS) attack.
6) Use-after-free (CVE-ID: CVE-2023-53762)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_abort_conn_sync() function in net/bluetooth/hci_sync.c. A local user can escalate privileges on the system.
7) NULL pointer dereference (CVE-ID: CVE-2023-53766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the txBegin() function in fs/jfs/jfs_txnmgr.c. A local user can perform a denial of service (DoS) attack.
8) Out-of-bounds read (CVE-ID: CVE-2023-53768)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the regmap_add_irq_chip_fwnode() function in drivers/base/regmap/regmap-irq.c. A local user can perform a denial of service (DoS) attack.
9) Improper locking (CVE-ID: CVE-2023-53777)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the z_erofs_init_zip_subsystem(), z_erofs_try_to_claim_pcluster(), z_erofs_register_pcluster(), z_erofs_collector_begin(), z_erofs_do_read_page(), z_erofs_decompress_queue(), z_erofs_decompressqueue_work(), jobqueue_init(), move_to_bypass_jobqueue() and z_erofs_submit_queue() functions in fs/erofs/zdata.c. A local user can perform a denial of service (DoS) attack.
10) Integer overflow (CVE-ID: CVE-2023-53778)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the find_and_map_user_pages() and encode_dma() functions in drivers/accel/qaic/qaic_control.c. A local user can execute arbitrary code.
11) Out-of-bounds read (CVE-ID: CVE-2023-53782)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dccp_v6_init_sequence() and dccp_v6_err() functions in net/dccp/ipv6.c. A local user can perform a denial of service (DoS) attack.
12) NULL pointer dereference (CVE-ID: CVE-2023-53784)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dw_hdmi_set_high_tmds_clock_ratio(), hdmi_av_composer() and dw_hdmi_probe() functions in drivers/gpu/drm/bridge/synopsys/dw-hdmi.c. A local user can perform a denial of service (DoS) attack.
13) Resource management error (CVE-ID: CVE-2023-53785)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mt7921_usb_sdio_tx_prepare_skb() function in drivers/net/wireless/mediatek/mt76/mt7921/mac.c. A local user can perform a denial of service (DoS) attack.
14) NULL pointer dereference (CVE-ID: CVE-2023-53787)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the da9063_check_xvp_constraints() function in drivers/regulator/da9063-regulator.c. A local user can perform a denial of service (DoS) attack.
15) Infinite loop (CVE-ID: CVE-2023-53791)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the drivers/md/md.h. A local user can perform a denial of service (DoS) attack.
16) Memory leak (CVE-ID: CVE-2023-53792)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvme_ctrl_dhchap_ctrl_secret_store() function in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
17) Memory leak (CVE-ID: CVE-2023-53793)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the x86__is_amd_cpu() function in tools/perf/arch/x86/util/env.c. A local user can perform a denial of service (DoS) attack.
18) Use-after-free (CVE-ID: CVE-2023-53794)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_reconnect_server() function in fs/smb/client/smb2pdu.c. A local user can escalate privileges on the system.
19) Resource management error (CVE-ID: CVE-2023-53795)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iommufd_get_object() function in drivers/iommu/iommufd/main.c. A local user can perform a denial of service (DoS) attack.
20) Buffer overflow (CVE-ID: CVE-2023-53797)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/hid/wacom_wac.h. A local user can perform a denial of service (DoS) attack.
21) Resource management error (CVE-ID: CVE-2023-53799)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/crypto/algapi.h. A local user can perform a denial of service (DoS) attack.
22) NULL pointer dereference (CVE-ID: CVE-2023-53807)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_wzrd_register_divider() function in drivers/clk/xilinx/clk-xlnx-clock-wizard.c. A local user can perform a denial of service (DoS) attack.
23) Memory leak (CVE-ID: CVE-2023-53808)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mwifiex_histogram_read() function in drivers/net/wireless/marvell/mwifiex/debugfs.c. A local user can perform a denial of service (DoS) attack.
24) Buffer overflow (CVE-ID: CVE-2023-53813)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ext4_mb_use_preallocated() function in fs/ext4/mballoc.c. A local user can escalate privileges on the system.
25) Improper locking (CVE-ID: CVE-2023-53815)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the SYSCALL_DEFINE1() and exit_itimers() functions in kernel/time/posix-timers.c. A local user can perform a denial of service (DoS) attack.
26) Out-of-bounds read (CVE-ID: CVE-2023-53819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_vm_bo_map() and amdgpu_vm_bo_replace_map() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can perform a denial of service (DoS) attack.
27) Use-after-free (CVE-ID: CVE-2023-53821)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vti6_tnl_xmit() function in net/ipv6/ip6_vti.c. A local user can escalate privileges on the system.
28) Memory leak (CVE-ID: CVE-2023-53823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the include/linux/blkdev.h. A local user can perform a denial of service (DoS) attack.
29) Memory leak (CVE-ID: CVE-2023-53825)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kcm_sendmsg() function in net/kcm/kcmsock.c. A local user can perform a denial of service (DoS) attack.
30) Use-after-free (CVE-ID: CVE-2023-53828)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_add_adv_monitor() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
31) Resource management error (CVE-ID: CVE-2023-53831)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sk_mc_loop() function in net/core/sock.c. A local user can perform a denial of service (DoS) attack.
32) NULL pointer dereference (CVE-ID: CVE-2023-53834)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ina2xx_probe() function in drivers/iio/adc/ina2xx-adc.c. A local user can perform a denial of service (DoS) attack.
33) Use-after-free (CVE-ID: CVE-2023-53836)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sk_psock_skb_ingress_self() and sk_psock_backlog() functions in net/core/skmsg.c. A local user can escalate privileges on the system.
34) Improper locking (CVE-ID: CVE-2023-53839)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the do_dccp_getsockopt() and dccp_sendmsg() functions in net/dccp/proto.c. A local user can perform a denial of service (DoS) attack.
35) Improper locking (CVE-ID: CVE-2023-53841)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the devlink_notify_unregister() function in net/devlink/leftover.c. A local user can perform a denial of service (DoS) attack.
36) Memory leak (CVE-ID: CVE-2023-53842)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wcd_mbhc_init() and EXPORT_SYMBOL() functions in sound/soc/codecs/wcd-mbhc-v2.c. A local user can perform a denial of service (DoS) attack.
37) Input validation error (CVE-ID: CVE-2023-53843)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ovs_dp_cmd_new() and ovs_vport_cmd_new() functions in net/openvswitch/datapath.c. A local user can perform a denial of service (DoS) attack.
38) Memory leak (CVE-ID: CVE-2023-53844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ttm_bo_swapout() function in drivers/gpu/drm/ttm/ttm_bo.c. A local user can perform a denial of service (DoS) attack.
39) Buffer overflow (CVE-ID: CVE-2023-53846)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the include/linux/f2fs_fs.h. A local user can escalate privileges on the system.
40) Use of uninitialized resource (CVE-ID: CVE-2023-53847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the alauda_get_media_status() and alauda_init_media() functions in drivers/usb/storage/alauda.c. A local user can perform a denial of service (DoS) attack.
41) NULL pointer dereference (CVE-ID: CVE-2023-53848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the r5l_exit_log() function in drivers/md/raid5-cache.c. A local user can perform a denial of service (DoS) attack.
42) Memory leak (CVE-ID: CVE-2023-53850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iavf_free_rss() and iavf_reset_task() functions in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.
43) Use-after-free (CVE-ID: CVE-2023-53851)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dp_display_unbind(), msm_dp_debugfs_init() and dp_display_get_next_bridge() functions in drivers/gpu/drm/msm/dp/dp_display.c. A local user can escalate privileges on the system.
44) Memory leak (CVE-ID: CVE-2023-53852)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvme_ctrl_dhchap_secret_store() function in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
45) Reachable assertion (CVE-ID: CVE-2023-53855)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the felix_teardown() function in drivers/net/dsa/ocelot/felix.c. A local user can perform a denial of service (DoS) attack.
46) Use of uninitialized resource (CVE-ID: CVE-2023-53856)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the init_overlay_changeset() and of_overlay_fdt_apply() functions in drivers/of/overlay.c. A local user can perform a denial of service (DoS) attack.
47) Improper locking (CVE-ID: CVE-2023-53857)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the bpf_local_storage_update() function in kernel/bpf/bpf_local_storage.c. A local user can perform a denial of service (DoS) attack.
48) Memory leak (CVE-ID: CVE-2023-53858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the s3c24xx_serial_getclk() function in drivers/tty/serial/samsung_tty.c. A local user can perform a denial of service (DoS) attack.
49) Improper locking (CVE-ID: CVE-2023-53860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dm_put_live_table_fast() and dm_submit_bio() functions in drivers/md/dm.c. A local user can perform a denial of service (DoS) attack.
50) Input validation error (CVE-ID: CVE-2023-53861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ext4_mb_good_group() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
51) Buffer overflow (CVE-ID: CVE-2023-53863)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nlmsg_populate_fdb_fill() and rtnl_fdb_notify() functions in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.
52) NULL pointer dereference (CVE-ID: CVE-2023-53864)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mxsfb_plane_overlay_atomic_update() function in drivers/gpu/drm/mxsfb/mxsfb_kms.c. A local user can perform a denial of service (DoS) attack.
53) Double free (CVE-ID: CVE-2023-53865)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the btrfs_qgroup_destroy_extent_records() function in fs/btrfs/qgroup.c. A local user can perform a denial of service (DoS) attack.
54) Input validation error (CVE-ID: CVE-2023-53989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pgd_pgtable_alloc() and create_pgd_mapping() functions in arch/arm64/mm/mmu.c. A local user can perform a denial of service (DoS) attack.
55) Input validation error (CVE-ID: CVE-2023-53992)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __cfg80211_leave_ocb() function in net/wireless/ocb.c. A local user can perform a denial of service (DoS) attack.
56) Resource management error (CVE-ID: CVE-2023-53994)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ionic_qcqs_free() function in drivers/net/ethernet/pensando/ionic/ionic_lif.c. A local user can perform a denial of service (DoS) attack.
57) Memory leak (CVE-ID: CVE-2023-53995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __inet_del_ifa() function in net/ipv4/devinet.c. A local user can perform a denial of service (DoS) attack.
58) Incorrect calculation (CVE-ID: CVE-2023-53996)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the amd_enc_cache_flush_required(), amd_enc_status_change_finish(), early_set_memory_enc_dec() and early_set_memory_encrypted() functions in arch/x86/mm/mem_encrypt_amd.c. A local user can perform a denial of service (DoS) attack.
59) Memory leak (CVE-ID: CVE-2023-53997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the thermal_of_monitor_init(), thermal_of_parameters_init(), thermal_of_unbind() and thermal_of_zone_register() functions in drivers/thermal/thermal_of.c. A local user can perform a denial of service (DoS) attack.
60) Race condition (CVE-ID: CVE-2023-53998)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the request_entropy() and virtio_read() functions in drivers/char/hw_random/virtio-rng.c. A local user can escalate privileges on the system.
61) Memory leak (CVE-ID: CVE-2023-53999)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5e_tc_del_fdb_flow() and mlx5_free_flow_attr_actions() functions in drivers/net/ethernet/mellanox/mlx5/core/en_tc.c. A local user can perform a denial of service (DoS) attack.
62) Improper locking (CVE-ID: CVE-2023-54000)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hns3_external_lb_prepare() and hns3_external_lb_restore() functions in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.
63) Memory leak (CVE-ID: CVE-2023-54001)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the r8712_xmit_resource_alloc() function in drivers/staging/rtl8712/xmit_linux.c. A local user can perform a denial of service (DoS) attack.
64) Memory leak (CVE-ID: CVE-2023-54005)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/android/binder_alloc.h. A local user can perform a denial of service (DoS) attack.
65) Improper locking (CVE-ID: CVE-2023-54006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the unix_release_sock() function in net/unix/af_unix.c. A local user can perform a denial of service (DoS) attack.
66) Resource management error (CVE-ID: CVE-2023-54008)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the virtio_vdpa_find_vqs() function in drivers/virtio/virtio_vdpa.c. A local user can perform a denial of service (DoS) attack.
67) NULL pointer dereference (CVE-ID: CVE-2023-54014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla2x00_process_els() function in drivers/scsi/qla2xxx/qla_bsg.c. A local user can perform a denial of service (DoS) attack.
68) Memory leak (CVE-ID: CVE-2023-54016)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/net/wireless/ath/ath12k/dp.h. A local user can perform a denial of service (DoS) attack.
69) Memory leak (CVE-ID: CVE-2023-54017)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ibmebus_bus_init() function in arch/powerpc/platforms/pseries/ibmebus.c. A local user can perform a denial of service (DoS) attack.
70) Use-after-free (CVE-ID: CVE-2023-54019)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the update_triggers(), psi_show(), psi_trigger_create(), psi_trigger_destroy(), psi_trigger_poll() and psi_write() functions in kernel/sched/psi.c. A local user can escalate privileges on the system.
71) Memory leak (CVE-ID: CVE-2023-54022)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the free_midi_urbs() and snd_usb_midi_v2_open() functions in sound/usb/midi2.c. A local user can perform a denial of service (DoS) attack.
72) Reachable assertion (CVE-ID: CVE-2023-54023)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the alloc_profile_is_valid() and btrfs_balance() functions in fs/btrfs/volumes.c. A local user can perform a denial of service (DoS) attack.
73) Resource management error (CVE-ID: CVE-2023-54025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rsi_shutdown() function in drivers/net/wireless/rsi/rsi_91x_sdio.c. A local user can perform a denial of service (DoS) attack.
74) Use-after-free (CVE-ID: CVE-2023-54026)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the _allocate_opp_table() function in drivers/opp/core.c. A local user can escalate privileges on the system.
75) NULL pointer dereference (CVE-ID: CVE-2023-54027)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __iio_device_register() function in drivers/iio/industrialio-core.c. A local user can perform a denial of service (DoS) attack.
76) Buffer overflow (CVE-ID: CVE-2023-54030)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the io_recv_finish() function in io_uring/net.c. A local user can perform a denial of service (DoS) attack.
77) Out-of-bounds read (CVE-ID: CVE-2023-54031)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the function in drivers/vdpa/vdpa.c. A local user can perform a denial of service (DoS) attack.
78) Improper locking (CVE-ID: CVE-2023-54032)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the btrfs_quota_disable() function in fs/btrfs/qgroup.c. A local user can perform a denial of service (DoS) attack.
79) Memory leak (CVE-ID: CVE-2023-54035)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_add_set_elem() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
80) NULL pointer dereference (CVE-ID: CVE-2023-54037)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_start_eth(), ice_load() and ice_unload() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
81) NULL pointer dereference (CVE-ID: CVE-2023-54038)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hci_connect_sco() and hci_connect_cis() functions in net/bluetooth/hci_conn.c. A local user can perform a denial of service (DoS) attack.
82) Use-after-free (CVE-ID: CVE-2023-54042)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vas_deallocate_window() function in arch/powerpc/platforms/pseries/vas.c. A local user can escalate privileges on the system.
83) Improper locking (CVE-ID: CVE-2023-54045)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __audit_inode_child() function in kernel/auditsc.c. A local user can perform a denial of service (DoS) attack.
84) Double free (CVE-ID: CVE-2023-54048)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the drivers/infiniband/hw/bnxt_re/qplib_fp.h. A local user can perform a denial of service (DoS) attack.
85) NULL pointer dereference (CVE-ID: CVE-2023-54049)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qcom_glink_alloc_channel() function in drivers/rpmsg/qcom_glink_native.c. A local user can perform a denial of service (DoS) attack.
86) NULL pointer dereference (CVE-ID: CVE-2023-54051)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/virtio_net.h. A local user can perform a denial of service (DoS) attack.
87) Memory leak (CVE-ID: CVE-2023-54052)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mt76_connac2_mac_write_txwi() function in drivers/net/wireless/mediatek/mt76/mt76_connac_mac.c. A local user can perform a denial of service (DoS) attack.
88) NULL pointer dereference (CVE-ID: CVE-2023-54060)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the batch_clear_carry() function in drivers/iommu/iommufd/pages.c. A local user can perform a denial of service (DoS) attack.
89) Memory leak (CVE-ID: CVE-2023-54064)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ssif_info_find() function in drivers/char/ipmi/ipmi_ssif.c. A local user can perform a denial of service (DoS) attack.
90) NULL pointer dereference (CVE-ID: CVE-2023-54066)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gl861_i2c_master_xfer() function in drivers/media/usb/dvb-usb-v2/gl861.c. A local user can perform a denial of service (DoS) attack.
91) Improper locking (CVE-ID: CVE-2023-54067)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the btrfs_delete_free_space_tree() function in fs/btrfs/free-space-tree.c. A local user can perform a denial of service (DoS) attack.
92) Improper error handling (CVE-ID: CVE-2023-54069)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ext4_mb_new_inode_pa() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
93) Resource management error (CVE-ID: CVE-2023-54070)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the igb_enable_sriov() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
94) Input validation error (CVE-ID: CVE-2023-54072)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the do_free_pages() function in sound/core/pcm_memory.c. A local user can perform a denial of service (DoS) attack.
95) Use-after-free (CVE-ID: CVE-2023-54076)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_find_smb_ses_unlocked() function in fs/smb/client/smb2transport.c. A local user can escalate privileges on the system.
96) NULL pointer dereference (CVE-ID: CVE-2023-54080)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_finish_ordered_zoned() function in fs/btrfs/zoned.c. A local user can perform a denial of service (DoS) attack.
97) Memory leak (CVE-ID: CVE-2023-54081)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the LIST_HEAD(), gnttab_handle_deferred() and gnttab_add_deferred() functions in drivers/xen/grant-table.c. A local user can perform a denial of service (DoS) attack.
98) Use-after-free (CVE-ID: CVE-2023-54083)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tegra_xusb_port_unregister() function in drivers/phy/tegra/xusb.c. A local user can escalate privileges on the system.
99) Improper locking (CVE-ID: CVE-2023-54088)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/linux/blkdev.h. A local user can perform a denial of service (DoS) attack.
100) Resource management error (CVE-ID: CVE-2023-54089)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the async_pmem_flush() function in drivers/nvdimm/nd_virtio.c. A local user can perform a denial of service (DoS) attack.
101) Memory leak (CVE-ID: CVE-2023-54091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drm_client_target_cloned() function in drivers/gpu/drm/drm_client_modeset.c. A local user can perform a denial of service (DoS) attack.
102) Input validation error (CVE-ID: CVE-2023-54092)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the s390_replace_asce() function in arch/s390/mm/gmap.c. A local user can perform a denial of service (DoS) attack.
103) NULL pointer dereference (CVE-ID: CVE-2023-54093)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the anysee_master_xfer() function in drivers/media/usb/dvb-usb-v2/anysee.c. A local user can perform a denial of service (DoS) attack.
104) NULL pointer dereference (CVE-ID: CVE-2023-54094)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the skb_segment_list() function in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.
105) Out-of-bounds read (CVE-ID: CVE-2023-54095)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fail_iommu_bus_notify() function in arch/powerpc/kernel/iommu.c. A local user can perform a denial of service (DoS) attack.
106) Improper locking (CVE-ID: CVE-2023-54096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sdw_modify_slave_status() and sdw_handle_slave_status() functions in drivers/soundwire/bus.c. A local user can perform a denial of service (DoS) attack.
107) Input validation error (CVE-ID: CVE-2023-54099)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the reconfigure_super() function in fs/super.c. A local user can perform a denial of service (DoS) attack.
108) Use-after-free (CVE-ID: CVE-2023-54101)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xlnx_remove_cb_for_suspend() and xlnx_remove_cb_for_notify_event() functions in drivers/soc/xilinx/xlnx_event_manager.c. A local user can escalate privileges on the system.
109) Out-of-bounds read (CVE-ID: CVE-2023-54104)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fun_exec_op() function in drivers/mtd/nand/raw/fsl_upm.c. A local user can perform a denial of service (DoS) attack.
110) Memory leak (CVE-ID: CVE-2023-54106)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5e_init_rep_rx() function in drivers/net/ethernet/mellanox/mlx5/core/en_rep.c. A local user can perform a denial of service (DoS) attack.
111) Memory leak (CVE-ID: CVE-2023-54112)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kcm_sendmsg() function in net/kcm/kcmsock.c. A local user can perform a denial of service (DoS) attack.
112) Use-after-free (CVE-ID: CVE-2023-54113)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mem_dump_obj() function in mm/util.c. A local user can escalate privileges on the system.
113) Memory leak (CVE-ID: CVE-2023-54115)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nonstatic_release_resource_db() function in drivers/pcmcia/rsrc_nonstatic.c. A local user can perform a denial of service (DoS) attack.
114) Improper error handling (CVE-ID: CVE-2023-54117)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dcssblk_shared_store(), dcssblk_add_store() and dcssblk_remove_store() functions in drivers/s390/block/dcssblk.c. A local user can perform a denial of service (DoS) attack.
115) Infinite loop (CVE-ID: CVE-2023-54121)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the btrfs_drop_extent_map_range() function in fs/btrfs/extent_map.c. A local user can perform a denial of service (DoS) attack.
116) Use-after-free (CVE-ID: CVE-2023-54125)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ntfs_read_ea() function in fs/ntfs3/xattr.c. A local user can escalate privileges on the system.
117) Double free (CVE-ID: CVE-2023-54127)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the dbUnmount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
118) Memory leak (CVE-ID: CVE-2023-54133)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfp_net_netdev_close() function in drivers/net/ethernet/netronome/nfp/nfp_net_common.c. A local user can perform a denial of service (DoS) attack.
119) Memory leak (CVE-ID: CVE-2023-54134)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the autofs4_catatonic_mode() function in fs/autofs4/waitq.c. A local user can perform a denial of service (DoS) attack.
120) Out-of-bounds read (CVE-ID: CVE-2023-54135)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mas_wr_slot_store() and mas_wr_store_entry() functions in lib/maple_tree.c. A local user can perform a denial of service (DoS) attack.
121) Memory leak (CVE-ID: CVE-2023-54136)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sprd_rx_free_buf() and sprd_probe() functions in drivers/tty/serial/sprd_serial.c. A local user can perform a denial of service (DoS) attack.
122) Memory leak (CVE-ID: CVE-2023-54137)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vfio_iommu_iova_build_caps() function in drivers/vfio/vfio_iommu_type1.c. A local user can perform a denial of service (DoS) attack.
123) Buffer overflow (CVE-ID: CVE-2023-54140)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nilfs_load_inode_block() function in fs/nilfs2/inode.c. A local user can perform a denial of service (DoS) attack.
124) NULL pointer dereference (CVE-ID: CVE-2023-54141)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the function in drivers/net/wireless/ath/ath11k/hw.c. A local user can perform a denial of service (DoS) attack.
125) Use-after-free (CVE-ID: CVE-2023-54142)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __gtp_encap_destroy() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
126) Memory leak (CVE-ID: CVE-2023-54143)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vdec_msg_queue_init() function in drivers/media/platform/mediatek/vcodec/vdec_msg_queue.c. A local user can perform a denial of service (DoS) attack.
127) Resource management error (CVE-ID: CVE-2023-54145)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bpf_verifier_vlog() function in kernel/bpf/log.c. A local user can perform a denial of service (DoS) attack.
128) Use-after-free (CVE-ID: CVE-2023-54148)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlx5e_init_rep_tx(), mlx5e_cleanup_rep_tx(), uplink_rep_async_event(), mlx5e_uplink_rep_enable() and mlx5e_uplink_rep_disable() functions in drivers/net/ethernet/mellanox/mlx5/core/en_rep.c. A local user can escalate privileges on the system.
129) Improper locking (CVE-ID: CVE-2023-54149)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the net/dsa/switch.h. A local user can perform a denial of service (DoS) attack.
130) Memory leak (CVE-ID: CVE-2023-54153)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __ext4_fill_super() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
131) Memory leak (CVE-ID: CVE-2023-54154)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the target_free_cmd_counter() function in drivers/target/target_core_transport.c. A local user can perform a denial of service (DoS) attack.
132) Buffer overflow (CVE-ID: CVE-2023-54155)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the BPF_CALL_2() function in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
133) NULL pointer dereference (CVE-ID: CVE-2023-54156)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efx_ef10_fini_nic() and efx_ef10_update_stats_pf() functions in drivers/net/ethernet/sfc/ef10.c. A local user can perform a denial of service (DoS) attack.
134) NULL pointer dereference (CVE-ID: CVE-2023-54164)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iso_conn_add(), iso_connect_bis(), iso_connect_cis(), iso_sock_sendmsg() and iso_sock_recvmsg() functions in net/bluetooth/iso.c. A local user can perform a denial of service (DoS) attack.
135) Out-of-bounds read (CVE-ID: CVE-2023-54166)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the igc_clean_all_tx_rings(), igc_down() and igc_enable_rx_ring() functions in drivers/net/ethernet/intel/igc/igc_main.c. A local user can perform a denial of service (DoS) attack.
136) Memory leak (CVE-ID: CVE-2023-54169)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5e_ptp_open() function in drivers/net/ethernet/mellanox/mlx5/core/en/ptp.c. A local user can perform a denial of service (DoS) attack.
137) Input validation error (CVE-ID: CVE-2023-54170)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the construct_alloc_key() function in security/keys/request_key.c. A local user can perform a denial of service (DoS) attack.
138) Memory leak (CVE-ID: CVE-2023-54171)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tracing_release_pipe() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
139) Input validation error (CVE-ID: CVE-2023-54172)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hyperv_init() function in arch/x86/hyperv/hv_init.c. A local user can perform a denial of service (DoS) attack.
140) NULL pointer dereference (CVE-ID: CVE-2023-54173)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the DEFINE_PER_CPU() and bpf_event_output() functions in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.
141) Resource management error (CVE-ID: CVE-2023-54177)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the invalidate_dquots() function in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
142) NULL pointer dereference (CVE-ID: CVE-2023-54178)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the of_unittest_find_node_by_name() and attach_node_and_children() functions in drivers/of/unittest.c. A local user can perform a denial of service (DoS) attack.
143) Out-of-bounds read (CVE-ID: CVE-2023-54179)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qla2x00_create_host() function in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
144) Memory leak (CVE-ID: CVE-2023-54181)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the check_cond_jmp_op() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
145) Memory leak (CVE-ID: CVE-2023-54183)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the v4l2_fwnode_parse_link() function in drivers/media/v4l2-core/v4l2-fwnode.c. A local user can perform a denial of service (DoS) attack.
146) Use-after-free (CVE-ID: CVE-2023-54185)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the load_free_space_bitmaps() and load_free_space_extents() functions in fs/btrfs/free-space-tree.c. A local user can escalate privileges on the system.
147) NULL pointer dereference (CVE-ID: CVE-2023-54189)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the persistent_ram_new() function in fs/pstore/ram_core.c. A local user can perform a denial of service (DoS) attack.
148) Use-after-free (CVE-ID: CVE-2023-54194)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the exfat_allocate_bitmap() and exfat_free_bitmap() functions in fs/exfat/balloc.c. A local user can escalate privileges on the system.
149) Use-after-free (CVE-ID: CVE-2023-54201)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efa_destroy_qp() and efa_destroy_cq() functions in drivers/infiniband/hw/efa/efa_verbs.c. A local user can escalate privileges on the system.
150) Memory leak (CVE-ID: CVE-2023-54204)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the spmmc_drv_probe() function in drivers/mmc/host/sunplus-mmc.c. A local user can perform a denial of service (DoS) attack.
151) Use-after-free (CVE-ID: CVE-2023-54207)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uclogic_input_configured() function in drivers/hid/hid-uclogic-core.c. A local user can escalate privileges on the system.
152) Memory leak (CVE-ID: CVE-2023-54209)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the disk_release() function in block/genhd.c. A local user can perform a denial of service (DoS) attack.
153) Use-after-free (CVE-ID: CVE-2023-54210)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_remove_adv_monitor() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
154) Resource management error (CVE-ID: CVE-2023-54211)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __ftrace_event_enable_disable() function in kernel/trace/trace_events.c. A local user can perform a denial of service (DoS) attack.
155) Memory leak (CVE-ID: CVE-2023-54215)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the virtio_vdpa_find_vqs() function in drivers/virtio/virtio_vdpa.c. A local user can perform a denial of service (DoS) attack.
156) Improper locking (CVE-ID: CVE-2023-54219)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the isert_wait_conn() function in drivers/infiniband/ulp/isert/ib_isert.c. A local user can perform a denial of service (DoS) attack.
157) Improper Initialization (CVE-ID: CVE-2023-54220)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the serial8250_init_port() function in drivers/tty/serial/8250/8250_port.c. A local user can perform a denial of service (DoS) attack.
158) Memory leak (CVE-ID: CVE-2023-54221)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx93_clocks_probe() function in drivers/clk/imx/clk-imx93.c. A local user can perform a denial of service (DoS) attack.
159) Resource management error (CVE-ID: CVE-2023-54223)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mlx5e_xsk_skb_from_cqe_linear() function in drivers/net/ethernet/mellanox/mlx5/core/en/xsk/rx.c. A local user can perform a denial of service (DoS) attack.
160) Improper locking (CVE-ID: CVE-2023-54224)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __btrfs_run_delayed_items() function in fs/btrfs/delayed-inode.c. A local user can perform a denial of service (DoS) attack.
161) Use-after-free (CVE-ID: CVE-2023-54225)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ipa_filter_reset() and ipa_route_reset() functions in drivers/net/ipa/ipa_table.c. A local user can escalate privileges on the system.
162) Memory leak (CVE-ID: CVE-2023-54227)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the blk_mq_realloc_tag_set_tags() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
163) Improper locking (CVE-ID: CVE-2023-54229)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ath11k_mac_setup_channels_rates() function in drivers/net/wireless/ath/ath11k/mac.c. A local user can perform a denial of service (DoS) attack.
164) Memory leak (CVE-ID: CVE-2023-54230)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amba_device_release() function in drivers/amba/bus.c. A local user can perform a denial of service (DoS) attack.
165) Race condition (CVE-ID: CVE-2023-54235)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the pci_doe_recv_resp() function in drivers/pci/doe.c. A local user can escalate privileges on the system.
166) NULL pointer dereference (CVE-ID: CVE-2023-54240)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_hwlro_get_fdir_all() function in drivers/net/ethernet/mediatek/mtk_eth_soc.c. A local user can perform a denial of service (DoS) attack.
167) NULL pointer dereference (CVE-ID: CVE-2023-54241)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the _kvm_vz_restore_htimer(), _kvm_vz_save_htimer(), mips_process_maar(), kvm_vz_gpsi_cop0(), kvm_vz_get_one_reg(), kvm_vz_set_one_reg(), kvm_vz_vcpu_load_tlb(), kvm_vz_vcpu_load() and kvm_vz_vcpu_uninit() functions in arch/mips/kvm/vz.c. A local user can perform a denial of service (DoS) attack.
168) Resource management error (CVE-ID: CVE-2023-54246)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rcu_scale_writer() function in kernel/rcu/rcuscale.c. A local user can perform a denial of service (DoS) attack.
169) Improper error handling (CVE-ID: CVE-2023-54247)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the btf_type_is_fwd() and btf_type_is_datasec() functions in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
170) Buffer overflow (CVE-ID: CVE-2023-54251)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the function in tools/testing/selftests/tc-testing/tc-tests/qdiscs/taprio.json. A local user can perform a denial of service (DoS) attack.
171) Reachable assertion (CVE-ID: CVE-2023-54253)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the relocate_one_page() function in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.
172) Memory leak (CVE-ID: CVE-2023-54254)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ttm_bo_evict() function in drivers/gpu/drm/ttm/ttm_bo.c. A local user can perform a denial of service (DoS) attack.
173) Input validation error (CVE-ID: CVE-2023-54255)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dma_find_base(), dma_base_addr() and sh_dmac_get_dma_residue() functions in arch/sh/drivers/dma/dma-sh.c. A local user can perform a denial of service (DoS) attack.
174) Resource management error (CVE-ID: CVE-2023-54258)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cifs_oplock_break() function in fs/smb/client/file.c. A local user can perform a denial of service (DoS) attack.
175) NULL pointer dereference (CVE-ID: CVE-2023-54261)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mqd_manager_init_v11() function in drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v11.c. A local user can perform a denial of service (DoS) attack.
176) Resource management error (CVE-ID: CVE-2023-54263)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nv50_pior_destroy() and nv50_pior_create() functions in drivers/gpu/drm/nouveau/dispnv50/disp.c. A local user can perform a denial of service (DoS) attack.
177) NULL pointer dereference (CVE-ID: CVE-2023-54264)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the alloc_branch() function in fs/sysv/itree.c. A local user can perform a denial of service (DoS) attack.
178) Memory leak (CVE-ID: CVE-2023-54266)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the m920x_i2c_xfer() function in drivers/media/usb/dvb-usb/m920x.c. A local user can perform a denial of service (DoS) attack.
179) Input validation error (CVE-ID: CVE-2023-54267)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pseries_idle_probe() function in drivers/cpuidle/cpuidle-pseries.c. A local user can perform a denial of service (DoS) attack.
180) NULL pointer dereference (CVE-ID: CVE-2023-54271)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blkcg_activate_policy() function in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
181) NULL pointer dereference (CVE-ID: CVE-2023-54276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfsd_init_net() function in fs/nfsd/nfsctl.c. A local user can perform a denial of service (DoS) attack.
182) Use-after-free (CVE-ID: CVE-2023-54278)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vmem_map_init() function in arch/s390/mm/vmem.c. A local user can escalate privileges on the system.
183) Use-after-free (CVE-ID: CVE-2023-54281)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_search_path_in_tree_user() function in fs/btrfs/ioctl.c. A local user can escalate privileges on the system.
184) Buffer overflow (CVE-ID: CVE-2023-54282)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the qt1010_init() function in drivers/media/tuners/qt1010.c. A local user can escalate privileges on the system.
185) Race condition within a thread (CVE-ID: CVE-2023-54283)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the kernel/bpf/bpf_lru_list.h. A local user can corrupt data.
186) Integer overflow (CVE-ID: CVE-2023-54285)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the iomap_write_delalloc_scan() function in fs/iomap/buffered-io.c. A local user can execute arbitrary code.
187) NULL pointer dereference (CVE-ID: CVE-2023-54289)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qedf_alloc_global_queues() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.
188) NULL pointer dereference (CVE-ID: CVE-2023-54291)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vduse_vdpa_set_vq_affinity() function in drivers/vdpa/vdpa_user/vduse_dev.c. A local user can perform a denial of service (DoS) attack.
189) Improper locking (CVE-ID: CVE-2023-54292)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the irdma_free_cqp_request(), irdma_free_pending_cqp_request() and irdma_wait_event() functions in drivers/infiniband/hw/irdma/utils.c. A local user can perform a denial of service (DoS) attack.
190) Use-after-free (CVE-ID: CVE-2023-54293)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bch_root_node_dirty_init() function in drivers/md/bcache/writeback.c. A local user can escalate privileges on the system.
191) NULL pointer dereference (CVE-ID: CVE-2023-54296)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sev_migrate_from() function in arch/x86/kvm/svm/sev.c. A local user can perform a denial of service (DoS) attack.
192) Memory leak (CVE-ID: CVE-2023-54297)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the exclude_super_stripes() function in fs/btrfs/block-group.c. A local user can perform a denial of service (DoS) attack.
193) NULL pointer dereference (CVE-ID: CVE-2023-54299)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/usb/typec_altmode.h. A local user can perform a denial of service (DoS) attack.
194) Input validation error (CVE-ID: CVE-2023-54300)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ath9k_wmi_ctrl_rx() function in drivers/net/wireless/ath/ath9k/wmi.c. A local user can perform a denial of service (DoS) attack.
195) Improper locking (CVE-ID: CVE-2023-54302)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the irdma_wait_event() function in drivers/infiniband/hw/irdma/utils.c. A local user can perform a denial of service (DoS) attack.
196) Resource management error (CVE-ID: CVE-2023-54303)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the DEFINE_PER_CPU() and BPF_CALL_5() functions in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.
197) NULL pointer dereference (CVE-ID: CVE-2023-54304)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the meson_sm_probe() function in drivers/firmware/meson/meson_sm.c. A local user can perform a denial of service (DoS) attack.
198) Buffer overflow (CVE-ID: CVE-2023-54309)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the function in drivers/char/tpm/tpm_vtpm_proxy.c. A local user can escalate privileges on the system.
199) Buffer overflow (CVE-ID: CVE-2023-54312)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the bpf_basertt() function in samples/bpf/tcp_basertt_kern.c. A local user can escalate privileges on the system.
200) NULL pointer dereference (CVE-ID: CVE-2023-54313)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ovl_idmap_posix_acl() function in fs/overlayfs/inode.c. A local user can perform a denial of service (DoS) attack.
201) NULL pointer dereference (CVE-ID: CVE-2023-54314)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the af9005_i2c_xfer() function in drivers/media/usb/dvb-usb/af9005.c. A local user can perform a denial of service (DoS) attack.
202) NULL pointer dereference (CVE-ID: CVE-2023-54315)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pnv_pci_sriov_disable() function in arch/powerpc/platforms/powernv/pci-sriov.c. A local user can perform a denial of service (DoS) attack.
203) Improper locking (CVE-ID: CVE-2023-54316)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ref_scale_init() function in kernel/rcu/refscale.c. A local user can perform a denial of service (DoS) attack.
204) NULL pointer dereference (CVE-ID: CVE-2023-54318)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smcr_port_add() function in net/smc/smc_core.c. A local user can perform a denial of service (DoS) attack.
205) Memory leak (CVE-ID: CVE-2023-54319)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the atmel_pinctrl_probe() function in drivers/pinctrl/pinctrl-at91-pio4.c. A local user can perform a denial of service (DoS) attack.
206) Resource management error (CVE-ID: CVE-2023-54322)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the arch/arm64/include/asm/exception.h. A local user can perform a denial of service (DoS) attack.
207) Use-after-free (CVE-ID: CVE-2023-54324)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dm_table_create(), dm_get_device(), dm_set_device_limits() and dm_put_device() functions in drivers/md/dm-table.c. A local user can escalate privileges on the system.
208) Use-after-free (CVE-ID: CVE-2023-54326)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pci_endpoint_test_remove() function in drivers/misc/pci_endpoint_test.c. A local user can escalate privileges on the system.
209) Use-after-free (CVE-ID: CVE-2024-26944)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_load_block_group_zone_info(), bitmap_free() and do_zone_finish() functions in fs/btrfs/zoned.c. A local user can escalate privileges on the system.
210) Improper locking (CVE-ID: CVE-2025-38321)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the close_all_cached_dirs() function in fs/smb/client/cached_dir.c. A local user can perform a denial of service (DoS) attack.
211) Out-of-bounds read (CVE-ID: CVE-2025-38728)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sizeof() function in fs/smb/client/smb2ops.c. A local user can perform a denial of service (DoS) attack.
212) Use-after-free (CVE-ID: CVE-2025-39977)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the function in kernel/futex/requeue.c. A local user can escalate privileges on the system.
213) Improper locking (CVE-ID: CVE-2025-40006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the remove_inode_single_folio() function in fs/hugetlbfs/inode.c. A local user can perform a denial of service (DoS) attack.
214) Resource management error (CVE-ID: CVE-2025-40024)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vhost_task_stop() and vhost_task_create() functions in kernel/vhost_task.c. A local user can perform a denial of service (DoS) attack.
215) NULL pointer dereference (CVE-ID: CVE-2025-40033)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() and pru_rproc_set_ctable() functions in drivers/remoteproc/pru_rproc.c. A local user can perform a denial of service (DoS) attack.
216) NULL pointer dereference (CVE-ID: CVE-2025-40042)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the uprobe_dispatcher() and uretprobe_dispatcher() functions in kernel/trace/trace_uprobe.c. A local user can perform a denial of service (DoS) attack.
217) NULL pointer dereference (CVE-ID: CVE-2025-40053)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the function in drivers/net/ethernet/dlink/dl2k.c. A local user can perform a denial of service (DoS) attack.
218) Buffer overflow (CVE-ID: CVE-2025-40081)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the function in drivers/perf/arm_spe_pmu.c. A local user can escalate privileges on the system.
219) Improper error handling (CVE-ID: CVE-2025-40102)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the kvm_arch_vcpu_ioctl() function in arch/arm64/kvm/arm.c. A local user can perform a denial of service (DoS) attack.
220) NULL pointer dereference (CVE-ID: CVE-2025-40123)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __bpf_prog_map_compatible() function in kernel/bpf/core.c. A local user can perform a denial of service (DoS) attack.
221) NULL pointer dereference (CVE-ID: CVE-2025-40134)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __dm_suspend() function in drivers/md/dm.c. A local user can perform a denial of service (DoS) attack.
222) Use-after-free (CVE-ID: CVE-2025-40135)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_autoflowlabel() and ip6_xmit() functions in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.
223) Improper locking (CVE-ID: CVE-2025-40153)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hugetlb_change_protection() function in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.
224) Use-after-free (CVE-ID: CVE-2025-40158)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_finish_output2() and ip6_finish_output() functions in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.
225) Resource management error (CVE-ID: CVE-2025-40160)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bind_interdomain_evtchn_to_irq_lateeoi(), find_virq() and bind_virq_to_irq() functions in drivers/xen/events/events_base.c. A local user can perform a denial of service (DoS) attack.
226) Input validation error (CVE-ID: CVE-2025-40167)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __ext4_iget() function in fs/ext4/inode.c. A local user can perform a denial of service (DoS) attack.
227) Input validation error (CVE-ID: CVE-2025-40170)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sk_clone_lock(), sk_dst_gso_max_size() and sk_setup_caps() functions in net/core/sock.c. A local user can perform a denial of service (DoS) attack.
228) NULL pointer dereference (CVE-ID: CVE-2025-40178)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pid_nr_ns() function in kernel/pid.c. A local user can perform a denial of service (DoS) attack.
229) Resource management error (CVE-ID: CVE-2025-40179)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ext4_init_orphan_info() function in fs/ext4/orphan.c. A local user can perform a denial of service (DoS) attack.
230) NULL pointer dereference (CVE-ID: CVE-2025-40187)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sctp_sf_do_5_1D_ce() function in net/sctp/sm_statefuns.c. A local user can perform a denial of service (DoS) attack.
231) Integer underflow (CVE-ID: CVE-2025-40190)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the ext4_xattr_inode_update_ref() function in fs/ext4/xattr.c. A local user can execute arbitrary code.
232) Use-after-free (CVE-ID: CVE-2025-40211)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the acpi_video_bus_remove_notify_handler() function in drivers/acpi/acpi_video.c. A local user can escalate privileges on the system.
233) Out-of-bounds read (CVE-ID: CVE-2025-40213)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the set_mesh_complete() and set_mesh_sync() functions in net/bluetooth/mgmt.c. A local user can perform a denial of service (DoS) attack.
234) Improper locking (CVE-ID: CVE-2025-40215)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __xfrm_state_destroy(), __xfrm_state_delete(), xfrm_state_flush(), xfrm_flush_gc() and xfrm_state_fini() functions in net/xfrm/xfrm_state.c. A local user can perform a denial of service (DoS) attack.
235) Improper locking (CVE-ID: CVE-2025-40219)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sriov_add_vfs() and sriov_del_vfs() functions in drivers/pci/iov.c. A local user can perform a denial of service (DoS) attack.
236) Improper locking (CVE-ID: CVE-2025-40220)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fuse_file_release() function in fs/fuse/file.c. A local user can perform a denial of service (DoS) attack.
237) Use-after-free (CVE-ID: CVE-2025-40223)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the release_mdev() and hdm_disconnect() functions in drivers/most/most_usb.c. A local user can escalate privileges on the system.
238) NULL pointer dereference (CVE-ID: CVE-2025-40225)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the panthor_vm_op_ctx_prealloc_vmas() function in drivers/gpu/drm/panthor/panthor_mmu.c. A local user can perform a denial of service (DoS) attack.
239) Improper locking (CVE-ID: CVE-2025-40231)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vsock_assign_transport() function in net/vmw_vsock/af_vsock.c. A local user can perform a denial of service (DoS) attack.
240) Incorrect calculation (CVE-ID: CVE-2025-40233)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the __ocfs2_move_extents_range() function in fs/ocfs2/move_extents.c. A local user can perform a denial of service (DoS) attack.
241) NULL pointer dereference (CVE-ID: CVE-2025-40240)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sctp_inq_pop() function in net/sctp/inqueue.c. A local user can perform a denial of service (DoS) attack.
242) Improper locking (CVE-ID: CVE-2025-40242)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gdlm_put_lock() function in fs/gfs2/lock_dlm.c. A local user can perform a denial of service (DoS) attack.
243) Improper locking (CVE-ID: CVE-2025-40244)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hfs_find_init() and hfs_brec_find() functions in fs/hfsplus/bfind.c. A local user can perform a denial of service (DoS) attack.
244) Use-after-free (CVE-ID: CVE-2025-40248)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vsock_connect() function in net/vmw_vsock/af_vsock.c. A local user can escalate privileges on the system.
245) Input validation error (CVE-ID: CVE-2025-40250)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5_irq_alloc() function in drivers/net/ethernet/mellanox/mlx5/core/pci_irq.c. A local user can perform a denial of service (DoS) attack.
246) Memory leak (CVE-ID: CVE-2025-40251)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the devl_rate_nodes_destroy() function in net/devlink/rate.c. A local user can perform a denial of service (DoS) attack.
247) Out-of-bounds read (CVE-ID: CVE-2025-40252)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qede_tpa_cont() and qede_tpa_end() functions in drivers/net/ethernet/qlogic/qede/qede_fp.c. A local user can perform a denial of service (DoS) attack.
248) Memory leak (CVE-ID: CVE-2025-40256)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xfrm_state_free(), xfrm_state_gc_destroy() and __xfrm_state_destroy() functions in net/xfrm/xfrm_state.c. A local user can perform a denial of service (DoS) attack.
249) Use-after-free (CVE-ID: CVE-2025-40258)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mptcp_reset_rtx_timer() function in net/mptcp/protocol.c. A local user can escalate privileges on the system.
250) Buffer overflow (CVE-ID: CVE-2025-40262)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the imx_sc_key_probe() function in drivers/input/keyboard/imx_sc_key.c. A local user can escalate privileges on the system.
251) Improper locking (CVE-ID: CVE-2025-40263)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cros_ec_keyb_work() function in drivers/input/keyboard/cros_ec_keyb.c. A local user can perform a denial of service (DoS) attack.
252) Memory leak (CVE-ID: CVE-2025-40268)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smb3_fs_context_parse_param() function in fs/smb/client/fs_context.c. A local user can perform a denial of service (DoS) attack.
253) Input validation error (CVE-ID: CVE-2025-40269)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the snd_usb_endpoint_set_params() function in sound/usb/endpoint.c. A local user can perform a denial of service (DoS) attack.
254) Use-after-free (CVE-ID: CVE-2025-40271)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pde_put(), remove_proc_entry() and remove_proc_subtree() functions in fs/proc/generic.c. A local user can escalate privileges on the system.
255) Use-after-free (CVE-ID: CVE-2025-40272)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the secretmem_fault() function in mm/secretmem.c. A local user can escalate privileges on the system.
256) Improper locking (CVE-ID: CVE-2025-40273)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfs4_free_ol_stateid() function in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.
257) Use-after-free (CVE-ID: CVE-2025-40274)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kvm_gmem_bind() function in virt/kvm/guest_memfd.c. A local user can escalate privileges on the system.
258) NULL pointer dereference (CVE-ID: CVE-2025-40275)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_usb_mixer_controls_badd() function in sound/usb/mixer.c. A local user can perform a denial of service (DoS) attack.
259) Memory leak (CVE-ID: CVE-2025-40276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the panthor_gem_create_with_handle() function in drivers/gpu/drm/panthor/panthor_gem.c. A local user can perform a denial of service (DoS) attack.
260) Out-of-bounds read (CVE-ID: CVE-2025-40277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vmw_cmd_check() function in drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c. A local user can perform a denial of service (DoS) attack.
261) Memory leak (CVE-ID: CVE-2025-40278)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tcf_ife_dump() function in net/sched/act_ife.c. A local user can perform a denial of service (DoS) attack.
262) Memory leak (CVE-ID: CVE-2025-40279)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tcf_connmark_dump() function in net/sched/act_connmark.c. A local user can perform a denial of service (DoS) attack.
263) Use-after-free (CVE-ID: CVE-2025-40280)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tipc_net_finalize_work() function in net/tipc/net.c. A local user can escalate privileges on the system.
264) Improper error handling (CVE-ID: CVE-2025-40282)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the recv_pkt() function in net/bluetooth/6lowpan.c. A local user can perform a denial of service (DoS) attack.
265) Use-after-free (CVE-ID: CVE-2025-40283)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btusb_disconnect() function in drivers/bluetooth/btusb.c. A local user can escalate privileges on the system.
266) Use-after-free (CVE-ID: CVE-2025-40284)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mgmt_index_removed() function in net/bluetooth/mgmt.c. A local user can escalate privileges on the system.
267) Input validation error (CVE-ID: CVE-2025-40287)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the exfat_find() function in fs/exfat/namei.c. A local user can perform a denial of service (DoS) attack.
268) NULL pointer dereference (CVE-ID: CVE-2025-40288)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_virt_write_vf2pf_data() function in drivers/gpu/drm/amd/amdgpu/amdgpu_virt.c. A local user can perform a denial of service (DoS) attack.
269) Input validation error (CVE-ID: CVE-2025-40289)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the amdgpu_vram_attrs_is_visible() function in drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c. A local user can perform a denial of service (DoS) attack.
270) NULL pointer dereference (CVE-ID: CVE-2025-40292)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the page_to_skb() and receive_big() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
271) Division by zero (CVE-ID: CVE-2025-40293)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the function in drivers/vfio/iova_bitmap.c. A local user can perform a denial of service (DoS) attack.
272) Out-of-bounds read (CVE-ID: CVE-2025-40294)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the parse_adv_monitor_pattern() function in net/bluetooth/mgmt.c. A local user can perform a denial of service (DoS) attack.
273) Use-after-free (CVE-ID: CVE-2025-40297)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the net/bridge/br_private.h. A local user can escalate privileges on the system.
274) Input validation error (CVE-ID: CVE-2025-40301)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_cmd_complete_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
275) Buffer overflow (CVE-ID: CVE-2025-40302)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vb2_ioctl_remove_bufs() function in drivers/media/common/videobuf2/videobuf2-v4l2.c. A local user can perform a denial of service (DoS) attack.
276) Out-of-bounds read (CVE-ID: CVE-2025-40304)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bit_putcs() function in drivers/video/fbdev/core/bitblit.c. A local user can perform a denial of service (DoS) attack.
277) Memory leak (CVE-ID: CVE-2025-40306)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the convert_to_internal_xattr_flags() and orangefs_inode_getxattr() functions in fs/orangefs/xattr.c. A local user can perform a denial of service (DoS) attack.
278) Buffer overflow (CVE-ID: CVE-2025-40307)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the exfat_allocate_bitmap() function in fs/exfat/balloc.c. A local user can perform a denial of service (DoS) attack.
279) NULL pointer dereference (CVE-ID: CVE-2025-40308)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bcsp_recv() function in drivers/bluetooth/hci_bcsp.c. A local user can perform a denial of service (DoS) attack.
280) Use-after-free (CVE-ID: CVE-2025-40309)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sco_sock_kill() function in net/bluetooth/sco.c. A local user can escalate privileges on the system.
281) NULL pointer dereference (CVE-ID: CVE-2025-40310)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the kgd2kfd_interrupt() function in drivers/gpu/drm/amd/amdkfd/kfd_device.c. A local user can perform a denial of service (DoS) attack.
282) Input validation error (CVE-ID: CVE-2025-40311)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the gaudi2_mmap() function in drivers/accel/habanalabs/gaudi2/gaudi2.c. A local user can perform a denial of service (DoS) attack.
283) Input validation error (CVE-ID: CVE-2025-40312)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the jfs_iget() function in fs/jfs/inode.c. A local user can perform a denial of service (DoS) attack.
284) Use-after-free (CVE-ID: CVE-2025-40314)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __cdnsp_gadget_init() and cdnsp_gadget_exit() functions in drivers/usb/cdns3/cdnsp-gadget.c. A local user can escalate privileges on the system.
285) NULL pointer dereference (CVE-ID: CVE-2025-40315)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ffs_func_eps_enable() function in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.
286) Memory leak (CVE-ID: CVE-2025-40316)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mtk_drm_bind() function in drivers/gpu/drm/mediatek/mtk_drm_drv.c. A local user can perform a denial of service (DoS) attack.
287) Improper error handling (CVE-ID: CVE-2025-40317)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the __regmap_init_slimbus() and __devm_regmap_init_slimbus() functions in drivers/base/regmap/regmap-slimbus.c. A local user can perform a denial of service (DoS) attack.
288) Use-after-free (CVE-ID: CVE-2025-40318)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_cmd_sync_dequeue_once() function in net/bluetooth/hci_sync.c. A local user can escalate privileges on the system.
289) Use-after-free (CVE-ID: CVE-2025-40319)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ringbuf_map_alloc() function in kernel/bpf/ringbuf.c. A local user can escalate privileges on the system.
290) Use-after-free (CVE-ID: CVE-2025-40320)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_query_info_compound() function in fs/smb/client/smb2ops.c. A local user can escalate privileges on the system.
291) NULL pointer dereference (CVE-ID: CVE-2025-40321)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.h. A local user can perform a denial of service (DoS) attack.
292) Out-of-bounds read (CVE-ID: CVE-2025-40322)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bit_putcs_aligned() and bit_putcs_unaligned() functions in drivers/video/fbdev/core/bitblit.c. A local user can perform a denial of service (DoS) attack.
293) Use-after-free (CVE-ID: CVE-2025-40323)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the include/linux/fbcon.h. A local user can escalate privileges on the system.
294) Race condition (CVE-ID: CVE-2025-40324)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the nfsd4_read() function in fs/nfsd/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
295) Improper locking (CVE-ID: CVE-2025-40329)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drm_sched_entity_error() and drm_sched_entity_kill_jobs_cb() functions in drivers/gpu/drm/scheduler/sched_entity.c. A local user can perform a denial of service (DoS) attack.
296) Resource management error (CVE-ID: CVE-2025-40330)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bnxt_shutdown() function in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can perform a denial of service (DoS) attack.
297) Out-of-bounds read (CVE-ID: CVE-2025-40331)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the inet_diag_msg_sctpladdrs_fill() function in net/sctp/diag.c. A local user can perform a denial of service (DoS) attack.
298) Improper locking (CVE-ID: CVE-2025-40332)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the svm_range_restore_pages() function in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can perform a denial of service (DoS) attack.
299) Input validation error (CVE-ID: CVE-2025-40337)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the stmmac_rx() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.
300) Use-after-free (CVE-ID: CVE-2025-40338)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the avs_soc_component_register() function in sound/soc/intel/avs/pcm.c. A local user can escalate privileges on the system.
301) Input validation error (CVE-ID: CVE-2025-40339)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the amdgpu_amdkfd_gpuvm_restore_process_bos() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c. A local user can perform a denial of service (DoS) attack.
302) Improper locking (CVE-ID: CVE-2025-40340)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xe_gem_fault() function in drivers/gpu/drm/xe/xe_bo.c. A local user can perform a denial of service (DoS) attack.
303) Improper locking (CVE-ID: CVE-2025-40342)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_fc_create_association() function in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.
304) Improper locking (CVE-ID: CVE-2025-40343)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvmet_fc_delete_assoc_work() and nvmet_fc_delete_target_assoc() functions in drivers/nvme/target/fc.c. A local user can perform a denial of service (DoS) attack.
305) Out-of-bounds read (CVE-ID: CVE-2025-40345)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sddr55_write_data() function in drivers/usb/storage/sddr55.c. A local user can perform a denial of service (DoS) attack.
306) NULL pointer dereference (CVE-ID: CVE-2025-40346)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the topology_parse_cpu_capacity() function in drivers/base/arch_topology.c. A local user can perform a denial of service (DoS) attack.
307) Improper locking (CVE-ID: CVE-2025-40347)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the enetc_clean_rx_ring(), enetc_clean_rx_ring_xdp() and enetc_poll() functions in drivers/net/ethernet/freescale/enetc/enetc.c. A local user can perform a denial of service (DoS) attack.
308) Out-of-bounds read (CVE-ID: CVE-2025-40349)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fs/hfsplus/hfsplus_fs.h. A local user can perform a denial of service (DoS) attack.
309) Improper locking (CVE-ID: CVE-2025-40351)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hfsplus_iget() function in fs/hfsplus/super.c. A local user can perform a denial of service (DoS) attack.
310) NULL pointer dereference (CVE-ID: CVE-2025-40354)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/gpu/drm/amd/display/dc/inc/hw/hw_shared.h. A local user can perform a denial of service (DoS) attack.
311) Resource management error (CVE-ID: CVE-2025-40357)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the function in net/smc/smc_inet.c. A local user can perform a denial of service (DoS) attack.
312) Out-of-bounds read (CVE-ID: CVE-2025-40359)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __grt_latency_data() function in arch/x86/events/intel/ds.c. A local user can perform a denial of service (DoS) attack.
313) NULL pointer dereference (CVE-ID: CVE-2025-40360)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL() function in drivers/gpu/drm/drm_gem_atomic_helper.c. A local user can perform a denial of service (DoS) attack.
314) Improper locking (CVE-ID: CVE-2025-68168)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the txInit() function in fs/jfs/jfs_txnmgr.c. A local user can perform a denial of service (DoS) attack.
315) Buffer overflow (CVE-ID: CVE-2025-68170)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the radeon_driver_unload_kms() function in drivers/gpu/drm/radeon/radeon_kms.c. A local user can perform a denial of service (DoS) attack.
316) Double free (CVE-ID: CVE-2025-68172)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the aspeed_acry_probe() and aspeed_acry_remove() functions in drivers/crypto/aspeed/aspeed-acry.c. A local user can perform a denial of service (DoS) attack.
317) NULL pointer dereference (CVE-ID: CVE-2025-68176)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/pci/controller/cadence/pcie-cadence.h. A local user can perform a denial of service (DoS) attack.
318) NULL pointer dereference (CVE-ID: CVE-2025-68180)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the odm_combine_segments_show() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can perform a denial of service (DoS) attack.
319) Use-after-free (CVE-ID: CVE-2025-68181)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the radeon_pci_probe() function in drivers/gpu/drm/radeon/radeon_drv.c. A local user can escalate privileges on the system.
320) Buffer overflow (CVE-ID: CVE-2025-68183)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ima_protect_xattr(), ima_reset_appraise_flags(), ima_inode_setxattr() and ima_inode_set_acl() functions in security/integrity/ima/ima_appraise.c. A local user can perform a denial of service (DoS) attack.
321) Improper locking (CVE-ID: CVE-2025-68184)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mtk_plane_format_mod_supported() function in drivers/gpu/drm/mediatek/mtk_plane.c. A local user can perform a denial of service (DoS) attack.
322) Improper locking (CVE-ID: CVE-2025-68185)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfs4_setup_readdir() function in fs/nfs/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
323) NULL pointer dereference (CVE-ID: CVE-2025-68190)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_atom_execute_table_locked() function in drivers/gpu/drm/amd/amdgpu/atom.c. A local user can perform a denial of service (DoS) attack.
324) Input validation error (CVE-ID: CVE-2025-68192)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qmimux_rx_fixup() function in drivers/net/usb/qmi_wwan.c. A local user can perform a denial of service (DoS) attack.
325) Improper locking (CVE-ID: CVE-2025-68194)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the send_packet(), usb_rx_callback_intf0() and usb_rx_callback_intf1() functions in drivers/media/rc/imon.c. A local user can perform a denial of service (DoS) attack.
326) Input validation error (CVE-ID: CVE-2025-68195)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the init_amd_zen4() function in arch/x86/kernel/cpu/amd.c. A local user can perform a denial of service (DoS) attack.
327) NULL pointer dereference (CVE-ID: CVE-2025-68197)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/ethernet/broadcom/bnxt/bnxt.h. A local user can perform a denial of service (DoS) attack.
328) Input validation error (CVE-ID: CVE-2025-68201)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the gfx_v12_0_ring_emit_ib_gfx() function in drivers/gpu/drm/amd/amdgpu/gfx_v12_0.c. A local user can perform a denial of service (DoS) attack.
329) Memory leak (CVE-ID: CVE-2025-68204)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the scmi_pd_power_off() and scmi_pm_domain_probe() functions in drivers/firmware/arm_scmi/scmi_pm_domain.c. A local user can perform a denial of service (DoS) attack.
330) Resource management error (CVE-ID: CVE-2025-68206)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nft_ct_helper_obj_eval() function in net/netfilter/nft_ct.c. A local user can perform a denial of service (DoS) attack.
331) Input validation error (CVE-ID: CVE-2025-68207)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the guc_ct_fini() function in drivers/gpu/drm/xe/xe_guc_ct.c. A local user can perform a denial of service (DoS) attack.
332) Out-of-bounds read (CVE-ID: CVE-2025-68208)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the widen_imprecise_scalars() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
333) NULL pointer dereference (CVE-ID: CVE-2025-68209)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/mlx5/cq.h. A local user can perform a denial of service (DoS) attack.
334) Out-of-bounds read (CVE-ID: CVE-2025-68217)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the pegasus_probe() function in drivers/input/tablet/pegasus_notetaker.c. A local user can perform a denial of service (DoS) attack.
335) Improper locking (CVE-ID: CVE-2025-68218)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_mpath_set_live() function in drivers/nvme/host/multipath.c. A local user can perform a denial of service (DoS) attack.
336) Use of uninitialized resource (CVE-ID: CVE-2025-68222)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the s32_pinctrl_probe() function in drivers/pinctrl/nxp/pinctrl-s32cc.c. A local user can perform a denial of service (DoS) attack.
337) Improper locking (CVE-ID: CVE-2025-68223)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the radeon_fence_is_signaled() function in drivers/gpu/drm/radeon/radeon_fence.c. A local user can perform a denial of service (DoS) attack.
338) Out-of-bounds read (CVE-ID: CVE-2025-68230)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the gfx_v9_4_3_cp_resume() function in drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c. A local user can perform a denial of service (DoS) attack.
339) Memory leak (CVE-ID: CVE-2025-68233)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tegra_drm_ioctl_channel_open() function in drivers/gpu/drm/tegra/uapi.c. A local user can perform a denial of service (DoS) attack.
340) Memory leak (CVE-ID: CVE-2025-68235)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvkm_falcon_fw_dtor() function in drivers/gpu/drm/nouveau/nvkm/falcon/fw.c. A local user can perform a denial of service (DoS) attack.
341) Integer overflow (CVE-ID: CVE-2025-68237)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the mtdchar_write_ioctl() and mtdchar_read_ioctl() functions in drivers/mtd/mtdchar.c. A local user can execute arbitrary code.
342) NULL pointer dereference (CVE-ID: CVE-2025-68238)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cadence_nand_irq_cleanup() and cadence_nand_init() functions in drivers/mtd/nand/raw/cadence-nand-controller.c. A local user can perform a denial of service (DoS) attack.
343) Resource management error (CVE-ID: CVE-2025-68239)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bm_register_write() function in fs/binfmt_misc.c. A local user can perform a denial of service (DoS) attack.
344) Improper locking (CVE-ID: CVE-2025-68244)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the i915_vma_pin_ww() function in drivers/gpu/drm/i915/i915_vma.c. A local user can perform a denial of service (DoS) attack.
345) Use of uninitialized resource (CVE-ID: CVE-2025-68249)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the hdm_probe() function in drivers/most/most_usb.c. A local user can perform a denial of service (DoS) attack.
346) Memory leak (CVE-ID: CVE-2025-68252)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fastrpc_map_lookup() function in drivers/misc/fastrpc.c. A local user can perform a denial of service (DoS) attack.
347) Buffer overflow (CVE-ID: CVE-2025-68255)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the OnAssocReq() function in drivers/staging/rtl8723bs/core/rtw_mlme_ext.c. A local user can escalate privileges on the system.
348) NULL pointer dereference (CVE-ID: CVE-2025-68257)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the compat_chaninfo(), compat_rangeinfo(), compat_cmd(), compat_cmdtest(), compat_insnlist() and compat_insn() functions in drivers/comedi/comedi_fops.c. A local user can perform a denial of service (DoS) attack.
349) Improper locking (CVE-ID: CVE-2025-68258)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the multiq3_attach() function in drivers/comedi/drivers/multiq3.c. A local user can perform a denial of service (DoS) attack.
350) Resource management error (CVE-ID: CVE-2025-68259)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the is_vmware_backdoor_opcode() and x86_emulate_instruction() functions in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
351) Improper locking (CVE-ID: CVE-2025-68264)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_prepare_inline_data() function in fs/ext4/inline.c. A local user can perform a denial of service (DoS) attack.
352) NULL pointer dereference (CVE-ID: CVE-2025-68286)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_stream_get_scanoutpos() function in drivers/gpu/drm/amd/display/dc/core/dc_stream.c. A local user can perform a denial of service (DoS) attack.
353) Use-after-free (CVE-ID: CVE-2025-68287)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dwc3_gadget_giveback() function in drivers/usb/dwc3/gadget.c. A local user can escalate privileges on the system.
354) Memory leak (CVE-ID: CVE-2025-68289)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the eem_unwrap() function in drivers/usb/gadget/function/f_eem.c. A local user can perform a denial of service (DoS) attack.
355) Use-after-free (CVE-ID: CVE-2025-68290)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hdm_probe() function in drivers/most/most_usb.c. A local user can escalate privileges on the system.
356) NULL pointer dereference (CVE-ID: CVE-2025-68298)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btusb_mtk_claim_iso_intf() function in drivers/bluetooth/btusb.c. A local user can perform a denial of service (DoS) attack.
357) NULL pointer dereference (CVE-ID: CVE-2025-68302)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sxgbe_rx() function in drivers/net/ethernet/samsung/sxgbe/sxgbe_main.c. A local user can perform a denial of service (DoS) attack.
358) Buffer overflow (CVE-ID: CVE-2025-68303)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the intel_punit_ipc_probe() function in drivers/platform/x86/intel/punit_ipc.c. A local user can escalate privileges on the system.
359) Use-after-free (CVE-ID: CVE-2025-68305)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_sock_bind() function in net/bluetooth/hci_sock.c. A local user can escalate privileges on the system.
360) NULL pointer dereference (CVE-ID: CVE-2025-68306)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/net/bluetooth/hci_core.h. A local user can perform a denial of service (DoS) attack.
361) Improper locking (CVE-ID: CVE-2025-68307)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gs_usb_xmit_callback() function in drivers/net/can/usb/gs_usb.c. A local user can perform a denial of service (DoS) attack.
362) Buffer overflow (CVE-ID: CVE-2025-68308)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kvaser_usb_leaf_wait_cmd() and kvaser_usb_leaf_read_bulk_callback() functions in drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c. A local user can escalate privileges on the system.
363) Resource management error (CVE-ID: CVE-2025-68312)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the function in drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.
364) Input validation error (CVE-ID: CVE-2025-68313)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the init_amd_zen4() function in arch/x86/kernel/cpu/amd.c. A local user can perform a denial of service (DoS) attack.
365) Resource management error (CVE-ID: CVE-2025-68328)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the stratix10_svc_drv_probe() function in drivers/firmware/stratix10-svc.c. A local user can perform a denial of service (DoS) attack.
366) NULL pointer dereference (CVE-ID: CVE-2025-68330)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/iio/accel/bmc150-accel.h. A local user can perform a denial of service (DoS) attack.
367) Use-after-free (CVE-ID: CVE-2025-68331)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uas_queuecommand_lck() function in drivers/usb/storage/uas.c. A local user can escalate privileges on the system.
368) Resource management error (CVE-ID: CVE-2025-68332)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the c6xdigio_attach() function in drivers/comedi/drivers/c6xdigio.c. A local user can perform a denial of service (DoS) attack.
369) NULL pointer dereference (CVE-ID: CVE-2025-68335)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pcl818_detach() function in drivers/comedi/drivers/pcl818.c. A local user can perform a denial of service (DoS) attack.
370) Improper locking (CVE-ID: CVE-2025-68339)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fore200e_open() function in drivers/atm/fore200e.c. A local user can perform a denial of service (DoS) attack.
371) Resource management error (CVE-ID: CVE-2025-68340)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the team_port_add() function in drivers/net/team/team_core.c. A local user can perform a denial of service (DoS) attack.
372) NULL pointer dereference (CVE-ID: CVE-2025-68345)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cs35l41_hda_read_acpi() function in sound/hda/codecs/side-codecs/cs35l41_hda.c. A local user can perform a denial of service (DoS) attack.
373) Out-of-bounds read (CVE-ID: CVE-2025-68346)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the detect_stream_formats() function in sound/firewire/dice/dice-extension.c. A local user can perform a denial of service (DoS) attack.
374) Buffer overflow (CVE-ID: CVE-2025-68347)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the hwdep_read() function in sound/firewire/motu/motu-hwdep.c. A local user can escalate privileges on the system.
375) Memory leak (CVE-ID: CVE-2025-68351)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the exfat_find() function in fs/exfat/namei.c. A local user can perform a denial of service (DoS) attack.
376) Use-after-free (CVE-ID: CVE-2025-68354)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the regulator_supply_alias(), regulator_register_supply_alias() and regulator_unregister_supply_alias() functions in drivers/regulator/core.c. A local user can escalate privileges on the system.
377) Integer underflow (CVE-ID: CVE-2025-68362)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the rtl8187_rx_cb() function in drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c. A local user can execute arbitrary code.
378) Out-of-bounds read (CVE-ID: CVE-2025-68378)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __bpf_get_stackid() and BPF_CALL_3() functions in kernel/bpf/stackmap.c. A local user can perform a denial of service (DoS) attack.
379) Resource management error (CVE-ID: CVE-2025-68380)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ath11k_wmi_send_peer_assoc_cmd() function in drivers/net/wireless/ath/ath11k/wmi.c. A local user can perform a denial of service (DoS) attack.
380) Integer overflow (CVE-ID: CVE-2025-68724)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the asymmetric_key_generate_id() function in crypto/asymmetric_keys/asymmetric_type.c. A local user can execute arbitrary code.
381) Improper locking (CVE-ID: CVE-2025-68732)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the syncpt_release() and host1x_syncpt_put() functions in drivers/gpu/host1x/syncpt.c. A local user can perform a denial of service (DoS) attack.
382) Memory leak (CVE-ID: CVE-2025-68734)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the setup_instance() and hfcsusb_probe() functions in drivers/isdn/hardware/mISDN/hfcsusb.c. A local user can perform a denial of service (DoS) attack.
383) Improper error handling (CVE-ID: CVE-2025-68740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ima_match_rules() function in security/integrity/ima/ima_policy.c. A local user can perform a denial of service (DoS) attack.
384) Resource management error (CVE-ID: CVE-2025-68742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bpf_prog_inc_misses_counter() function in kernel/bpf/syscall.c. A local user can perform a denial of service (DoS) attack.
385) Use-after-free (CVE-ID: CVE-2025-68744)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the free_htab_elem() function in kernel/bpf/hashtab.c. A local user can escalate privileges on the system.
386) Improper error handling (CVE-ID: CVE-2025-68746)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the tegra_qspi_handle_error(), tegra_qspi_combined_seq_xfer(), tegra_qspi_non_combined_seq_xfer(), handle_cpu_based_xfer() and tegra_qspi_isr_thread() functions in drivers/spi/spi-tegra210-quad.c. A local user can perform a denial of service (DoS) attack.
387) Use-after-free (CVE-ID: CVE-2025-68747)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the panthor_gem_free_object() function in drivers/gpu/drm/panthor/panthor_gem.c. A local user can escalate privileges on the system.
388) Use-after-free (CVE-ID: CVE-2025-68749)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ivpu_gem_bo_free() function in drivers/accel/ivpu/ivpu_gem.c. A local user can escalate privileges on the system.
389) Integer overflow (CVE-ID: CVE-2025-68750)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the usbg_make_tpg() function in drivers/usb/gadget/function/f_tcm.c. A local user can execute arbitrary code.
390) Buffer overflow (CVE-ID: CVE-2025-68753)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the hwdep_read() function in sound/firewire/motu/motu-hwdep.c. A local user can escalate privileges on the system.
391) Improper locking (CVE-ID: CVE-2025-68757)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vgem_fence_create() function in drivers/gpu/drm/vgem/vgem_fence.c. A local user can perform a denial of service (DoS) attack.
392) NULL pointer dereference (CVE-ID: CVE-2025-68758)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the led_bl_probe() function in drivers/video/backlight/led_bl.c. A local user can perform a denial of service (DoS) attack.
393) Memory leak (CVE-ID: CVE-2025-68759)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rtl8180_init_rx_ring() and rtl8180_start() functions in drivers/net/wireless/realtek/rtl818x/rtl8180/dev.c. A local user can perform a denial of service (DoS) attack.
394) Memory leak (CVE-ID: CVE-2025-68765)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mt7615_mcu_wtbl_sta_add() function in drivers/net/wireless/mediatek/mt76/mt7615/mcu.c. A local user can perform a denial of service (DoS) attack.
395) Out-of-bounds read (CVE-ID: CVE-2025-68766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mchp_eic_domain_alloc() function in drivers/irqchip/irq-mchp-eic.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.