SB2026012871 - SUSE update for the Linux Kernel
Published: January 28, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 392 secuirty vulnerabilities.
1) Memory leak (CVE-ID: CVE-2022-0854)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due memory leak in the Linux kernel’s DMA subsystem when processing DMA_FROM_DEVICE calls. A local user can trigger a memory leak error and read random memory from the kernel space.
2) Memory leak (CVE-ID: CVE-2022-48853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the Documentation/DMA-attributes.txt, include/linux/dma-mapping.h, lib/swiotlb.c. A local user can perform a denial of service (DoS) attack.
3) Improper error handling (CVE-ID: CVE-2022-50614)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the pci_endpoint_test_msi_irq() function in drivers/misc/pci_endpoint_test.c. A local user can perform a denial of service (DoS) attack.
4) Memory leak (CVE-ID: CVE-2022-50615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the snr_uncore_mmio_map() function in arch/x86/events/intel/uncore_snbep.c. A local user can perform a denial of service (DoS) attack.
5) Memory leak (CVE-ID: CVE-2022-50617)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the psm_init_power_state_table() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/pp_psm.c. A local user can perform a denial of service (DoS) attack.
6) Memory leak (CVE-ID: CVE-2022-50618)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the meson_mmc_probe() function in drivers/mmc/host/meson-gx-mmc.c. A local user can perform a denial of service (DoS) attack.
7) Memory leak (CVE-ID: CVE-2022-50619)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kfd_mem_dmamap_userptr() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c. A local user can perform a denial of service (DoS) attack.
8) Resource management error (CVE-ID: CVE-2022-50621)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to improper management of internal resources within the drivers/md/dm-verity.h. A local user can corrupt data.
9) Memory leak (CVE-ID: CVE-2022-50622)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_fc_record_modified_inode() function in fs/ext4/fast_commit.c. A local user can perform a denial of service (DoS) attack.
10) Integer overflow (CVE-ID: CVE-2022-50623)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the dfl_feature_ioctl_set_irq() function in drivers/fpga/dfl.c. A local user can execute arbitrary code.
11) Improper error handling (CVE-ID: CVE-2022-50625)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the pl011_dma_rx_callback() function in drivers/tty/serial/amba-pl011.c. A local user can perform a denial of service (DoS) attack.
12) Memory leak (CVE-ID: CVE-2022-50626)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dvb_usb_adapter_init() function in drivers/media/usb/dvb-usb/dvb-usb-init.c. A local user can perform a denial of service (DoS) attack.
13) Memory leak (CVE-ID: CVE-2022-50629)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rsi_coex_attach() function in drivers/net/wireless/rsi/rsi_91x_coex.c. A local user can perform a denial of service (DoS) attack.
14) Use-after-free (CVE-ID: CVE-2022-50630)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hugetlb_handle_userfault(), hugetlb_no_page() and hugetlb_fault() functions in mm/hugetlb.c. A local user can escalate privileges on the system.
15) Memory leak (CVE-ID: CVE-2022-50633)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dwc3_qcom_interconnect_init() function in drivers/usb/dwc3/dwc3-qcom.c. A local user can perform a denial of service (DoS) attack.
16) NULL pointer dereference (CVE-ID: CVE-2022-50635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arch_prepare_kprobe() function in arch/powerpc/kernel/kprobes.c. A local user can perform a denial of service (DoS) attack.
17) Improper locking (CVE-ID: CVE-2022-50636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pci_device_is_present() function in drivers/pci/pci.c. A local user can perform a denial of service (DoS) attack.
18) Improper error handling (CVE-ID: CVE-2022-50638)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the swap_inode_boot_loader() function in fs/ext4/ioctl.c. A local user can perform a denial of service (DoS) attack.
19) Buffer overflow (CVE-ID: CVE-2022-50640)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the sdio_release_func() function in drivers/mmc/core/sdio_bus.c. A local user can escalate privileges on the system.
20) Memory leak (CVE-ID: CVE-2022-50641)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ssi_probe() function in drivers/hsi/controllers/omap_ssi_core.c. A local user can perform a denial of service (DoS) attack.
21) Memory leak (CVE-ID: CVE-2022-50643)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_copy_file_range() function in fs/cifs/cifsfs.c. A local user can perform a denial of service (DoS) attack.
22) Memory leak (CVE-ID: CVE-2022-50644)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the of_dra7_atl_clk_probe() function in drivers/clk/ti/clk-dra7-atl.c. A local user can perform a denial of service (DoS) attack.
23) Memory leak (CVE-ID: CVE-2022-50646)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hpsa_init_one() function in drivers/scsi/hpsa.c. A local user can perform a denial of service (DoS) attack.
24) Out-of-bounds read (CVE-ID: CVE-2022-50649)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the adp5061_get_chg_type() function in drivers/power/supply/adp5061.c. A local user can perform a denial of service (DoS) attack.
25) Improper locking (CVE-ID: CVE-2022-50652)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the uio_dmem_genirq_irqcontrol() function in drivers/uio/uio_dmem_genirq.c. A local user can perform a denial of service (DoS) attack.
26) Memory leak (CVE-ID: CVE-2022-50653)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the atmci_init_slot() function in drivers/mmc/host/atmel-mci.c. A local user can perform a denial of service (DoS) attack.
27) Out-of-bounds read (CVE-ID: CVE-2022-50656)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the pn533_poll_dep_complete() and pn533_in_dep_link_up_complete() functions in drivers/nfc/pn533/pn533.c. A local user can perform a denial of service (DoS) attack.
28) Memory leak (CVE-ID: CVE-2022-50658)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_cpufreq_krait_name_version() function in drivers/cpufreq/qcom-cpufreq-nvmem.c. A local user can perform a denial of service (DoS) attack.
29) Memory leak (CVE-ID: CVE-2022-50660)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ipw_wdev_init() function in drivers/net/wireless/intel/ipw2x00/ipw2200.c. A local user can perform a denial of service (DoS) attack.
30) Memory leak (CVE-ID: CVE-2022-50661)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the put_task_stack() and copy_process() functions in kernel/fork.c. A local user can perform a denial of service (DoS) attack.
31) Memory leak (CVE-ID: CVE-2022-50662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hns_roce_alloc_mr() function in drivers/infiniband/hw/hns/hns_roce_mr.c. A local user can perform a denial of service (DoS) attack.
32) Memory leak (CVE-ID: CVE-2022-50664)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm3510_download_firmware() function in drivers/media/dvb-frontends/bcm3510.c. A local user can perform a denial of service (DoS) attack.
33) Improper locking (CVE-ID: CVE-2022-50665)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ath11k_dp_rx_process_mon_status() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can perform a denial of service (DoS) attack.
34) Use-after-free (CVE-ID: CVE-2022-50666)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the siw_create_qp() and siw_destroy_qp() functions in drivers/infiniband/sw/siw/siw_verbs.c. A local user can escalate privileges on the system.
35) Memory leak (CVE-ID: CVE-2022-50667)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vmw_mksstat_add_ioctl() function in drivers/gpu/drm/vmwgfx/vmwgfx_msg.c. A local user can perform a denial of service (DoS) attack.
36) Improper locking (CVE-ID: CVE-2022-50668)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/linux/mbcache.h. A local user can perform a denial of service (DoS) attack.
37) Memory leak (CVE-ID: CVE-2022-50669)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ocxl_file_register_afu() function in drivers/misc/ocxl/file.c. A local user can perform a denial of service (DoS) attack.
38) Memory leak (CVE-ID: CVE-2022-50670)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the omap_hsmmc_probe() function in drivers/mmc/host/omap_hsmmc.c. A local user can perform a denial of service (DoS) attack.
39) NULL pointer dereference (CVE-ID: CVE-2022-50671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rxe_qp_destroy() function in drivers/infiniband/sw/rxe/rxe_qp.c. A local user can perform a denial of service (DoS) attack.
40) Memory leak (CVE-ID: CVE-2022-50672)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the zynqmp_ipi_mbox_probe() and zynqmp_ipi_free_mboxes() functions in drivers/mailbox/zynqmp-ipi-mailbox.c. A local user can perform a denial of service (DoS) attack.
41) Use-after-free (CVE-ID: CVE-2022-50673)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_truncate() function in fs/ext4/inode.c. A local user can escalate privileges on the system.
42) Input validation error (CVE-ID: CVE-2022-50675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mte_restore_tags() function in arch/arm64/mm/mteswap.c. A local user can perform a denial of service (DoS) attack.
43) Use-after-free (CVE-ID: CVE-2022-50677)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the _ipmi_destroy_user() function in drivers/char/ipmi/ipmi_msghandler.c. A local user can escalate privileges on the system.
44) Use-after-free (CVE-ID: CVE-2022-50678)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcmf_pno_set_random() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/pno.c. A local user can escalate privileges on the system.
45) Memory leak (CVE-ID: CVE-2022-50679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/net/ethernet/intel/i40e/i40e_xsk.h. A local user can perform a denial of service (DoS) attack.
46) Improper error handling (CVE-ID: CVE-2022-50698)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the da7219_register_dai_clks() function in sound/soc/codecs/da7219.c. A local user can perform a denial of service (DoS) attack.
47) Improper locking (CVE-ID: CVE-2022-50699)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the security/selinux/ss/sidtab.h. A local user can perform a denial of service (DoS) attack.
48) Reachable assertion (CVE-ID: CVE-2022-50700)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the drivers/net/wireless/ath/ath10k/hw.h. A local user can perform a denial of service (DoS) attack.
49) Out-of-bounds read (CVE-ID: CVE-2022-50701)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mt76s_tx_run_queue() function in drivers/net/wireless/mediatek/mt76/sdio_txrx.c. A local user can perform a denial of service (DoS) attack.
50) Memory leak (CVE-ID: CVE-2022-50702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vdpasim_net_init() function in drivers/vdpa/vdpa_sim/vdpa_sim_net.c. A local user can perform a denial of service (DoS) attack.
51) Memory leak (CVE-ID: CVE-2022-50703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_smsm_probe() function in drivers/soc/qcom/smsm.c. A local user can perform a denial of service (DoS) attack.
52) Use-after-free (CVE-ID: CVE-2022-50704)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the usb_gadget_disconnect() function in drivers/usb/gadget/udc/core.c. A local user can escalate privileges on the system.
53) Improper locking (CVE-ID: CVE-2022-50705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kiocb_end_write(), io_fixup_rw_res() and io_complete_rw() functions in io_uring/rw.c. A local user can perform a denial of service (DoS) attack.
54) Use of uninitialized resource (CVE-ID: CVE-2022-50709)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ath9k_htc_txcompletion_cb() and ath9k_htc_rx_msg() functions in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
55) NULL pointer dereference (CVE-ID: CVE-2022-50710)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_set_ringparam() function in drivers/net/ethernet/intel/ice/ice_ethtool.c. A local user can perform a denial of service (DoS) attack.
56) Improper locking (CVE-ID: CVE-2022-50712)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the devl_region_destroy() function in net/core/devlink.c. A local user can perform a denial of service (DoS) attack.
57) Input validation error (CVE-ID: CVE-2022-50714)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mt7921_pci_probe() function in drivers/net/wireless/mediatek/mt76/mt7921/pci.c. A local user can perform a denial of service (DoS) attack.
58) NULL pointer dereference (CVE-ID: CVE-2022-50715)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the raid1_run() function in drivers/md/raid1.c. A local user can perform a denial of service (DoS) attack.
59) Use-after-free (CVE-ID: CVE-2022-50716)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ar5523_cmd_tx_cb() and ar5523_cmd() functions in drivers/net/wireless/ath/ar5523/ar5523.c. A local user can escalate privileges on the system.
60) Out-of-bounds read (CVE-ID: CVE-2022-50717)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nvmet_tcp_handle_h2c_data_pdu() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.
61) Memory leak (CVE-ID: CVE-2022-50718)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_device_resume_display_audio() and amdgpu_device_suspend_display_audio() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
62) Buffer overflow (CVE-ID: CVE-2022-50719)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the line6_midi_transmit() function in sound/usb/line6/midi.c. A local user can escalate privileges on the system.
63) NULL pointer dereference (CVE-ID: CVE-2022-50722)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the imgu_subdev_get_selection() function in drivers/staging/media/ipu3/ipu3-v4l2.c. A local user can perform a denial of service (DoS) attack.
64) Memory leak (CVE-ID: CVE-2022-50723)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bnxt_dl_reload_up() and bnxt_nvm_test() functions in drivers/net/ethernet/broadcom/bnxt/bnxt_devlink.c. A local user can perform a denial of service (DoS) attack.
65) Memory leak (CVE-ID: CVE-2022-50724)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the regulator_register() function in drivers/regulator/core.c. A local user can perform a denial of service (DoS) attack.
66) Use-after-free (CVE-ID: CVE-2022-50726)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the include/linux/mlx5/driver.h. A local user can escalate privileges on the system.
67) Memory leak (CVE-ID: CVE-2022-50727)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the efct_device_init() function in drivers/scsi/elx/efct/efct_driver.c. A local user can perform a denial of service (DoS) attack.
68) Improper Initialization (CVE-ID: CVE-2022-50728)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the lcs_txbuffer_cb() and __lcs_start_xmit() functions in drivers/s390/net/lcs.c. A local user can perform a denial of service (DoS) attack.
69) Use-after-free (CVE-ID: CVE-2022-50730)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_evict_inode() function in fs/ext4/inode.c. A local user can escalate privileges on the system.
70) NULL pointer dereference (CVE-ID: CVE-2022-50731)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the akcipher_default_op() and crypto_register_akcipher() functions in crypto/akcipher.c. A local user can perform a denial of service (DoS) attack.
71) Use-after-free (CVE-ID: CVE-2022-50732)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ieee80211_rx() function in drivers/staging/rtl8192u/ieee80211/ieee80211_rx.c. A local user can escalate privileges on the system.
72) Use of uninitialized resource (CVE-ID: CVE-2022-50733)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the idmouse_create_image() function in drivers/usb/misc/idmouse.c. A local user can perform a denial of service (DoS) attack.
73) NULL pointer dereference (CVE-ID: CVE-2022-50735)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mt76u_status_worker() function in drivers/net/wireless/mediatek/mt76/usb.c. A local user can perform a denial of service (DoS) attack.
74) Out-of-bounds read (CVE-ID: CVE-2022-50736)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the siw_copy_inline_sgl() function in drivers/infiniband/sw/siw/siw_verbs.c. A local user can perform a denial of service (DoS) attack.
75) Memory leak (CVE-ID: CVE-2022-50738)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the DEFINE_IDA(), vhost_vdpa_remove_as() and vhost_vdpa_cleanup() functions in drivers/vhost/vdpa.c. A local user can perform a denial of service (DoS) attack.
76) Memory leak (CVE-ID: CVE-2022-50740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath9k_hif_usb_dealloc_tx_urbs() function in drivers/net/wireless/ath/ath9k/hif_usb.c. A local user can perform a denial of service (DoS) attack.
77) Memory leak (CVE-ID: CVE-2022-50742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the afu_ioctl() function in drivers/misc/ocxl/file.c. A local user can perform a denial of service (DoS) attack.
78) Improper locking (CVE-ID: CVE-2022-50744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_rx_monitor_report() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.
79) Use-after-free (CVE-ID: CVE-2022-50745)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tegra_csi_channel_alloc() and tegra_csi_channels_cleanup() functions in drivers/staging/media/tegra-video/csi.c. A local user can escalate privileges on the system.
80) Out-of-bounds read (CVE-ID: CVE-2022-50747)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hfs_asc2mac() function in fs/hfs/trans.c. A local user can perform a denial of service (DoS) attack.
81) Integer overflow (CVE-ID: CVE-2022-50749)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the encode_comp_t() function in kernel/acct.c. A local user can execute arbitrary code.
82) Memory leak (CVE-ID: CVE-2022-50750)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the st7701_dsi_probe() function in drivers/gpu/drm/panel/panel-sitronix-st7701.c. A local user can perform a denial of service (DoS) attack.
83) Memory leak (CVE-ID: CVE-2022-50751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the configfs_create_dir() and configfs_create_link() functions in fs/configfs/dir.c. A local user can perform a denial of service (DoS) attack.
84) Improper locking (CVE-ID: CVE-2022-50752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the raid5_read_one_chunk() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.
85) Memory leak (CVE-ID: CVE-2022-50754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the multi_transaction_new() function in security/apparmor/apparmorfs.c. A local user can perform a denial of service (DoS) attack.
86) Improper locking (CVE-ID: CVE-2022-50755)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the udf_rename() function in fs/udf/namei.c. A local user can perform a denial of service (DoS) attack.
87) Buffer overflow (CVE-ID: CVE-2022-50756)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nvme_dbbuf_update_and_check_event() function in drivers/nvme/host/pci.c. A local user can escalate privileges on the system.
88) Input validation error (CVE-ID: CVE-2022-50757)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the video_start_streaming() function in drivers/media/platform/qcom/camss/camss-video.c. A local user can perform a denial of service (DoS) attack.
89) Memory leak (CVE-ID: CVE-2022-50758)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the device_init_td0_ring() function in drivers/staging/vt6655/device_main.c. A local user can perform a denial of service (DoS) attack.
90) Memory leak (CVE-ID: CVE-2022-50760)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_atrm_get_bios() function in drivers/gpu/drm/amd/amdgpu/amdgpu_bios.c. A local user can perform a denial of service (DoS) attack.
91) Memory leak (CVE-ID: CVE-2022-50761)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xen_init_lock_cpu() and xen_uninit_lock_cpu() functions in arch/x86/xen/spinlock.c. A local user can perform a denial of service (DoS) attack.
92) Integer overflow (CVE-ID: CVE-2022-50763)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the process_tar_file() and ucode_load() functions in drivers/crypto/marvell/octeontx/otx_cptpf_ucode.c. A local user can execute arbitrary code.
93) Use-after-free (CVE-ID: CVE-2022-50767)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ufx_free(), ufx_release_urb_work(), ufx_free_framebuffer_work(), ufx_ops_release(), ufx_usb_probe() and ufx_usb_disconnect() functions in drivers/video/fbdev/smscufx.c. A local user can escalate privileges on the system.
94) Incorrect calculation (CVE-ID: CVE-2022-50768)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the pqi_get_physical_device_info(), pqi_keep_device_offline(), pqi_get_device_info(), pqi_remove_device(), pqi_scsi_update_device() and pqi_slave_destroy() functions in drivers/scsi/smartpqi/smartpqi_init.c. A local user can perform a denial of service (DoS) attack.
95) Memory leak (CVE-ID: CVE-2022-50769)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mxcmci_probe() function in drivers/mmc/host/mxcmmc.c. A local user can perform a denial of service (DoS) attack.
96) Memory leak (CVE-ID: CVE-2022-50770)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ocfs2_fill_super() and ocfs2_mount_volume() functions in fs/ocfs2/super.c. A local user can perform a denial of service (DoS) attack.
97) NULL pointer dereference (CVE-ID: CVE-2022-50773)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_mts64_interrupt() function in sound/drivers/mts64.c. A local user can perform a denial of service (DoS) attack.
98) Use-after-free (CVE-ID: CVE-2022-50774)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qat_alg_free_bufl() and qat_alg_sgl_to_bufl() functions in drivers/crypto/qat/qat_common/qat_algs.c. A local user can escalate privileges on the system.
99) Memory leak (CVE-ID: CVE-2022-50776)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the st_of_quadfs_setup() function in drivers/clk/st/clkgen-fsyn.c. A local user can perform a denial of service (DoS) attack.
100) Memory leak (CVE-ID: CVE-2022-50777)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xgmiitorgmii_probe() function in drivers/net/phy/xilinx_gmii2rgmii.c. A local user can perform a denial of service (DoS) attack.
101) Memory leak (CVE-ID: CVE-2022-50779)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the orangefs_kernel_debug_init() and orangefs_prepare_debugfs_help_string() functions in fs/orangefs/orangefs-debugfs.c. A local user can perform a denial of service (DoS) attack.
102) Out-of-bounds read (CVE-ID: CVE-2022-50781)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vega20_odn_edit_dpm_table() function in drivers/gpu/drm/amd/powerplay/hwmgr/vega20_hwmgr.c. A local user can perform a denial of service (DoS) attack.
103) Improper error handling (CVE-ID: CVE-2022-50782)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the vfs_setup_quota_inode() function in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
104) Memory leak (CVE-ID: CVE-2022-50809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xhci_alloc_dbc() function in drivers/usb/host/xhci-dbgcap.c. A local user can perform a denial of service (DoS) attack.
105) Out-of-bounds read (CVE-ID: CVE-2022-50814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sgl_sge_nr_set() function in drivers/crypto/hisilicon/zip/zip_crypto.c. A local user can perform a denial of service (DoS) attack.
106) Improper locking (CVE-ID: CVE-2022-50818)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pm8001_mpi_task_abort_resp() function in drivers/scsi/pm8001/pm8001_hwi.c. A local user can perform a denial of service (DoS) attack.
107) NULL pointer dereference (CVE-ID: CVE-2022-50819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the begin_cpu_udmabuf() function in drivers/dma-buf/udmabuf.c. A local user can perform a denial of service (DoS) attack.
108) Memory leak (CVE-ID: CVE-2022-50821)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gss_read_proxy_verf() function in net/sunrpc/auth_gss/svcauth_gss.c. A local user can perform a denial of service (DoS) attack.
109) Memory leak (CVE-ID: CVE-2022-50822)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rdma_restrack_del() function in drivers/infiniband/core/restrack.c. A local user can perform a denial of service (DoS) attack.
110) Memory leak (CVE-ID: CVE-2022-50823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tegra114_clock_init() function in drivers/clk/tegra/clk-tegra114.c. A local user can perform a denial of service (DoS) attack.
111) Memory leak (CVE-ID: CVE-2022-50824)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the check_acpi_tpm2() function in drivers/char/tpm/tpm_tis.c. A local user can perform a denial of service (DoS) attack.
112) NULL pointer dereference (CVE-ID: CVE-2022-50826)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the imgu_subdev_set_fmt(), imgu_subdev_get_selection() and imgu_subdev_set_selection() functions in drivers/staging/media/ipu3/ipu3-v4l2.c. A local user can perform a denial of service (DoS) attack.
113) Memory leak (CVE-ID: CVE-2022-50827)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_create_port() function in drivers/scsi/lpfc/lpfc_init.c. A local user can perform a denial of service (DoS) attack.
114) Use-after-free (CVE-ID: CVE-2022-50828)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zynqmp_get_clock_info() function in drivers/clk/zynqmp/clkc.c. A local user can escalate privileges on the system.
115) Memory leak (CVE-ID: CVE-2022-50829)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath9k_hif_usb_reg_in_cb() function in drivers/net/wireless/ath/ath9k/hif_usb.c. A local user can perform a denial of service (DoS) attack.
116) Memory leak (CVE-ID: CVE-2022-50830)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hd44780_probe() function in drivers/auxdisplay/hd44780.c. A local user can perform a denial of service (DoS) attack.
117) Memory leak (CVE-ID: CVE-2022-50832)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wilc_mac_xmit() function in drivers/net/wireless/microchip/wilc1000/netdev.c. A local user can perform a denial of service (DoS) attack.
118) Improper locking (CVE-ID: CVE-2022-50833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the handle_cmd_cnt_and_timer() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
119) Memory leak (CVE-ID: CVE-2022-50834)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfc_genl_se_io() and nfc_genl_vendor_cmd() functions in net/nfc/netlink.c. A local user can perform a denial of service (DoS) attack.
120) Memory leak (CVE-ID: CVE-2022-50835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fc_do_one_pass() function in fs/jbd2/recovery.c. A local user can perform a denial of service (DoS) attack.
121) Memory leak (CVE-ID: CVE-2022-50836)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_add_sysmon_subdev() function in drivers/remoteproc/qcom_sysmon.c. A local user can perform a denial of service (DoS) attack.
122) Memory leak (CVE-ID: CVE-2022-50838)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sk_stream_kill_queues() function in net/core/stream.c. A local user can perform a denial of service (DoS) attack.
123) Memory leak (CVE-ID: CVE-2022-50839)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the jbd2_fc_wait_bufs() function in fs/jbd2/journal.c. A local user can perform a denial of service (DoS) attack.
124) Use-after-free (CVE-ID: CVE-2022-50840)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snic_tgt_create() function in drivers/scsi/snic/snic_disc.c. A local user can escalate privileges on the system.
125) NULL pointer dereference (CVE-ID: CVE-2022-50842)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the virtio_gpu_cmd_transfer_to_host_2d() function in drivers/gpu/drm/virtio/virtgpu_vq.c. A local user can perform a denial of service (DoS) attack.
126) Use-after-free (CVE-ID: CVE-2022-50843)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the clone_dtr() function in drivers/md/dm-clone-target.c. A local user can escalate privileges on the system.
127) Improper Initialization (CVE-ID: CVE-2022-50844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the pp_set_fine_grain_clk_vol() function in drivers/gpu/drm/amd/pm/powerplay/amd_powerplay.c. A local user can perform a denial of service (DoS) attack.
128) Memory leak (CVE-ID: CVE-2022-50845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_xattr_inode_create() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
129) Memory leak (CVE-ID: CVE-2022-50846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the via_sd_probe() function in drivers/mmc/host/via-sdmmc.c. A local user can perform a denial of service (DoS) attack.
130) NULL pointer dereference (CVE-ID: CVE-2022-50847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the it6505_bridge_attach() and it6505_i2c_probe() functions in drivers/gpu/drm/bridge/ite-it6505.c. A local user can perform a denial of service (DoS) attack.
131) Memory leak (CVE-ID: CVE-2022-50848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dio_init() function in drivers/dio/dio.c. A local user can perform a denial of service (DoS) attack.
132) Improper error handling (CVE-ID: CVE-2022-50849)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the persistent_ram_vmap() function in fs/pstore/ram_core.c. A local user can perform a denial of service (DoS) attack.
133) Improper locking (CVE-ID: CVE-2022-50850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the function in drivers/scsi/ipr.c. A local user can perform a denial of service (DoS) attack.
134) Improper locking (CVE-ID: CVE-2022-50851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DEFINE_IDA(), vhost_vdpa_remove_as(), vhost_vdpa_unlocked_ioctl(), vhost_vdpa_pa_unmap(), vhost_vdpa_va_unmap() and vhost_vdpa_unmap() functions in drivers/vhost/vdpa.c. A local user can perform a denial of service (DoS) attack.
135) Memory leak (CVE-ID: CVE-2022-50853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the _nfs4_discover_trunking() function in fs/nfs/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
136) Memory leak (CVE-ID: CVE-2022-50856)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_ses_add_channel() function in fs/cifs/sess.c. A local user can perform a denial of service (DoS) attack.
137) Memory leak (CVE-ID: CVE-2022-50858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the alcor_pci_sdmmc_drv_probe() function in drivers/mmc/host/alcor.c. A local user can perform a denial of service (DoS) attack.
138) Memory leak (CVE-ID: CVE-2022-50859)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smb3_validate_negotiate() function in fs/cifs/smb2pdu.c. A local user can perform a denial of service (DoS) attack.
139) Memory leak (CVE-ID: CVE-2022-50860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the alloc_ns() function in security/apparmor/policy_ns.c. A local user can perform a denial of service (DoS) attack.
140) Memory leak (CVE-ID: CVE-2022-50861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfsaclsvc_encode_getaclres() function in fs/nfsd/nfs2acl.c. A local user can perform a denial of service (DoS) attack.
141) Resource management error (CVE-ID: CVE-2022-50862)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the btf_func_proto_check() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
142) Out-of-bounds read (CVE-ID: CVE-2022-50864)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nilfs_store_log_cursor(), load_nilfs() and init_nilfs() functions in fs/nilfs2/the_nilfs.c. A local user can perform a denial of service (DoS) attack.
143) NULL pointer dereference (CVE-ID: CVE-2022-50866)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the filter() function in sound/soc/pxa/mmp-pcm.c. A local user can perform a denial of service (DoS) attack.
144) Memory leak (CVE-ID: CVE-2022-50867)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the adreno_gpu_ascii85_encode() function in drivers/gpu/drm/msm/adreno/adreno_gpu.c. A local user can perform a denial of service (DoS) attack.
145) Memory leak (CVE-ID: CVE-2022-50868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mod_init() and mod_exit() functions in drivers/char/hw_random/amd-rng.c. A local user can perform a denial of service (DoS) attack.
146) Improper locking (CVE-ID: CVE-2022-50870)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtas_halt(), rtas_os_term() and rtas_initialize() functions in arch/powerpc/kernel/rtas.c. A local user can perform a denial of service (DoS) attack.
147) Memory leak (CVE-ID: CVE-2022-50872)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the realtime_counter_init() function in arch/arm/mach-omap2/timer.c. A local user can perform a denial of service (DoS) attack.
148) Race condition (CVE-ID: CVE-2022-50873)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the vp_vdpa_remove() function in drivers/vdpa/virtio_pci/vp_vdpa.c. A local user can perform a denial of service (DoS) attack.
149) Out-of-bounds read (CVE-ID: CVE-2022-50876)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rxstate() function in drivers/usb/musb/musb_gadget.c. A local user can perform a denial of service (DoS) attack.
150) NULL pointer dereference (CVE-ID: CVE-2022-50878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lt9611_connector_init() function in drivers/gpu/drm/bridge/lontium-lt9611.c. A local user can perform a denial of service (DoS) attack.
151) Use-after-free (CVE-ID: CVE-2022-50880)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath10k_peer_delete(), ath10k_peer_cleanup() and ath10k_sta_state() functions in drivers/net/wireless/ath/ath10k/mac.c. A local user can escalate privileges on the system.
152) Use-after-free (CVE-ID: CVE-2022-50881)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath9k_htc_disconnect_device() function in drivers/net/wireless/ath/ath9k/htc_drv_init.c. A local user can escalate privileges on the system.
153) Memory leak (CVE-ID: CVE-2022-50882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the uvc_gpio_parse() function in drivers/media/usb/uvc/uvc_driver.c. A local user can perform a denial of service (DoS) attack.
154) Input validation error (CVE-ID: CVE-2022-50883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the btf_func_proto_check() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
155) NULL pointer dereference (CVE-ID: CVE-2022-50884)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drm_copy_field() function in drivers/gpu/drm/drm_ioctl.c. A local user can perform a denial of service (DoS) attack.
156) NULL pointer dereference (CVE-ID: CVE-2022-50885)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rxe_qp_do_cleanup() function in drivers/infiniband/sw/rxe/rxe_qp.c. A local user can perform a denial of service (DoS) attack.
157) Memory leak (CVE-ID: CVE-2022-50886)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the toshsd_probe() function in drivers/mmc/host/toshsd.c. A local user can perform a denial of service (DoS) attack.
158) Memory leak (CVE-ID: CVE-2022-50887)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the regulator_dev_lookup() function in drivers/regulator/core.c. A local user can perform a denial of service (DoS) attack.
159) NULL pointer dereference (CVE-ID: CVE-2022-50888)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the q6v5_wcss_init_mmio() function in drivers/remoteproc/qcom_q6v5_wcss.c. A local user can perform a denial of service (DoS) attack.
160) Use-after-free (CVE-ID: CVE-2022-50889)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dm_integrity_dtr() function in drivers/md/dm-integrity.c. A local user can escalate privileges on the system.
161) Integer overflow (CVE-ID: CVE-2023-23559)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the rndis_query_oid() function in drivers/net/wireless/rndis_wlan.c. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
162) Out-of-bounds read (CVE-ID: CVE-2023-53254)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cache_shared_cpu_map_setup() and cache_shared_cpu_map_remove() functions in drivers/base/cacheinfo.c. A local user can perform a denial of service (DoS) attack.
163) Memory leak (CVE-ID: CVE-2023-53743)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci_register_host_bridge() function in drivers/pci/probe.c. A local user can perform a denial of service (DoS) attack.
164) Memory leak (CVE-ID: CVE-2023-53744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the am33xx_pm_probe() function in drivers/soc/ti/pm33xx.c. A local user can perform a denial of service (DoS) attack.
165) Memory leak (CVE-ID: CVE-2023-53746)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vfio_ap_queue_dev_remove() function in drivers/s390/crypto/vfio_ap_drv.c. A local user can perform a denial of service (DoS) attack.
166) Use-after-free (CVE-ID: CVE-2023-53747)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vcs_write() function in drivers/tty/vt/vc_screen.c. A local user can escalate privileges on the system.
167) Use-after-free (CVE-ID: CVE-2023-53751)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cifs_chan_is_iface_active() and cifs_try_adding_channels() functions in fs/cifs/sess.c. A local user can escalate privileges on the system.
168) Out-of-bounds read (CVE-ID: CVE-2023-53753)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/display/dc/gpio/ddc_regs.h. A local user can perform a denial of service (DoS) attack.
169) Memory leak (CVE-ID: CVE-2023-53754)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_sli4_pci_mem_setup() function in drivers/scsi/lpfc/lpfc_init.c. A local user can perform a denial of service (DoS) attack.
170) NULL pointer dereference (CVE-ID: CVE-2023-53755)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pt_issue_pending() function in drivers/dma/ptdma/ptdma-dmaengine.c. A local user can perform a denial of service (DoS) attack.
171) Resource management error (CVE-ID: CVE-2023-53761)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the usbtmc_ioctl_request() function in drivers/usb/class/usbtmc.c. A local user can perform a denial of service (DoS) attack.
172) NULL pointer dereference (CVE-ID: CVE-2023-53766)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the txBegin() function in fs/jfs/jfs_txnmgr.c. A local user can perform a denial of service (DoS) attack.
173) Memory leak (CVE-ID: CVE-2023-53769)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dec_payload(), verify_and_dec_payload() and handle_guest_request() functions in drivers/virt/coco/sev-guest/sev-guest.c. A local user can perform a denial of service (DoS) attack.
174) Integer underflow (CVE-ID: CVE-2023-53780)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the dcn32_calculate_wm_and_dlg_fpu() function in drivers/gpu/drm/amd/display/dc/dml/dcn32/dcn32_fpu.c. A local user can execute arbitrary code.
175) Use-after-free (CVE-ID: CVE-2023-53781)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __smc_create() function in net/smc/af_smc.c. A local user can escalate privileges on the system.
176) Division by zero (CVE-ID: CVE-2023-53783)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the calc_lcoefs() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.
177) NULL pointer dereference (CVE-ID: CVE-2023-53786)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the parse_features() function in drivers/md/dm-flakey.c. A local user can perform a denial of service (DoS) attack.
178) Out-of-bounds read (CVE-ID: CVE-2023-53788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tuning_ctl_set() function in sound/pci/hda/patch_ca0132.c. A local user can perform a denial of service (DoS) attack.
179) Memory leak (CVE-ID: CVE-2023-53792)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvme_ctrl_dhchap_ctrl_secret_store() function in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
180) Use-after-free (CVE-ID: CVE-2023-53794)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_reconnect_server() function in fs/smb/client/smb2pdu.c. A local user can escalate privileges on the system.
181) Memory leak (CVE-ID: CVE-2023-53801)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sprd_iommu_domain_alloc() and sprd_iommu_hw_en() functions in drivers/iommu/sprd-iommu.c. A local user can perform a denial of service (DoS) attack.
182) Memory leak (CVE-ID: CVE-2023-53802)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath9k_htc_fw_panic_report() and ath9k_htc_rx_msg() functions in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
183) Out-of-bounds read (CVE-ID: CVE-2023-53803)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ses_enclosure_data_process() function in drivers/scsi/ses.c. A local user can perform a denial of service (DoS) attack.
184) Use-after-free (CVE-ID: CVE-2023-53804)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_evict_inode() function in fs/nilfs2/inode.c. A local user can escalate privileges on the system.
185) Input validation error (CVE-ID: CVE-2023-53806)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dc_dmub_setup_subvp_dmub_command() function in drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c. A local user can perform a denial of service (DoS) attack.
186) Memory leak (CVE-ID: CVE-2023-53808)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mwifiex_histogram_read() function in drivers/net/wireless/marvell/mwifiex/debugfs.c. A local user can perform a denial of service (DoS) attack.
187) Improper locking (CVE-ID: CVE-2023-53811)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the irdma_save_msix_info() function in drivers/infiniband/hw/irdma/hw.c. A local user can perform a denial of service (DoS) attack.
188) Memory leak (CVE-ID: CVE-2023-53814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci_register_host_bridge() function in drivers/pci/probe.c. A local user can perform a denial of service (DoS) attack.
189) Use-after-free (CVE-ID: CVE-2023-53816)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kfd_ioctl_map_memory_to_gpu() and kfd_ioctl_unmap_memory_from_gpu() functions in drivers/gpu/drm/amd/amdkfd/kfd_chardev.c. A local user can escalate privileges on the system.
190) Memory leak (CVE-ID: CVE-2023-53818)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the zynq_early_slcr_init() function in arch/arm/mach-zynq/slcr.c. A local user can perform a denial of service (DoS) attack.
191) Out-of-bounds read (CVE-ID: CVE-2023-53819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_vm_bo_map() and amdgpu_vm_bo_replace_map() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can perform a denial of service (DoS) attack.
192) Infinite loop (CVE-ID: CVE-2023-53820)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the loop_set_status_from_info() function in drivers/block/loop.c. A local user can perform a denial of service (DoS) attack.
193) Use-after-free (CVE-ID: CVE-2023-53827)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_disconnect_req() and l2cap_disconnect_rsp() functions in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
194) Use-after-free (CVE-ID: CVE-2023-53828)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_add_adv_monitor() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
195) Memory leak (CVE-ID: CVE-2023-53830)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the current_value_show() function in drivers/platform/x86/think-lmi.c. A local user can perform a denial of service (DoS) attack.
196) NULL pointer dereference (CVE-ID: CVE-2023-53832)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the raid10_sync_request() function in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
197) NULL pointer dereference (CVE-ID: CVE-2023-53833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the intel_prepare_plane_fb() function in drivers/gpu/drm/i915/display/intel_atomic_plane.c. A local user can perform a denial of service (DoS) attack.
198) NULL pointer dereference (CVE-ID: CVE-2023-53834)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ina2xx_probe() function in drivers/iio/adc/ina2xx-adc.c. A local user can perform a denial of service (DoS) attack.
199) NULL pointer dereference (CVE-ID: CVE-2023-53837)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_drm_uninit() function in drivers/gpu/drm/msm/msm_drv.c. A local user can perform a denial of service (DoS) attack.
200) Out-of-bounds read (CVE-ID: CVE-2023-53840)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the xdbc_bulk_write() function in drivers/usb/early/xhci-dbc.c. A local user can perform a denial of service (DoS) attack.
201) Memory leak (CVE-ID: CVE-2023-53842)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wcd_mbhc_init() and EXPORT_SYMBOL() functions in sound/soc/codecs/wcd-mbhc-v2.c. A local user can perform a denial of service (DoS) attack.
202) Memory leak (CVE-ID: CVE-2023-53844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ttm_bo_swapout() function in drivers/gpu/drm/ttm/ttm_bo.c. A local user can perform a denial of service (DoS) attack.
203) Improper locking (CVE-ID: CVE-2023-53845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_bmap_lookup_at_level() function in fs/nilfs2/bmap.c. A local user can perform a denial of service (DoS) attack.
204) Use of uninitialized resource (CVE-ID: CVE-2023-53847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the alauda_get_media_status() and alauda_init_media() functions in drivers/usb/storage/alauda.c. A local user can perform a denial of service (DoS) attack.
205) NULL pointer dereference (CVE-ID: CVE-2023-53848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the r5l_exit_log() function in drivers/md/raid5-cache.c. A local user can perform a denial of service (DoS) attack.
206) Memory leak (CVE-ID: CVE-2023-53849)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the msm_drm_init() function in drivers/gpu/drm/msm/msm_drv.c. A local user can perform a denial of service (DoS) attack.
207) Memory leak (CVE-ID: CVE-2023-53850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iavf_free_rss() and iavf_reset_task() functions in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.
208) Memory leak (CVE-ID: CVE-2023-53852)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvme_ctrl_dhchap_secret_store() function in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
209) Memory leak (CVE-ID: CVE-2023-53858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the s3c24xx_serial_getclk() function in drivers/tty/serial/samsung_tty.c. A local user can perform a denial of service (DoS) attack.
210) Improper locking (CVE-ID: CVE-2023-53860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dm_put_live_table_fast() and dm_submit_bio() functions in drivers/md/dm.c. A local user can perform a denial of service (DoS) attack.
211) Improper error handling (CVE-ID: CVE-2023-53862)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the __hfs_bnode_create() function in fs/hfs/bnode.c. A local user can perform a denial of service (DoS) attack.
212) NULL pointer dereference (CVE-ID: CVE-2023-53864)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mxsfb_plane_overlay_atomic_update() function in drivers/gpu/drm/mxsfb/mxsfb_kms.c. A local user can perform a denial of service (DoS) attack.
213) Reachable assertion (CVE-ID: CVE-2023-53866)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the soc_compr_open_fe(), soc_compr_free_fe() and soc_compr_set_params_fe() functions in sound/soc/soc-compress.c. A local user can perform a denial of service (DoS) attack.
214) Input validation error (CVE-ID: CVE-2023-53989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pgd_pgtable_alloc() and create_pgd_mapping() functions in arch/arm64/mm/mmu.c. A local user can perform a denial of service (DoS) attack.
215) Improper locking (CVE-ID: CVE-2023-53990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cifs_close_deferred_file(), cifs_close_all_deferred_files() and cifs_close_deferred_file_under_dentry() functions in fs/cifs/misc.c. A local user can perform a denial of service (DoS) attack.
216) NULL pointer dereference (CVE-ID: CVE-2023-53991)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpu_rm_get_assigned_resources() function in drivers/gpu/drm/msm/disp/dpu1/dpu_rm.c. A local user can perform a denial of service (DoS) attack.
217) Incorrect calculation (CVE-ID: CVE-2023-53996)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the amd_enc_cache_flush_required(), amd_enc_status_change_finish(), early_set_memory_enc_dec() and early_set_memory_encrypted() functions in arch/x86/mm/mem_encrypt_amd.c. A local user can perform a denial of service (DoS) attack.
218) Race condition (CVE-ID: CVE-2023-53998)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the request_entropy() and virtio_read() functions in drivers/char/hw_random/virtio-rng.c. A local user can escalate privileges on the system.
219) Memory leak (CVE-ID: CVE-2023-54001)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the r8712_xmit_resource_alloc() function in drivers/staging/rtl8712/xmit_linux.c. A local user can perform a denial of service (DoS) attack.
220) Memory leak (CVE-ID: CVE-2023-54003)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the _rdma_create_ah() function in drivers/infiniband/core/verbs.c. A local user can perform a denial of service (DoS) attack.
221) NULL pointer dereference (CVE-ID: CVE-2023-54007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vmci_host_close() function in drivers/misc/vmw_vmci/vmci_host.c. A local user can perform a denial of service (DoS) attack.
222) Memory leak (CVE-ID: CVE-2023-54009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cdns_i2c_master_xfer() function in drivers/i2c/busses/i2c-cadence.c. A local user can perform a denial of service (DoS) attack.
223) NULL pointer dereference (CVE-ID: CVE-2023-54010)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the acpi_db_display_objects() function in drivers/acpi/acpica/dbnames.c. A local user can perform a denial of service (DoS) attack.
224) NULL pointer dereference (CVE-ID: CVE-2023-54014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla2x00_process_els() function in drivers/scsi/qla2xxx/qla_bsg.c. A local user can perform a denial of service (DoS) attack.
225) Use-after-free (CVE-ID: CVE-2023-54015)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlx5_devcom_register_device() function in drivers/net/ethernet/mellanox/mlx5/core/lib/devcom.c. A local user can escalate privileges on the system.
226) Memory leak (CVE-ID: CVE-2023-54017)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ibmebus_bus_init() function in arch/powerpc/platforms/pseries/ibmebus.c. A local user can perform a denial of service (DoS) attack.
227) NULL pointer dereference (CVE-ID: CVE-2023-54018)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_hdmi_init() function in drivers/gpu/drm/msm/hdmi/hdmi.c. A local user can perform a denial of service (DoS) attack.
228) Use-after-free (CVE-ID: CVE-2023-54019)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the update_triggers(), psi_show(), psi_trigger_create(), psi_trigger_destroy(), psi_trigger_poll() and psi_write() functions in kernel/sched/psi.c. A local user can escalate privileges on the system.
229) Memory leak (CVE-ID: CVE-2023-54020)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/dma/sf-pdma/sf-pdma.h. A local user can perform a denial of service (DoS) attack.
230) Integer underflow (CVE-ID: CVE-2023-54021)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the ext4_mb_normalize_request() function in fs/ext4/mballoc.c. A local user can execute arbitrary code.
231) Memory leak (CVE-ID: CVE-2023-54024)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kvm_vm_ioctl_unregister_coalesced_mmio() function in virt/kvm/coalesced_mmio.c. A local user can perform a denial of service (DoS) attack.
232) Resource management error (CVE-ID: CVE-2023-54025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rsi_shutdown() function in drivers/net/wireless/rsi/rsi_91x_sdio.c. A local user can perform a denial of service (DoS) attack.
233) Use-after-free (CVE-ID: CVE-2023-54026)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the _allocate_opp_table() function in drivers/opp/core.c. A local user can escalate privileges on the system.
234) Improper locking (CVE-ID: CVE-2023-54028)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rxe_qp_do_cleanup() function in drivers/infiniband/sw/rxe/rxe_qp.c. A local user can perform a denial of service (DoS) attack.
235) Memory leak (CVE-ID: CVE-2023-54036)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rtl8xxxu_c2hcmd_callback() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c. A local user can perform a denial of service (DoS) attack.
236) Out-of-bounds read (CVE-ID: CVE-2023-54039)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the j1939_tp_tx_dat_new() function in net/can/j1939/transport.c. A local user can perform a denial of service (DoS) attack.
237) Memory leak (CVE-ID: CVE-2023-54040)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ice_vc_add_fdir_fltr() function in drivers/net/ethernet/intel/ice/ice_virtchnl_fdir.c. A local user can perform a denial of service (DoS) attack.
238) Memory leak (CVE-ID: CVE-2023-54041)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __io_remove_buffers() function in io_uring/kbuf.c. A local user can perform a denial of service (DoS) attack.
239) Use-after-free (CVE-ID: CVE-2023-54042)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vas_deallocate_window() function in arch/powerpc/platforms/pseries/vas.c. A local user can escalate privileges on the system.
240) NULL pointer dereference (CVE-ID: CVE-2023-54044)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the spmi_drv_remove() function in drivers/spmi/spmi.c. A local user can perform a denial of service (DoS) attack.
241) Improper locking (CVE-ID: CVE-2023-54045)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __audit_inode_child() function in kernel/auditsc.c. A local user can perform a denial of service (DoS) attack.
242) Use-after-free (CVE-ID: CVE-2023-54046)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the essiv_aead_done() and essiv_aead_crypt() functions in crypto/essiv.c. A local user can escalate privileges on the system.
243) Use-after-free (CVE-ID: CVE-2023-54047)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dw_hdmi_rockchip_unbind() function in drivers/gpu/drm/rockchip/dw_hdmi-rockchip.c. A local user can escalate privileges on the system.
244) Double free (CVE-ID: CVE-2023-54048)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the drivers/infiniband/hw/bnxt_re/qplib_fp.h. A local user can perform a denial of service (DoS) attack.
245) NULL pointer dereference (CVE-ID: CVE-2023-54049)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qcom_glink_alloc_channel() function in drivers/rpmsg/qcom_glink_native.c. A local user can perform a denial of service (DoS) attack.
246) Memory leak (CVE-ID: CVE-2023-54050)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the copy_znode(), add_idx_dirt() and dirty_cow_znode() functions in fs/ubifs/tnc.c. A local user can perform a denial of service (DoS) attack.
247) NULL pointer dereference (CVE-ID: CVE-2023-54051)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/virtio_net.h. A local user can perform a denial of service (DoS) attack.
248) NULL pointer dereference (CVE-ID: CVE-2023-54053)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iwl_pci_remove() function in drivers/net/wireless/intel/iwlwifi/pcie/drv.c. A local user can perform a denial of service (DoS) attack.
249) Memory leak (CVE-ID: CVE-2023-54055)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the irdma_create_hmc_objs() function in drivers/infiniband/hw/irdma/hw.c. A local user can perform a denial of service (DoS) attack.
250) Buffer overflow (CVE-ID: CVE-2023-54057)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the parse_ivrs_hpet() and parse_ivrs_acpihid() functions in drivers/iommu/amd/init.c. A local user can perform a denial of service (DoS) attack.
251) NULL pointer dereference (CVE-ID: CVE-2023-54058)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ffa_device_remove() function in drivers/firmware/arm_ffa/bus.c. A local user can perform a denial of service (DoS) attack.
252) Memory leak (CVE-ID: CVE-2023-54064)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ssif_info_find() function in drivers/char/ipmi/ipmi_ssif.c. A local user can perform a denial of service (DoS) attack.
253) Resource management error (CVE-ID: CVE-2023-54070)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the igb_enable_sriov() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
254) Input validation error (CVE-ID: CVE-2023-54072)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the do_free_pages() function in sound/core/pcm_memory.c. A local user can perform a denial of service (DoS) attack.
255) Improper locking (CVE-ID: CVE-2023-54074)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_invalidate_encap() function in drivers/net/ethernet/mellanox/mlx5/core/en/tc_tun_encap.c. A local user can perform a denial of service (DoS) attack.
256) Use-after-free (CVE-ID: CVE-2023-54076)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_find_smb_ses_unlocked() function in fs/smb/client/smb2transport.c. A local user can escalate privileges on the system.
257) Memory leak (CVE-ID: CVE-2023-54078)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the max9286_v4l2_register() function in drivers/media/i2c/max9286.c. A local user can perform a denial of service (DoS) attack.
258) Resource management error (CVE-ID: CVE-2023-54079)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/linux/power/bq27xxx_battery.h. A local user can perform a denial of service (DoS) attack.
259) Use-after-free (CVE-ID: CVE-2023-54083)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tegra_xusb_port_unregister() function in drivers/phy/tegra/xusb.c. A local user can escalate privileges on the system.
260) Use-after-free (CVE-ID: CVE-2023-54084)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_dg00x_stream_init_duplex() function in sound/firewire/digi00x/digi00x-stream.c. A local user can escalate privileges on the system.
261) Out-of-bounds read (CVE-ID: CVE-2023-54090)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ixgbe_sw_init() and ixgbe_xdp_setup() functions in drivers/net/ethernet/intel/ixgbe/ixgbe_main.c. A local user can perform a denial of service (DoS) attack.
262) Memory leak (CVE-ID: CVE-2023-54091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drm_client_target_cloned() function in drivers/gpu/drm/drm_client_modeset.c. A local user can perform a denial of service (DoS) attack.
263) Input validation error (CVE-ID: CVE-2023-54092)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the s390_replace_asce() function in arch/s390/mm/gmap.c. A local user can perform a denial of service (DoS) attack.
264) Out-of-bounds read (CVE-ID: CVE-2023-54095)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fail_iommu_bus_notify() function in arch/powerpc/kernel/iommu.c. A local user can perform a denial of service (DoS) attack.
265) Improper locking (CVE-ID: CVE-2023-54096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sdw_modify_slave_status() and sdw_handle_slave_status() functions in drivers/soundwire/bus.c. A local user can perform a denial of service (DoS) attack.
266) Memory leak (CVE-ID: CVE-2023-54097)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the function in drivers/regulator/stm32-pwr.c. A local user can perform a denial of service (DoS) attack.
267) NULL pointer dereference (CVE-ID: CVE-2023-54098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the intel_gvt_debugfs_init() function in drivers/gpu/drm/i915/gvt/debugfs.c. A local user can perform a denial of service (DoS) attack.
268) Use-after-free (CVE-ID: CVE-2023-54100)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __qedi_remove() function in drivers/scsi/qedi/qedi_main.c. A local user can escalate privileges on the system.
269) Memory leak (CVE-ID: CVE-2023-54102)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_debugfs_lockstat_write() function in drivers/scsi/lpfc/lpfc_debugfs.c. A local user can perform a denial of service (DoS) attack.
270) Out-of-bounds read (CVE-ID: CVE-2023-54104)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fun_exec_op() function in drivers/mtd/nand/raw/fsl_upm.c. A local user can perform a denial of service (DoS) attack.
271) Memory leak (CVE-ID: CVE-2023-54106)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5e_init_rep_rx() function in drivers/net/ethernet/mellanox/mlx5/core/en_rep.c. A local user can perform a denial of service (DoS) attack.
272) Use-after-free (CVE-ID: CVE-2023-54107)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the blkg_free_workfn() and __blkg_release() functions in block/blk-cgroup.c. A local user can escalate privileges on the system.
273) Resource management error (CVE-ID: CVE-2023-54108)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qla_nvme_release_fcp_cmd_kref(), qla_nvme_release_ls_cmd_kref() and qla_nvme_ls_req() functions in drivers/scsi/qla2xxx/qla_nvme.c. A local user can perform a denial of service (DoS) attack.
274) Memory leak (CVE-ID: CVE-2023-54110)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rndis_query() function in drivers/net/usb/rndis_host.c. A local user can perform a denial of service (DoS) attack.
275) Memory leak (CVE-ID: CVE-2023-54111)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rockchip_pinctrl_parse_groups() function in drivers/pinctrl/pinctrl-rockchip.c. A local user can perform a denial of service (DoS) attack.
276) Improper locking (CVE-ID: CVE-2023-54114)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nsh_gso_segment() function in net/nsh/nsh.c. A local user can perform a denial of service (DoS) attack.
277) Memory leak (CVE-ID: CVE-2023-54115)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nonstatic_release_resource_db() function in drivers/pcmcia/rsrc_nonstatic.c. A local user can perform a denial of service (DoS) attack.
278) Memory leak (CVE-ID: CVE-2023-54116)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drm_fb_helper_damage() function in drivers/gpu/drm/drm_fb_helper.c. A local user can perform a denial of service (DoS) attack.
279) Improper error handling (CVE-ID: CVE-2023-54118)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the sc16is7xx_probe() function in drivers/tty/serial/sc16is7xx.c. A local user can perform a denial of service (DoS) attack.
280) Input validation error (CVE-ID: CVE-2023-54119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the inotify_handle_inode_event() function in fs/notify/inotify/inotify_fsnotify.c. A local user can perform a denial of service (DoS) attack.
281) Use-after-free (CVE-ID: CVE-2023-54120)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hidp_set_timer() function in net/bluetooth/hidp/core.c. A local user can escalate privileges on the system.
282) NULL pointer dereference (CVE-ID: CVE-2023-54122)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpu_crtc_reset() function in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c. A local user can perform a denial of service (DoS) attack.
283) Memory leak (CVE-ID: CVE-2023-54123)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the setup_geo(), setup_conf() and raid10_run() functions in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
284) Improper locking (CVE-ID: CVE-2023-54126)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the safexcel_probe_generic() function in drivers/crypto/inside-secure/safexcel.c. A local user can perform a denial of service (DoS) attack.
285) Double free (CVE-ID: CVE-2023-54127)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the dbUnmount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
286) Improper locking (CVE-ID: CVE-2023-54128)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the do_mount_setattr() function in fs/namespace.c. A local user can perform a denial of service (DoS) attack.
287) Memory leak (CVE-ID: CVE-2023-54130)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hfs_write_inode() function in fs/hfs/inode.c. A local user can perform a denial of service (DoS) attack.
288) Memory leak (CVE-ID: CVE-2023-54131)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rt2x00lib_remove_hw() function in drivers/net/wireless/ralink/rt2x00/rt2x00dev.c. A local user can perform a denial of service (DoS) attack.
289) Resource management error (CVE-ID: CVE-2023-54132)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the legacy_load_cluster_from_disk() function in fs/erofs/zmap.c. A local user can perform a denial of service (DoS) attack.
290) Memory leak (CVE-ID: CVE-2023-54134)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the autofs4_catatonic_mode() function in fs/autofs4/waitq.c. A local user can perform a denial of service (DoS) attack.
291) Memory leak (CVE-ID: CVE-2023-54136)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sprd_rx_free_buf() and sprd_probe() functions in drivers/tty/serial/sprd_serial.c. A local user can perform a denial of service (DoS) attack.
292) NULL pointer dereference (CVE-ID: CVE-2023-54138)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_drm_uninit() function in drivers/gpu/drm/msm/msm_drv.c. A local user can perform a denial of service (DoS) attack.
293) Buffer overflow (CVE-ID: CVE-2023-54140)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nilfs_load_inode_block() function in fs/nilfs2/inode.c. A local user can perform a denial of service (DoS) attack.
294) Improper locking (CVE-ID: CVE-2023-54144)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kfd_build_sysfs_node_entry() function in drivers/gpu/drm/amd/amdkfd/kfd_topology.c. A local user can perform a denial of service (DoS) attack.
295) Memory leak (CVE-ID: CVE-2023-54146)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the crash_load_segments() function in arch/x86/kernel/crash.c. A local user can perform a denial of service (DoS) attack.
296) Use-after-free (CVE-ID: CVE-2023-54148)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlx5e_init_rep_tx(), mlx5e_cleanup_rep_tx(), uplink_rep_async_event(), mlx5e_uplink_rep_enable() and mlx5e_uplink_rep_disable() functions in drivers/net/ethernet/mellanox/mlx5/core/en_rep.c. A local user can escalate privileges on the system.
297) Out-of-bounds read (CVE-ID: CVE-2023-54150)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_gpio_i2c_info() function in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
298) Memory leak (CVE-ID: CVE-2023-54153)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __ext4_fill_super() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
299) NULL pointer dereference (CVE-ID: CVE-2023-54156)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efx_ef10_fini_nic() and efx_ef10_update_stats_pf() functions in drivers/net/ethernet/sfc/ef10.c. A local user can perform a denial of service (DoS) attack.
300) Improper locking (CVE-ID: CVE-2023-54159)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the advance_enq_gpd(), qmu_done_tx() and qmu_done_rx() functions in drivers/usb/mtu3/mtu3_qmu.c. A local user can perform a denial of service (DoS) attack.
301) NULL pointer dereference (CVE-ID: CVE-2023-54164)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iso_conn_add(), iso_connect_bis(), iso_connect_cis(), iso_sock_sendmsg() and iso_sock_recvmsg() functions in net/bluetooth/iso.c. A local user can perform a denial of service (DoS) attack.
302) Out-of-bounds read (CVE-ID: CVE-2023-54166)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the igc_clean_all_tx_rings(), igc_down() and igc_enable_rx_ring() functions in drivers/net/ethernet/intel/igc/igc_main.c. A local user can perform a denial of service (DoS) attack.
303) Buffer overflow (CVE-ID: CVE-2023-54168)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the set_user_sq_size() function in drivers/infiniband/hw/mlx4/qp.c. A local user can perform a denial of service (DoS) attack.
304) Memory leak (CVE-ID: CVE-2023-54169)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5e_ptp_open() function in drivers/net/ethernet/mellanox/mlx5/core/en/ptp.c. A local user can perform a denial of service (DoS) attack.
305) Input validation error (CVE-ID: CVE-2023-54170)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the construct_alloc_key() function in security/keys/request_key.c. A local user can perform a denial of service (DoS) attack.
306) Memory leak (CVE-ID: CVE-2023-54171)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tracing_release_pipe() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
307) NULL pointer dereference (CVE-ID: CVE-2023-54173)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the DEFINE_PER_CPU() and bpf_event_output() functions in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.
308) Memory leak (CVE-ID: CVE-2023-54175)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xiic_xfer() function in drivers/i2c/busses/i2c-xiic.c. A local user can perform a denial of service (DoS) attack.
309) Resource management error (CVE-ID: CVE-2023-54177)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the invalidate_dquots() function in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
310) Out-of-bounds read (CVE-ID: CVE-2023-54179)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qla2x00_create_host() function in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
311) Memory leak (CVE-ID: CVE-2023-54183)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the v4l2_fwnode_parse_link() function in drivers/media/v4l2-core/v4l2-fwnode.c. A local user can perform a denial of service (DoS) attack.
312) Use-after-free (CVE-ID: CVE-2023-54186)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pin_assignment_show() function in drivers/usb/typec/altmodes/displayport.c. A local user can escalate privileges on the system.
313) NULL pointer dereference (CVE-ID: CVE-2023-54189)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the persistent_ram_new() function in fs/pstore/ram_core.c. A local user can perform a denial of service (DoS) attack.
314) Memory leak (CVE-ID: CVE-2023-54190)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the of_led_get() function in drivers/leds/led-class.c. A local user can perform a denial of service (DoS) attack.
315) Use-after-free (CVE-ID: CVE-2023-54194)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the exfat_allocate_bitmap() and exfat_free_bitmap() functions in fs/exfat/balloc.c. A local user can escalate privileges on the system.
316) Use-after-free (CVE-ID: CVE-2023-54197)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btsdio_remove() function in drivers/bluetooth/btsdio.c. A local user can escalate privileges on the system.
317) Out-of-bounds read (CVE-ID: CVE-2023-54198)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tty_driver_lookup_tty() function in drivers/tty/tty_io.c. A local user can perform a denial of service (DoS) attack.
318) Use-after-free (CVE-ID: CVE-2023-54199)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the adreno_gpu_init() function in drivers/gpu/drm/msm/adreno/adreno_gpu.c. A local user can escalate privileges on the system.
319) Use-after-free (CVE-ID: CVE-2023-54201)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efa_destroy_qp() and efa_destroy_cq() functions in drivers/infiniband/hw/efa/efa_verbs.c. A local user can escalate privileges on the system.
320) Use-after-free (CVE-ID: CVE-2023-54202)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the i915_perf_add_config_ioctl() function in drivers/gpu/drm/i915/i915_perf.c. A local user can escalate privileges on the system.
321) Memory leak (CVE-ID: CVE-2023-54205)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the stm32_pctrl_get_irq_domain() function in drivers/pinctrl/stm32/pinctrl-stm32.c. A local user can perform a denial of service (DoS) attack.
322) Memory leak (CVE-ID: CVE-2023-54208)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ov5675_init_controls() function in drivers/media/i2c/ov5675.c. A local user can perform a denial of service (DoS) attack.
323) Use-after-free (CVE-ID: CVE-2023-54210)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_remove_adv_monitor() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
324) Resource management error (CVE-ID: CVE-2023-54211)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __ftrace_event_enable_disable() function in kernel/trace/trace_events.c. A local user can perform a denial of service (DoS) attack.
325) Resource management error (CVE-ID: CVE-2023-54213)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sisusb_probe() function in drivers/usb/misc/sisusbvga/sisusbvga.c. A local user can perform a denial of service (DoS) attack.
326) Use-after-free (CVE-ID: CVE-2023-54214)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_sock_alloc_skb_cb() function in net/bluetooth/l2cap_sock.c. A local user can escalate privileges on the system.
327) Improper locking (CVE-ID: CVE-2023-54219)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the isert_wait_conn() function in drivers/infiniband/ulp/isert/ib_isert.c. A local user can perform a denial of service (DoS) attack.
328) Improper locking (CVE-ID: CVE-2023-54226)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the unix_release_sock(), unix_shutdown(), unix_poll() and unix_dgram_poll() functions in net/unix/af_unix.c. A local user can perform a denial of service (DoS) attack.
329) Improper locking (CVE-ID: CVE-2023-54229)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ath11k_mac_setup_channels_rates() function in drivers/net/wireless/ath/ath11k/mac.c. A local user can perform a denial of service (DoS) attack.
330) Memory leak (CVE-ID: CVE-2023-54230)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amba_device_release() function in drivers/amba/bus.c. A local user can perform a denial of service (DoS) attack.
331) Use-after-free (CVE-ID: CVE-2023-54234)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mpi3mr_probe() function in drivers/scsi/mpi3mr/mpi3mr_os.c. A local user can escalate privileges on the system.
332) Improper locking (CVE-ID: CVE-2023-54236)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the net_failover_select_queue() function in drivers/net/net_failover.c. A local user can perform a denial of service (DoS) attack.
333) Memory leak (CVE-ID: CVE-2023-54238)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/net/ethernet/mellanox/mlx5/core/en/txrx.h. A local user can perform a denial of service (DoS) attack.
334) Division by zero (CVE-ID: CVE-2023-54242)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the bfqq_request_over_limit() function in block/bfq-iosched.c. A local user can perform a denial of service (DoS) attack.
335) Input validation error (CVE-ID: CVE-2023-54244)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the acpi_ec_remove_query_handlers() function in drivers/acpi/ec.c. A local user can perform a denial of service (DoS) attack.
336) Out-of-bounds read (CVE-ID: CVE-2023-54245)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tx_macro_mclk_enable(), tx_macro_enable_dec(), tx_macro_hw_params() and tx_macro_digital_mute() functions in sound/soc/codecs/lpass-tx-macro.c. A local user can perform a denial of service (DoS) attack.
337) Buffer overflow (CVE-ID: CVE-2023-54251)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the function in tools/testing/selftests/tc-testing/tc-tests/qdiscs/taprio.json. A local user can perform a denial of service (DoS) attack.
338) Memory leak (CVE-ID: CVE-2023-54252)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tlmi_analyze() function in drivers/platform/x86/think-lmi.c. A local user can perform a denial of service (DoS) attack.
339) Memory leak (CVE-ID: CVE-2023-54254)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ttm_bo_evict() function in drivers/gpu/drm/ttm/ttm_bo.c. A local user can perform a denial of service (DoS) attack.
340) Memory leak (CVE-ID: CVE-2023-54260)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the _smbd_get_connection() function in fs/cifs/smbdirect.c. A local user can perform a denial of service (DoS) attack.
341) Use-after-free (CVE-ID: CVE-2023-54262)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drivers/net/ethernet/mellanox/mlx5/core/en/tc/post_act.h. A local user can escalate privileges on the system.
342) NULL pointer dereference (CVE-ID: CVE-2023-54264)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the alloc_branch() function in fs/sysv/itree.c. A local user can perform a denial of service (DoS) attack.
343) Memory leak (CVE-ID: CVE-2023-54266)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the m920x_i2c_xfer() function in drivers/media/usb/dvb-usb/m920x.c. A local user can perform a denial of service (DoS) attack.
344) Input validation error (CVE-ID: CVE-2023-54267)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pseries_idle_probe() function in drivers/cpuidle/cpuidle-pseries.c. A local user can perform a denial of service (DoS) attack.
345) Reachable assertion (CVE-ID: CVE-2023-54269)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the svc_defer() function in net/sunrpc/svc_xprt.c. A local user can perform a denial of service (DoS) attack.
346) Use-after-free (CVE-ID: CVE-2023-54270)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smsusb_stop_streaming() function in drivers/media/usb/siano/smsusb.c. A local user can escalate privileges on the system.
347) NULL pointer dereference (CVE-ID: CVE-2023-54271)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blkcg_activate_policy() function in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
348) NULL pointer dereference (CVE-ID: CVE-2023-54274)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the srpt_format_guid() and srpt_refresh_port() functions in drivers/infiniband/ulp/srpt/ib_srpt.c. A local user can perform a denial of service (DoS) attack.
349) Memory leak (CVE-ID: CVE-2023-54275)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath11k_peer_rx_frag_setup() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can perform a denial of service (DoS) attack.
350) Improper locking (CVE-ID: CVE-2023-54277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dlfb_usb_probe() and dlfb_alloc_urb_list() functions in drivers/video/fbdev/udlfb.c. A local user can perform a denial of service (DoS) attack.
351) Use-after-free (CVE-ID: CVE-2023-54280)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the target_share_matches_server() and __tree_connect_dfs_target() functions in fs/cifs/dfs.c. A local user can escalate privileges on the system.
352) Integer underflow (CVE-ID: CVE-2023-54284)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the write_ts_to_decoder() function in drivers/staging/media/deprecated/saa7146/av7110/av7110_av.c. A local user can execute arbitrary code.
353) Buffer overflow (CVE-ID: CVE-2023-54286)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the iwlagn_send_sta_key() function in drivers/net/wireless/intel/iwlwifi/dvm/sta.c. A local user can escalate privileges on the system.
354) NULL pointer dereference (CVE-ID: CVE-2023-54287)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the imx_uart_probe() function in drivers/tty/serial/imx.c. A local user can perform a denial of service (DoS) attack.
355) NULL pointer dereference (CVE-ID: CVE-2023-54289)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qedf_alloc_global_queues() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.
356) Improper locking (CVE-ID: CVE-2023-54292)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the irdma_free_cqp_request(), irdma_free_pending_cqp_request() and irdma_wait_event() functions in drivers/infiniband/hw/irdma/utils.c. A local user can perform a denial of service (DoS) attack.
357) Use-after-free (CVE-ID: CVE-2023-54293)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bch_root_node_dirty_init() function in drivers/md/bcache/writeback.c. A local user can escalate privileges on the system.
358) Memory leak (CVE-ID: CVE-2023-54294)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the raid10_run() function in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
359) Out-of-bounds read (CVE-ID: CVE-2023-54295)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the spi_nor_init_non_uniform_erase_map() and spi_nor_parse_4bait() functions in drivers/mtd/spi-nor/sfdp.c. A local user can perform a denial of service (DoS) attack.
360) NULL pointer dereference (CVE-ID: CVE-2023-54298)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the MODULE_DEVICE_TABLE() function in drivers/thermal/intel_quark_dts_thermal.c. A local user can perform a denial of service (DoS) attack.
361) NULL pointer dereference (CVE-ID: CVE-2023-54299)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/usb/typec_altmode.h. A local user can perform a denial of service (DoS) attack.
362) Input validation error (CVE-ID: CVE-2023-54300)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ath9k_wmi_ctrl_rx() function in drivers/net/wireless/ath/ath9k/wmi.c. A local user can perform a denial of service (DoS) attack.
363) Memory leak (CVE-ID: CVE-2023-54301)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the brcmuart_probe() function in drivers/tty/serial/8250/8250_bcm7271.c. A local user can perform a denial of service (DoS) attack.
364) Improper locking (CVE-ID: CVE-2023-54302)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the irdma_wait_event() function in drivers/infiniband/hw/irdma/utils.c. A local user can perform a denial of service (DoS) attack.
365) NULL pointer dereference (CVE-ID: CVE-2023-54304)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the meson_sm_probe() function in drivers/firmware/meson/meson_sm.c. A local user can perform a denial of service (DoS) attack.
366) Input validation error (CVE-ID: CVE-2023-54305)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ext4_xattr_inode_create() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
367) Buffer overflow (CVE-ID: CVE-2023-54309)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the function in drivers/char/tpm/tpm_vtpm_proxy.c. A local user can escalate privileges on the system.
368) Improper locking (CVE-ID: CVE-2023-54311)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_finish_convert_inline_dir() and ext4_convert_inline_data_nolock() functions in fs/ext4/inline.c. A local user can perform a denial of service (DoS) attack.
369) NULL pointer dereference (CVE-ID: CVE-2023-54315)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pnv_pci_sriov_disable() function in arch/powerpc/platforms/powernv/pci-sriov.c. A local user can perform a denial of service (DoS) attack.
370) Buffer overflow (CVE-ID: CVE-2023-54317)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the corrupt_bio_data() function in drivers/md/dm-flakey.c. A local user can perform a denial of service (DoS) attack.
371) Memory leak (CVE-ID: CVE-2023-54319)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the atmel_pinctrl_probe() function in drivers/pinctrl/pinctrl-at91-pio4.c. A local user can perform a denial of service (DoS) attack.
372) Memory leak (CVE-ID: CVE-2023-54320)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amd_pmc_stb_debugfs_open_v2() function in drivers/platform/x86/amd/pmc.c. A local user can perform a denial of service (DoS) attack.
373) NULL pointer dereference (CVE-ID: CVE-2023-54321)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the device_add() function in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.
374) Resource management error (CVE-ID: CVE-2023-54322)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the arch/arm64/include/asm/exception.h. A local user can perform a denial of service (DoS) attack.
375) Out-of-bounds read (CVE-ID: CVE-2023-54325)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qat_alg_skcipher_init_com() function in drivers/crypto/qat/qat_common/qat_algs.c. A local user can perform a denial of service (DoS) attack.
376) Use-after-free (CVE-ID: CVE-2023-54326)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pci_endpoint_test_remove() function in drivers/misc/pci_endpoint_test.c. A local user can escalate privileges on the system.
377) Use of uninitialized resource (CVE-ID: CVE-2024-36933)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the EXPORT_SYMBOL_GPL() and nsh_gso_segment() functions in net/nsh/nsh.c. A local user can perform a denial of service (DoS) attack.
378) Improper locking (CVE-ID: CVE-2024-53093)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_add_ns_head_cdev(), nvme_mpath_alloc_disk(), nvme_mpath_set_live(), nvme_mpath_shutdown_disk() and nvme_mpath_remove_disk() functions in drivers/nvme/host/multipath.c. A local user can perform a denial of service (DoS) attack.
379) Input validation error (CVE-ID: CVE-2024-56590)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_tx_work() and hci_acldata_packet() functions in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
380) Use-after-free (CVE-ID: CVE-2025-39977)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the function in kernel/futex/requeue.c. A local user can escalate privileges on the system.
381) Input validation error (CVE-ID: CVE-2025-40019)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the essiv_aead_crypt() function in crypto/essiv.c. A local user can perform a denial of service (DoS) attack.
382) Use-after-free (CVE-ID: CVE-2025-40139)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smc_clc_msg_hdr_valid(), smc_clc_prfx_set4_rcu() and smc_clc_prfx_set() functions in net/smc/smc_clc.c. A local user can escalate privileges on the system.
383) Improper locking (CVE-ID: CVE-2025-40215)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __xfrm_state_destroy(), __xfrm_state_delete(), xfrm_state_flush(), xfrm_flush_gc() and xfrm_state_fini() functions in net/xfrm/xfrm_state.c. A local user can perform a denial of service (DoS) attack.
384) Improper locking (CVE-ID: CVE-2025-40220)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fuse_file_release() function in fs/fuse/file.c. A local user can perform a denial of service (DoS) attack.
385) Incorrect calculation (CVE-ID: CVE-2025-40233)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the __ocfs2_move_extents_range() function in fs/ocfs2/move_extents.c. A local user can perform a denial of service (DoS) attack.
386) Memory leak (CVE-ID: CVE-2025-40256)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xfrm_state_free(), xfrm_state_gc_destroy() and __xfrm_state_destroy() functions in net/xfrm/xfrm_state.c. A local user can perform a denial of service (DoS) attack.
387) Use-after-free (CVE-ID: CVE-2025-40258)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mptcp_reset_rtx_timer() function in net/mptcp/protocol.c. A local user can escalate privileges on the system.
388) Out-of-bounds read (CVE-ID: CVE-2025-40277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vmw_cmd_check() function in drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c. A local user can perform a denial of service (DoS) attack.
389) Use-after-free (CVE-ID: CVE-2025-40280)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tipc_net_finalize_work() function in net/tipc/net.c. A local user can escalate privileges on the system.
390) Out-of-bounds read (CVE-ID: CVE-2025-40331)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the inet_diag_msg_sctpladdrs_fill() function in net/sctp/diag.c. A local user can perform a denial of service (DoS) attack.
391) Improper locking (CVE-ID: CVE-2025-68218)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_mpath_set_live() function in drivers/nvme/host/multipath.c. A local user can perform a denial of service (DoS) attack.
392) Improper locking (CVE-ID: CVE-2025-68732)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the syncpt_release() and host1x_syncpt_put() functions in drivers/gpu/host1x/syncpt.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.