SB2026041764 - Ubuntu update for linux-fips
Published: April 17, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 80 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2026-23209)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the macvlan_common_newlink() function in drivers/net/macvlan.c. A local user can escalate privileges on the system.
2) Memory leak (CVE-ID: CVE-2026-23170)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx_tve_probe() function in drivers/gpu/drm/imx/imx-tve.c. A local user can perform a denial of service (DoS) attack.
3) Memory leak (CVE-ID: CVE-2026-23167)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nci_unregister_device() function in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.
4) Memory leak (CVE-ID: CVE-2026-23164)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rocker_world_port_post_fini() function in drivers/net/ethernet/rocker/rocker_main.c. A local user can perform a denial of service (DoS) attack.
5) Memory leak (CVE-ID: CVE-2026-23150)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfc_llcp_remove_local() function in net/nfc/llcp_core.c. A local user can perform a denial of service (DoS) attack.
6) NULL pointer dereference (CVE-ID: CVE-2026-23146)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hci_uart_register_dev() and hci_uart_set_proto() functions in drivers/bluetooth/hci_ldisc.c. A local user can perform a denial of service (DoS) attack.
7) Memory leak (CVE-ID: CVE-2026-23145)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_xattr_inode_update_ref() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
8) Buffer overflow (CVE-ID: CVE-2026-23133)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the _ath10k_ce_free_pipe() and _ath10k_ce_free_pipe_64() functions in drivers/net/wireless/ath/ath10k/ce.c. A local user can perform a denial of service (DoS) attack.
9) Buffer overflow (CVE-ID: CVE-2026-23128)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the swsusp_arch_suspend() function in arch/arm64/kernel/hibernate.c. A local user can perform a denial of service (DoS) attack.
10) NULL pointer dereference (CVE-ID: CVE-2026-23125)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sctp_sf_do_5_1C_ack() function in net/sctp/sm_statefuns.c. A local user can perform a denial of service (DoS) attack.
11) Improper locking (CVE-ID: CVE-2026-23124)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ndisc_router_discovery() function in net/ipv6/ndisc.c. A local user can perform a denial of service (DoS) attack.
12) Improper locking (CVE-ID: CVE-2026-23121)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mISDN_read(), mISDN_poll() and misdn_add_timer() functions in drivers/isdn/mISDN/timerdev.c. A local user can perform a denial of service (DoS) attack.
13) Race condition within a thread (CVE-ID: CVE-2026-23120)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the l2tp_tunnel_del_work() function in net/l2tp/l2tp_core.c. A local user can corrupt data.
14) Resource management error (CVE-ID: CVE-2026-23119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bond_flow_dissect() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
15) Memory leak (CVE-ID: CVE-2026-23108)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the usb_8dev_read_bulk_callback() function in drivers/net/can/usb/usb_8dev.c. A local user can perform a denial of service (DoS) attack.
16) Input validation error (CVE-ID: CVE-2026-23105)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qfq_rm_from_agg() function in net/sched/sch_qfq.c. A local user can perform a denial of service (DoS) attack.
17) Improper locking (CVE-ID: CVE-2026-23103)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ipvlan_port_create(), ipvlan_uninit(), ipvlan_open(), ipvlan_stop(), ipvlan_link_new(), ipvlan_link_delete(), ipvlan_add_addr(), ipvlan_del_addr(), ipvlan_add_addr6(), ipvlan_addr6_validator_event() and ipvlan_addr4_validator_event() functions in drivers/net/ipvlan/ipvlan_main.c. A local user can perform a denial of service (DoS) attack.
18) Use of uninitialized resource (CVE-ID: CVE-2026-23101)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the led_classdev_register_ext() function in drivers/leds/led-class.c. A local user can perform a denial of service (DoS) attack.
19) Out-of-bounds read (CVE-ID: CVE-2026-23099)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bond_enslave() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
20) NULL pointer dereference (CVE-ID: CVE-2026-23098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nr_route_frame() function in net/netrom/nr_route.c. A local user can perform a denial of service (DoS) attack.
21) Improper locking (CVE-ID: CVE-2026-23097)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the unmap_and_move_huge_page() function in mm/migrate.c. A local user can perform a denial of service (DoS) attack.
22) Improper resource shutdown or release (CVE-ID: CVE-2026-23096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the EXPORT_SYMBOL_GPL() and uacce_register() functions in drivers/misc/uacce/uacce.c. A local user can perform a denial of service (DoS) attack.
23) Memory leak (CVE-ID: CVE-2026-23095)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gue_udp_recv() function in net/ipv4/fou_core.c. A local user can perform a denial of service (DoS) attack.
24) Input validation error (CVE-ID: CVE-2026-23093)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the get_sg_list() and smb_direct_post_send_data() functions in fs/smb/server/transport_rdma.c. A local user can perform a denial of service (DoS) attack.
25) Memory leak (CVE-ID: CVE-2026-23091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the intel_th_output_open() function in drivers/hwtracing/intel_th/core.c. A local user can perform a denial of service (DoS) attack.
26) Memory leak (CVE-ID: CVE-2026-23090)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the slim_get_device() and slim_device_report_present() functions in drivers/slimbus/core.c. A local user can perform a denial of service (DoS) attack.
27) Use-after-free (CVE-ID: CVE-2026-23089)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the parse_audio_unit() function in sound/usb/mixer.c. A local user can escalate privileges on the system.
28) Memory leak (CVE-ID: CVE-2026-23087)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the scsiback_remove() function in drivers/xen/xen-scsiback.c. A local user can perform a denial of service (DoS) attack.
29) Resource management error (CVE-ID: CVE-2026-23085)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the its_build_mapd_cmd(), its_build_vmapp_cmd() and its_setup_baser() functions in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.
30) NULL pointer dereference (CVE-ID: CVE-2026-23084)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the be_cmd_get_perm_mac() function in drivers/net/ethernet/emulex/benet/be_cmds.c. A local user can perform a denial of service (DoS) attack.
31) Input validation error (CVE-ID: CVE-2026-23083)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the function in net/ipv4/fou_nl.c. A local user can perform a denial of service (DoS) attack.
32) Memory leak (CVE-ID: CVE-2026-23080)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mcba_usb_read_bulk_callback() function in drivers/net/can/usb/mcba_usb.c. A local user can perform a denial of service (DoS) attack.
33) Buffer overflow (CVE-ID: CVE-2026-23078)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the scarlett2_usb_get_config() function in sound/usb/mixer_scarlett2.c. A local user can escalate privileges on the system.
34) Out-of-bounds read (CVE-ID: CVE-2026-23076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amixer_rsc_init() and sum_rsc_init() functions in sound/pci/ctxfi/ctamixer.c. A local user can perform a denial of service (DoS) attack.
35) Memory leak (CVE-ID: CVE-2026-23075)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the esd_usb_read_bulk_callback() function in drivers/net/can/usb/esd_usb.c. A local user can perform a denial of service (DoS) attack.
36) Buffer overflow (CVE-ID: CVE-2026-23073)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the rsi_mac80211_attach() function in drivers/net/wireless/rsi/rsi_91x_mac80211.c. A local user can escalate privileges on the system.
37) Improper locking (CVE-ID: CVE-2026-23071)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the regmap_lock_hwlock_irq() function in drivers/base/regmap/regmap.c. A local user can perform a denial of service (DoS) attack.
38) NULL pointer dereference (CVE-ID: CVE-2026-23064)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tcf_ife_encode() function in net/sched/act_ife.c. A local user can perform a denial of service (DoS) attack.
39) NULL pointer dereference (CVE-ID: CVE-2026-23063)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the uacce_start_queue() and uacce_fops_unl_ioctl() functions in drivers/misc/uacce/uacce.c. A local user can perform a denial of service (DoS) attack.
40) Memory leak (CVE-ID: CVE-2026-23061)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kvaser_usb_read_bulk_callback() function in drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c. A local user can perform a denial of service (DoS) attack.
41) Memory leak (CVE-ID: CVE-2026-23058)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ems_usb_read_bulk_callback() function in drivers/net/can/usb/ems_usb.c. A local user can perform a denial of service (DoS) attack.
42) Improper error handling (CVE-ID: CVE-2026-23056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the uacce_vma_close() function in drivers/misc/uacce/uacce.c. A local user can perform a denial of service (DoS) attack.
43) Resource management error (CVE-ID: CVE-2026-23049)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the function in drivers/gpu/drm/panel/panel-simple.c. A local user can perform a denial of service (DoS) attack.
44) Memory leak (CVE-ID: CVE-2026-23038)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfs4_ff_alloc_deviceid_node() function in fs/nfs/flexfilelayout/flexfilelayoutdev.c. A local user can perform a denial of service (DoS) attack.
45) Memory leak (CVE-ID: CVE-2026-23037)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the es58x_alloc_rx_urbs() function in drivers/net/can/usb/etas_es58x/es58x_core.c. A local user can perform a denial of service (DoS) attack.
46) Memory leak (CVE-ID: CVE-2026-23033)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the omap_dma_probe() function in drivers/dma/ti/omap-dma.c. A local user can perform a denial of service (DoS) attack.
47) Memory leak (CVE-ID: CVE-2026-23026)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the function in drivers/dma/qcom/gpi.c. A local user can perform a denial of service (DoS) attack.
48) Improper error handling (CVE-ID: CVE-2026-23011)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ipgre_header() function in net/ipv4/ip_gre.c. A local user can perform a denial of service (DoS) attack.
49) Use of uninitialized resource (CVE-ID: CVE-2026-23003)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the __ip6_tnl_rcv() function in net/ipv6/ip6_tunnel.c. A local user can perform a denial of service (DoS) attack.
50) Use-after-free (CVE-ID: CVE-2026-23001)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the macvlan_hash_lookup_source(), macvlan_hash_add_source(), macvlan_hash_add(), macvlan_flush_sources(), macvlan_forward_source() and macvlan_fill_info_macaddr() functions in drivers/net/macvlan.c. A local user can escalate privileges on the system.
51) Use-after-free (CVE-ID: CVE-2026-22999)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qfq_change_class() function in net/sched/sch_qfq.c. A local user can escalate privileges on the system.
52) NULL pointer dereference (CVE-ID: CVE-2026-22998)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nvmet_tcp_handle_h2c_data_pdu() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.
53) Memory leak (CVE-ID: CVE-2026-22997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the j1939_xtp_rx_rts_session_active() function in net/can/j1939/transport.c. A local user can perform a denial of service (DoS) attack.
54) Use-after-free (CVE-ID: CVE-2025-71199)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the at91_adc_remove() function in drivers/iio/adc/at91-sama5d2_adc.c. A local user can escalate privileges on the system.
55) Off-by-one (CVE-ID: CVE-2025-71197)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the alarms_store() function in drivers/w1/slaves/w1_therm.c. A local user can perform a denial of service (DoS) attack.
56) Out-of-bounds read (CVE-ID: CVE-2025-71196)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the stm32_usbphyc_probe() function in drivers/phy/st/phy-stm32-usbphyc.c. A local user can perform a denial of service (DoS) attack.
57) Improper locking (CVE-ID: CVE-2025-71194)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the is_transaction_blocked(), start_transaction() and btrfs_wait_for_commit() functions in fs/btrfs/transaction.c. A local user can perform a denial of service (DoS) attack.
58) Memory leak (CVE-ID: CVE-2025-71191)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the atc_alloc_chan_resources() and atc_free_chan_resources() functions in drivers/dma/at_hdmac.c. A local user can perform a denial of service (DoS) attack.
59) Memory leak (CVE-ID: CVE-2025-71190)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sba_probe() and sba_remove() functions in drivers/dma/bcm-sba-raid.c. A local user can perform a denial of service (DoS) attack.
60) Memory leak (CVE-ID: CVE-2025-71188)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpc18xx_dmamux_reserve() function in drivers/dma/lpc18xx-dmamux.c. A local user can perform a denial of service (DoS) attack.
61) Memory leak (CVE-ID: CVE-2025-71186)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the stm32_dmamux_route_allocate() function in drivers/dma/stm32-dmamux.c. A local user can perform a denial of service (DoS) attack.
62) Memory leak (CVE-ID: CVE-2025-71185)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ti_am335x_xbar_route_allocate() function in drivers/dma/ti/dma-crossbar.c. A local user can perform a denial of service (DoS) attack.
63) Memory leak (CVE-ID: CVE-2025-71163)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the unbind_store() and bind_store() functions in drivers/dma/idxd/compat.c. A local user can perform a denial of service (DoS) attack.
64) Use-after-free (CVE-ID: CVE-2025-71162)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tegra_adma_stop() and tegra_adma_probe() functions in drivers/dma/tegra210-adma.c. A local user can escalate privileges on the system.
65) Use-after-free (CVE-ID: CVE-2025-68817)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_tree_disconnect() function in fs/smb/server/smb2pdu.c. A local user can escalate privileges on the system.
66) Infinite loop (CVE-ID: CVE-2025-68725)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the BPF_CALL_3() function in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
67) Use of uninitialized resource (CVE-ID: CVE-2025-68365)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ntfs_create_inode(), ntfs_link_inode() and ntfs_unlink_inode() functions in fs/ntfs3/inode.c. A local user can perform a denial of service (DoS) attack.
68) Resource management error (CVE-ID: CVE-2025-68340)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the team_port_add() function in drivers/net/team/team_core.c. A local user can perform a denial of service (DoS) attack.
69) Improper locking (CVE-ID: CVE-2025-68211)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the should_skip_rmap_item() and scan_get_next_rmap_item() functions in mm/ksm.c. A local user can perform a denial of service (DoS) attack.
70) Resource management error (CVE-ID: CVE-2025-40164)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the usbnet_resume_rx() function in drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.
71) Use-after-free (CVE-ID: CVE-2025-40149)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tls_device_queue_ctx_destruction() function in net/tls/tls_device.c. A local user can escalate privileges on the system.
72) Resource management error (CVE-ID: CVE-2025-38591)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bpf_skb_is_valid_access(), sock_addr_is_valid_access(), sock_ops_is_valid_access(), sk_msg_is_valid_access() and sk_lookup_is_valid_access() functions in net/core/filter.c, within the cg_sockopt_is_valid_access() function in kernel/bpf/cgroup.c. A local user can perform a denial of service (DoS) attack.
73) Resource management error (CVE-ID: CVE-2025-38408)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the irq_domain_create_sim_full() function in kernel/irq/irq_sim.c. A local user can perform a denial of service (DoS) attack.
74) NULL pointer dereference (CVE-ID: CVE-2025-38232)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_nfsd(), unregister_cld_notifier() and exit_nfsd() functions in fs/nfsd/nfsctl.c. A local user can perform a denial of service (DoS) attack.
75) Input validation error (CVE-ID: CVE-2025-38125)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the est_configure() function in drivers/net/ethernet/stmicro/stmmac/stmmac_est.c. A local user can perform a denial of service (DoS) attack.
76) Memory leak (CVE-ID: CVE-2025-38057)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the espintcp_queue_out() function in net/xfrm/espintcp.c, within the esp_output_tcp_finish() function in net/ipv6/esp6.c, within the esp_output_tcp_finish() function in net/ipv4/esp4.c. A local user can perform a denial of service (DoS) attack.
77) Use-after-free (CVE-ID: CVE-2023-54207)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uclogic_input_configured() function in drivers/hid/hid-uclogic-core.c. A local user can escalate privileges on the system.
78) Memory leak (CVE-ID: CVE-2023-53662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_fname_setup_filename() and ext4_fname_prepare_lookup() functions in fs/ext4/crypto.c. A local user can perform a denial of service (DoS) attack.
79) Race condition (CVE-ID: CVE-2023-53520)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the hci_suspend_notifier() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
80) NULL pointer dereference (CVE-ID: CVE-2023-53421)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blkcg_reset_stats() function in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.