RedosROS-20240819-02ROS-20240819-02
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
A vulnerability in the felix_setup_mmio_filtering() function in the felix component of the Linux kernel operating system
is related to memory leaks if the CPU port is not defined. Exploitation of the vulnerability could allow an attacker to
cause a denial of service
A vulnerability in the null-ptr-deref() function in the hda component of the Linux kernel is related to
user assignment of a COUPLED thread. Exploitation of the vulnerability could allow an attacker to cause a
denial of service
Vulnerability of ems_pcmcia_add_card() function in drivers/net/can/sja1000/ems_pcmcia.c module of the Philips/NXP SJJ device driver
of the Philips/NXP SJA1000 device driver in the Linux kernel is related to the reuse of previously freed memory.
of previously freed memory. Exploitation of the vulnerability could allow an attacker to impact the
confidentiality, integrity and availability of protected information
Vulnerability of mt7915_get_phy_mode() function in mt7915 component of Linux kernel is related to
null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service
Vulnerability of _remove() function in liteuart component of Linux kernel is related to null pointer dereferencing.
null pointer dereferencing in ->remove(). Exploitation of the vulnerability could allow an attacker to
cause a denial of service
Vulnerability of cdnsp_endpoint_init() function in cdnsp component of Linux kernel is related to
execution of the cdnsp_ring_alloc() method, pep->ring is assigned, and in cdnsp_endpoint_init() its
dereferencing, which could lead to a NULL pointer being dereferenced when cdnsp_ring_alloc() fails.
Exploitation of the vulnerability could allow an attacker to cause a denial of service
A vulnerability in the report_field() function in the bigbenff component of the Linux operating system kernel is related to
emulation of the device through uhid does not generate output reports, so report_field is set to
null. Exploitation of the vulnerability could allow an attacker to cause a denial of service
Vulnerability in the mlx4_en_try_alloc_resources() function in drivers/net/ethernet/mellanox/mlx4/en_netdev.c module
of Mellanox Technologies 1/10/40Gbit network adapter driver of Linux kernel is related to
reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to
affect confidentiality, integrity and availability of protected information
Vulnerability of the liteuart_remove() function in the drivers/tty/serial/liteuart.c module of the LiteUART driver of the Linux kernel is related to reuse of previously freed memory.
of Linux operating system is related to the reuse of previously freed memory. Exploitation
of the vulnerability may allow an intruder to affect the confidentiality, integrity and availability of protected information.
availability of protected information
Vulnerability of the m_can_read_fifo() function in the can component of the can kernel of the Linux operating system is related to bugs
in m_can_read_fifo(), if the second call to m_can_fifo_read() fails, the function goes to label
out_fail and returns without calling m_can_receive_skb(), which can lead to memory leaks. Exploitation of the
of the vulnerability could allow an attacker to cause a denial of service
A vulnerability in the nfp_cpp_area_cache_add() function in the nfp component of the Linux operating system kernel is related to
bugs in nfp_cpp_area_alloc(), in which a CPP area structure is allocated and initialized, but the
cache allocation fails, this CPP area structure is not freed, resulting in a memory leak.
Exploitation of the vulnerability could allow an attacker to cause a denial of service
A vulnerability in the rvu_mbox_init() function in the iwlwifi component of the Linux operating system kernel is associated with
memory leak errors in rvu_mbox_init(), mbox_regions are not freed or transferred to the region of the
switch-default, which can lead to memory leaks. Exploitation of the vulnerability could allow an attacker to
cause a denial of service
A vulnerability in the fc_lport_ptp_setup() function in the libfc component of the Linux operating system kernel is related to
lack of validation of the return value of fc_rport_create(), which could return NULL and cause a
NULL pointer dereference. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service
Vulnerability in the pch_can_rx_normal() function in the drivers/net/can/pch_can.c module of the Controller Area
Network (CAN) module of the Linux kernel is related to the reuse of previously freed memory.
memory. Exploitation of the vulnerability could allow an attacker to impact the confidentiality,
integrity and availability of protected information
Vulnerability in the octeontx2-af component of the Linux operating system kernel is related to the failure to free memory after an effective lifetime.
memory after an effective lifetime. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service
A vulnerability in the nfc_genl_dump_ses_done() function in the nfc component of the nfc component of the Linux operating system kernel involves
errors in the done() netlink callback. Exploitation of the vulnerability could allow an attacker to cause a
denial of service
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High