CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
Vulnerability of mutex_unlock() function in spi component of Linux kernel is related to
memory usage after mutex add_lock is released. Exploitation of the vulnerability could allow
an intruder to affect confidentiality, integrity and availability of protected information
The vulnerability of the ip_route_use_hint() function in the ipv4 component of the Linux operating system kernel is related to
null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service
Vulnerability of qla2x00_els_dcmd_sp_free() function in drivers/scsi/qla2xxx/qla_iocb.c module of QLogic driver
QLA2XXX of the Linux operating system kernel is related to the re-release of previously freed memory.
Exploitation of the vulnerability could allow an attacker to cause a denial of service or other
impact
Vulnerability of the interface_authorized_store() function in the drivers/usb/core/sysfs.c module of the USB driver module of the kernel of the Linux operating system is related to infinite cycling of memory.
of the Linux operating system is related to an infinite resource wait cycle. Exploitation of the vulnerability could
allow an attacker to affect the confidentiality, integrity, and availability of protected information
information
Vulnerability of synchronize_rcu() function in ipset component of Linux operating system kernel is related to
performance degradation in swap operation. Exploitation of the vulnerability could allow an attacker to
affect confidentiality, integrity and availability of protected information
Vulnerability of do_sys_name_to_handle() function in kernel-infoleak component of Linux operating system kernel
is related to a kernel information leak in do_sys_name_to_handle(). Exploitation of the vulnerability could allow
an intruder to affect confidentiality, integrity and availability of protected information
Vulnerability of nci_free_device() function in module net/nfc/nci/data.c of NFC Controller Interface implementation
(NCI) kernel of the Linux operating system is related to rx_data_reassembly package leak. Exploitation
the vulnerability could allow an attacker to cause a denial of service
A vulnerability in the lpfc_mbx_cmpl_fc_reg_login() function in the drivers/scsi/lpfc/lpfc_hbadisc.c module of the drivers/scsi/lpfc/lpfc_hbadisc.c kernel of the
of the Linux operating system is related to the reuse of previously freed memory. Exploitation
exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity and availability of protected information.
availability of protected information
A vulnerability in the dm_sw_fini() function in the drivers/gpu/drm/amd/display/amdgppu_dm/amdgpu_dm.c module of the driver
The Linux operating system kernel amdgpu is associated with a memory leak. Exploitation of the vulnerability could allow
an attacker to disclose protected information
A vulnerability in the rfcomm component of the Linux kernel is related to null pointer dereferencing.
pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service
A vulnerability in the mediatek component of the Linux operating system kernel is related to power domain registration
first by genpd and then by the driver attempting to include them in the probing sequence,
then a race condition occurs. Exploitation of the vulnerability could allow an attacker to impact the
confidentiality, integrity, and availability of protected information
A vulnerability in the pm80xx component of the Linux operating system kernel is related to the driver’s inability to
to free all allocated memory. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service
A vulnerability in the cfg80211_change_iface() function in the net/wireless/util.c module of a Linux operating system kernel
is related to incorrect data initialization. Exploitation of the vulnerability could allow an attacker to cause
affect confidentiality, integrity and availability of protected information
Vulnerability of the set_eth_seg() function in the drivers/infiniband/hw/mlx5/wr.c module of the Mellanox 5th
5th generation network adapters (ConnectX series) driver of Linux kernel is related to writing outside the allocated buffer.
outside of the allocated buffer. Exploitation of the vulnerability could allow an attacker to impact the
confidentiality, integrity and availability of protected information