ROS-20240822-01

The vulnerability of the hub_port_init() function of the core component of the Linux operating system kernel is related to reading outside the
memory boundaries. Exploitation of the vulnerability could allow an attacker to affect the
confidentiality, integrity and availability of protected information

Vulnerability of gss_read_proxy_verf() function in module net/sunrpc/auth_gss/svcauth_gss.c of protocol implementation
Remote Procedure Call (RPC) protocol implementation of the Linux kernel is related to insufficient memory allocation for the operation.
for the operation. Exploitation of the vulnerability could allow an attacker to cause a denial of service

Vulnerability of cond_read_listq() function in selinux component of Linux kernel is related to
double release of cond_list on the wrong path from cond_read_list() and
duplicate_policydb_cond_list(), which leads to dereferencing a NULL pointer. Exploitation of the vulnerability
could allow an attacker to cause a denial of service

A vulnerability in the btrfs component of the Linux operating system kernel is related to the locking between the quota disable and the
group rescan worker. Exploitation of the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the seg6_hmac_init_algo() function of the sr component of a Linux kernel is related to the
returning seg6_hmac_init_algo without clearing in case of failure, all memory is leaked.
Exploitation of the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the kobject_init_and_add() function of the vmbus component of the Linux operating system kernel is associated with a
failure to free memory after an effective lifetime. Exploitation of the vulnerability could allow
an attacker to cause a denial of service

The vulnerability of mpi_ssp_completion(), mpi_sata_completion() functions in the pm8001 component of the pm8001 kernel of the Linux operating system is related to the interruption of the s
Linux kernel component pm8001 is related to sas_task interrupt before we handle I/O completion in the
mpi_ssp_completion() or mpi_sata_completion(). Exploitation of the vulnerability could allow an attacker to
Impact the confidentiality, integrity, and availability of protected information

Vulnerability of the mld_newpack() function in the net/ipv6/mcast.c module of the IPv6 protocol implementation of the kernel of the Linux operating system is related to the incorrectness of the mld_newpack() function.
of the Linux operating system kernel is related to incorrect synchronization. Exploitation of the vulnerability could allow an attacker to
cause a denial of service

Vulnerability of gpmi_nfc_apply_timings() function in gpmi component of Linux operating system kernel is related to
lack of service data protection. Exploitation of the vulnerability could allow an attacker to obtain
confidential information

Vulnerability in the lmh component of the Linux kernel is related to lack of availability check
scm. Exploitation of the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the register_winch_irq() function in the arch/um/drivers/line.c module of the User-Mode Subsystem Driver
Linux (UML) kernel of the Linux operating system is related to re-release of previously freed memory
due to competitive access to a resource (race condition). Exploitation of the vulnerability could allow
an attacker to cause a denial of service

A vulnerability in the inet_sk_diag_fill() function in the kernel-infoleak component of the Linux operating system kernel
is related to the ability to use kernel-infoleak by unprivileged users. Exploitation
exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity and availability of protected information.
availability of protected information

Vulnerability of gswip_remove() function in drivers/net/dsa/lantiq_gswip.c module of the Lantiq / Intel GSWIP driver
of the Linux kernel is related to the reuse of previously freed memory.
Exploitation of the vulnerability could allow an attacker to impact confidentiality,
integrity and availability of protected information

Vulnerability in the ovl component of the Linux kernel is related to dereferencing a NULL pointer in a copy warning.
copy warning. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service

A vulnerability in the ufshcd_eh_host_reset_handler() component of the SCSI component of the Linux operating system kernel
is related to improper locking. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service

A vulnerability in the rpcrdma_ep_create() function of the xprtrdma component of the Linux operating system kernel is related to
Failures of non-zero pointers with an error value triggering rpcrdma_ep_destroy and attempts to free
them, resulting in an “Oops” error. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service

A vulnerability in the iwlwifi component of the Linux operating system kernel is related to memory usage after a
release. Exploitation of the vulnerability could allow an attacker to impact the
confidentiality, integrity and availability of protected information

A vulnerability in the do_map_benchmark() function in the kernel/dma/map_benchmark.c module of the kernel of the operating system
Linux is related to reading memory outside the allocated buffer. Exploitation of the vulnerability could allow
an intruder to affect confidentiality, integrity and availability of protected information

Vulnerability of myrs_detect() function in myrs component of Linux kernel is related to
NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service

Vulnerability in the amd-xgbe component of the Linux kernel is related to writing outside the allocated buffer.
allocated buffer. Exploitation of the vulnerability could allow an attacker to impact the
confidentiality, integrity and availability of protected information

Vulnerability of stm_register_device() function in drivers/hwtracing/stm/core.c module of trace driver
System Trace Module (STM) of the Linux kernel is related to repeated freeing of previously freed memory.
of previously freed memory. Exploitation of the vulnerability could allow an attacker to impact the
confidentiality, integrity and availability of protected information

Vulnerability of the nvme-rdma component of the Linux operating system kernel is related to the use of memory after its
release in the transport error_recovery operation. Exploitation of the vulnerability could allow an attacker to
affect confidentiality, integrity and availability of protected information

Vulnerability of the rpc_sysfs_xprt_state_change() function in the sunrpc component of the Linux operating system kernel
is related to reference counter leaksb of both unused objects (rpc_sysfs_xprt_kobj_get_xprt() and
rpc_sysfs_xprt_kobj_get_xprt_switch()). Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service

A vulnerability in the __rtnl_newlink() function in the rtnetlink component of the Linux operating system kernel is related to the
memory usage after release. Exploitation of the vulnerability could allow an attacker to cause a
affect confidentiality, integrity and availability of protected information

Vulnerability of the sync_print_obj() function in the drivers/dma-buf/sync_debug.c module of the dma-buf driver of the kernel of the
of Linux operating system is related to the use of incorrect functions for synchronization. Exploitation
of the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the drm/nouveau component of the Linux operating system kernel is associated with a driver initialization failure
on an Apple eMac with GeForce 2 MX GPUs. Exploitation of the vulnerability could allow
an attacker to cause a denial of service

A vulnerability in the crypto component of the Linux operating system kernel is related to a memory leak in the
ADF_DEV_RESET_SYNC. Exploitation of the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the btrfs_commit_transaction() function in the btrfs component of the btrfs component of the Linux operating system kernel is related to
with memory usage after a crash during snapshot creation in ioctl.c:create_snapshot(). Exploitation of the
of the vulnerability could allow an attacker to impact the confidentiality, integrity, and
availability of protected information

Vulnerability in the ip6_dst_gc() function (net/ipv6/route.c) of the IPv6 protocol implementation of the kernel of the Linux operating system
Linux is related to incorrect processing of boundary conditions. Exploitation of the vulnerability could allow
an attacker acting remotely to cause a denial of service

A vulnerability in the net component of the Linux kernel is related to the failure to free memory
after an effective lifetime. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service

A vulnerability in the ffs_func_eps_disable() function in the f_fs component of the f_fs kernel of a Linux operating system is related to
getting a driver spin-lock, continuing to work with an outdated epfile value and attempting to free an already freed epfile.
an attempt to free an already freed memory buffer. Exploitation of the vulnerability could allow an attacker to
Affect the confidentiality, integrity and availability of protected information

A vulnerability in the dsa component of the Linux operating system kernel is related to errors that occur when canceling the
DSA master device binding at shutdown. Exploitation of the vulnerability could allow
an attacker to cause a denial of service

A vulnerability in the hda component of the Linux operating system kernel is related to the release of a codec resource occurring
before the devm call chain, it triggers a NULL or UAF dereference for the deprecated callback of
set_brightness_delay. Exploitation of the vulnerability could allow an attacker to impact the
confidentiality, integrity, and availability of protected information

A vulnerability in the hclgevf_send_mbx_msg() function in the hns3 component of the Linux operating system kernel is related to
the release of the network device during the client instance deletion process, but the deletion process still
uses it to track runtime information. Exploitation of the vulnerability could allow an
An attacker to affect the confidentiality, integrity, and availability of protected information

The vulnerability in the qcom component of the Linux operating system kernel is related to a panic in the cleanup function, since the
as the record name is equal to NULL. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service

A vulnerability in the nvme component of the Linux operating system kernel is related to memory usage after a
release at boot time. Exploitation of the vulnerability could allow an attacker to impact
confidentiality, integrity and availability of protected information

Vulnerability of the savagefb_probe() function in the drivers/video/fbdev/savage/savagefb_driver.c module of the kernel of the
of the Linux operating system is related to incorrect checking of the return code of savagefb_check_var() function.
Exploitation of the vulnerability could allow an attacker to cause a denial of service