Vulnerabilities > Linux > Linux Kernel > 2.6.31.5

DATE CVE VULNERABILITY TITLE RISK
2024-11-19 CVE-2024-50299 Use of Uninitialized Resource vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in sctp_sf_ootb() to address a crash reported by syzbot: BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_do_sm+0x181/0x93d0 net/sctp/sm_sideeffect.c:1166 sctp_endpoint_bh_rcv+0xc38/0xf90 net/sctp/endpointola.c:407 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_rcv+0x3831/0x3b20 net/sctp/input.c:243 sctp4_rcv+0x42/0x50 net/sctp/protocol.c:1159 ip_protocol_deliver_rcu+0xb51/0x13d0 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233
local
low complexity
linux CWE-908
5.5
2024-11-19 CVE-2023-52921 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() Since the gang_size check is outside of chunk parsing loop, we need to reset i before we free the chunk data. Suggested by Ye Zhang (@VAR10CK) of Baidu Security.
local
low complexity
linux CWE-416
7.8
2024-11-14 CVE-2023-4134 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel.
local
low complexity
linux fedoraproject CWE-416
5.5
2024-11-09 CVE-2024-50234 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlegacy: Clear stale interrupts before resuming device iwl4965 fails upon resume from hibernation on my laptop.
local
high complexity
linux CWE-367
7.0
2024-11-09 CVE-2024-50242 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in ntfs_file_release
local
low complexity
linux
7.8
2024-11-09 CVE-2024-50243 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix general protection fault in run_is_mapped_full Fixed deleating of a non-resident attribute in ntfs_create_inode() rollback.
local
low complexity
linux
5.5
2024-11-09 CVE-2024-50244 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in ni_clear() Checking of NTFS_FLAGS_LOG_REPLAYING added to prevent access to uninitialized bitmap during replay process.
local
low complexity
linux
5.5
2024-11-09 CVE-2024-50245 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix possible deadlock in mi_read Mutex lock with another subclass used in ni_lock_dir().
local
low complexity
linux
5.5
2024-11-09 CVE-2024-50246 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add rough attr alloc_size check
local
low complexity
linux
7.8
2024-11-09 CVE-2024-50247 Out-of-bounds Read vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check if more than chunk-size bytes are written A incorrectly formatted chunk may decompress into more than LZNT_CHUNK_SIZE bytes and a index out of bounds will occur in s_max_off.
local
low complexity
linux CWE-125
7.1