Vulnerabilities > Linux > Linux Kernel > 4.14.123

DATE CVE VULNERABILITY TITLE RISK
2024-11-14 CVE-2023-4134 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel.
local
low complexity
linux fedoraproject CWE-416
5.5
2024-11-09 CVE-2024-50217 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of block device file in __btrfs_free_extra_devids() Mounting btrfs from two images (which have the same one fsid and two different dev_uuids) in certain executing order may trigger an UAF for variable 'device->bdev_file' in __btrfs_free_extra_devids().
local
low complexity
linux CWE-416
7.8
2024-11-09 CVE-2024-50229 Improper Locking vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential deadlock with newly created symlinks Syzbot reported that page_symlink(), called by nilfs_symlink(), triggers memory reclamation involving the filesystem layer, which can result in circular lock dependencies among the reader/writer semaphore nilfs->ns_segctor_sem, s_writers percpu_rwsem (intwrite) and the fs_reclaim pseudo lock. This is because after commit 21fc61c73c39 ("don't put symlink bodies in pagecache into highmem"), the gfp flags of the page cache for symbolic links are overwritten to GFP_KERNEL via inode_nohighmem(). This is not a problem for symlinks read from the backing device, because the __GFP_FS flag is dropped after inode_nohighmem() is called.
local
low complexity
linux CWE-667
5.5
2024-11-09 CVE-2024-50230 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, __block_write_begin_int(), which is called to prepare block writes, may fail the BUG_ON check for accesses exceeding the folio/page size, triggering a kernel bug. This was found to be because the "checked" flag of a page/folio was not cleared when it was discarded by nilfs2's own routine, which causes the sanity check of directory entries to be skipped when the directory page/folio is reloaded.
local
low complexity
linux CWE-787
7.8
2024-11-09 CVE-2024-50233 Divide By Zero vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() In the ad9832_write_frequency() function, clk_get_rate() might return 0. This can lead to a division by zero when calling ad9832_calc_freqreg(). The check if (fout > (clk_get_rate(st->mclk) / 2)) does not protect against the case when fout is 0.
local
low complexity
linux CWE-369
5.5
2024-11-09 CVE-2024-50234 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlegacy: Clear stale interrupts before resuming device iwl4965 fails upon resume from hibernation on my laptop.
local
high complexity
linux CWE-367
7.0
2024-11-09 CVE-2024-50237 Use of Uninitialized Resource vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower Avoid potentially crashing in the driver because of uninitialized private data
local
low complexity
linux CWE-908
5.5
2024-11-09 CVE-2024-50242 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in ntfs_file_release
local
low complexity
linux
7.8
2024-11-09 CVE-2024-50243 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix general protection fault in run_is_mapped_full Fixed deleating of a non-resident attribute in ntfs_create_inode() rollback.
local
low complexity
linux
5.5
2024-11-09 CVE-2024-50244 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in ni_clear() Checking of NTFS_FLAGS_LOG_REPLAYING added to prevent access to uninitialized bitmap during replay process.
local
low complexity
linux
5.5