Vulnerabilities > Linux > Linux Kernel > 4.14.90

DATE CVE VULNERABILITY TITLE RISK
2024-02-12 CVE-2024-25744 Unspecified vulnerability in Linux Kernel
In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point.
local
low complexity
linux
8.8
2024-02-12 CVE-2023-52429 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
local
low complexity
linux fedoraproject CWE-754
5.5
2024-02-12 CVE-2024-25739 Improper Check for Unusual or Exceptional Conditions vulnerability in Linux Kernel
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
local
low complexity
linux CWE-754
5.5
2024-02-12 CVE-2024-25740 Memory Leak vulnerability in Linux Kernel
A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.
local
low complexity
linux CWE-401
5.5
2024-02-12 CVE-2024-25741 Unspecified vulnerability in Linux Kernel
printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact.
local
low complexity
linux
5.5
2024-02-11 CVE-2024-1151 Out-of-bounds Write vulnerability in multiple products
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel.
local
low complexity
debian redhat fedoraproject linux CWE-787
5.5
2024-02-05 CVE-2024-23196 NULL Pointer Dereference vulnerability in Linux Kernel
A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function.
local
high complexity
linux CWE-476
4.7
2024-02-05 CVE-2024-24860 NULL Pointer Dereference vulnerability in Linux Kernel
A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function.
high complexity
linux CWE-476
5.3
2024-01-31 CVE-2024-1086 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
7.8
2024-01-30 CVE-2024-0564 Resource Injection vulnerability in multiple products
A flaw was found in the Linux kernel's memory deduplication mechanism.
low complexity
linux redhat CWE-99
6.5