Vulnerabilities > Linux > Linux Kernel > 4.4.38

DATE CVE VULNERABILITY TITLE RISK
2024-02-26 CVE-2019-25160 Out-of-bounds Read vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk().
local
low complexity
linux CWE-125
7.1
2024-02-26 CVE-2019-25162 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, added Fixes tag]
local
low complexity
linux CWE-416
7.8
2024-02-26 CVE-2020-36775 Improper Locking vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock Using f2fs_trylock_op() in f2fs_write_compressed_pages() to avoid potential deadlock like we did in f2fs_write_single_data_page().
local
low complexity
linux CWE-667
5.5
2024-02-26 CVE-2021-46906 Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix info leak in hid_submit_ctrl In hid_submit_ctrl(), the way of calculating the report length doesn't take into account that report->size can be zero.
local
low complexity
linux CWE-668
5.5
2024-02-26 CVE-2023-52474 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs where an iovec other than the tail iovec does not run up to the page boundary for the buffer pointed to by that iovec.a Here are the specific bugs: 1.
local
low complexity
linux
7.8
2024-02-26 CVE-2024-26606 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: binder: signal epoll threads of self-work In (e)poll mode, threads often depend on I/O events to determine when data is ready for consumption.
local
low complexity
linux
5.5
2024-02-26 CVE-2021-46904 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a double unregistration of the same device.
local
low complexity
linux CWE-476
5.5
2024-02-26 CVE-2021-46905 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistration") fixed the racy minor allocation reported by syzbot, but introduced an unconditional NULL-pointer dereference on every disconnect instead. Specifically, the serial device table must no longer be accessed after the minor has been released by hso_serial_tty_unregister().
local
low complexity
linux CWE-476
5.5
2024-02-26 CVE-2022-48626 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and using it instead of the pointer dereference.
local
low complexity
linux CWE-416
7.8
2024-02-26 CVE-2023-52469 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before.
local
low complexity
linux CWE-416
7.8