Vulnerabilities > Linux > Linux Kernel > 5.15.2

DATE CVE VULNERABILITY TITLE RISK
2024-11-07 CVE-2024-50154 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tcp_retransmit_synack.
local
high complexity
linux CWE-416
7.0
2024-11-07 CVE-2024-50156 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() If the allocation in msm_disp_state_dump_regs() failed then `block->state` can be NULL.
local
low complexity
linux CWE-476
5.5
2024-11-07 CVE-2024-50160 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/cs8409: Fix possible NULL dereference If snd_hda_gen_add_kctl fails to allocate memory and returns NULL, then NULL pointer dereference will occur in the next line. Since dolphin_fixups function is a hda_fixup function which is not supposed to return any errors, add simple check before dereference, ignore the fail. Found by Linux Verification Center (linuxtesting.org) with SVACE.
local
low complexity
linux CWE-476
5.5
2024-11-07 CVE-2024-50162 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect rxq contains a pointer to the device from where the redirect happened.
local
low complexity
linux
5.5
2024-11-07 CVE-2024-50163 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: bpf: Make sure internal and UAPI bpf_redirect flags don't overlap The bpf_redirect_info is shared between the SKB and XDP redirect paths, and the two paths use the same numeric flag values in the ri->flags field (specifically, BPF_F_BROADCAST == BPF_F_NEXTHOP).
local
low complexity
linux
5.5
2024-11-07 CVE-2024-50166 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fsl/fman: Fix refcount handling of fman-related devices In mac_probe() there are multiple calls to of_find_device_by_node(), fman_bind() and fman_port_bind() which takes references to of_dev->dev. Not all references taken by these calls are released later on error path in mac_probe() and in mac_remove() which lead to reference leaks. Add references release.
local
low complexity
linux
5.5
2024-11-07 CVE-2024-50167 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: be2net: fix potential memory leak in be_xmit() The be_xmit() returns NETDEV_TX_OK without freeing skb in case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it.
local
low complexity
linux CWE-401
5.5
2024-11-07 CVE-2024-50168 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: net/sun3_82586: fix potential memory leak in sun3_82586_send_packet() The sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skb in case of skb->len being too long, add dev_kfree_skb() to fix it.
local
low complexity
linux CWE-401
5.5
2024-11-07 CVE-2024-50171 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcm_sysport_xmit() The bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb in case of dma_map_single() fails, add dev_kfree_skb() to fix it.
local
low complexity
linux CWE-401
5.5
2024-11-05 CVE-2024-50098 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down There is a history of deadlock if reboot is performed at the beginning of booting.
local
low complexity
linux
5.5