Vulnerabilities > Linux > Linux Kernel > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-26 CVE-2024-43909 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference for smu7 optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table.
local
low complexity
linux CWE-476
5.5
2024-08-26 CVE-2024-43910 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONST_PTR_TO_DYNPTR to a global function as an argument.
local
low complexity
linux CWE-787
5.5
2024-08-26 CVE-2024-43911 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, link_data/link_conf are dynamically allocated.
local
low complexity
linux CWE-476
5.5
2024-08-26 CVE-2024-43912 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: disallow setting special AP channel widths Setting the AP channel width is meant for use with the normal 20/40/...
local
low complexity
linux
5.5
2024-08-26 CVE-2024-43913 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: nvme: apple: fix device reference counting Drivers must call nvme_uninit_ctrl after a successful nvme_init_ctrl. Split the allocation side out to make the error handling boundary easier to navigate.
local
low complexity
linux CWE-401
5.5
2024-08-26 CVE-2024-43914 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow.
local
low complexity
linux
5.5
2024-08-26 CVE-2024-44931 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpio_ioctl() with an offset out of range. Offset is copied from user and then used as an array index to get the gpio descriptor without sanitization in gpio_device_get_desc(). This change ensures that the offset is sanitized by using array_index_nospec() to mitigate any possibility of speculative information leaks. This bug was discovered and resolved using Coverity Static Analysis Security Testing (SAST) by Synopsys, Inc.
local
low complexity
linux
5.5
2024-08-26 CVE-2024-44933 Out-of-bounds Write vulnerability in Linux Kernel 6.10.4/6.11
In the Linux kernel, the following vulnerability has been resolved: bnxt_en : Fix memory out-of-bounds in bnxt_fill_hw_rss_tbl() A recent commit has modified the code in __bnxt_reserve_rings() to set the default RSS indirection table to default only when the number of RX rings is changing.
local
low complexity
linux CWE-787
5.5
2024-08-26 CVE-2024-44935 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseport_add_sock(). syzbot reported a null-ptr-deref while accessing sk2->sk_reuseport_cb in reuseport_add_sock().
local
low complexity
linux CWE-476
5.5
2024-08-26 CVE-2024-44936 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: power: supply: rt5033: Bring back i2c_set_clientdata Commit 3a93da231c12 ("power: supply: rt5033: Use devm_power_supply_register() helper") reworked the driver to use devm.
local
low complexity
linux
5.5