Vulnerabilities > Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-21 CVE-2023-52913 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential context UAFs gem_context_register() makes the context visible to userspace, and which point a separate thread can trigger the I915_GEM_CONTEXT_DESTROY ioctl. So we need to ensure that nothing uses the ctx ptr after this.
local
low complexity
linux CWE-416
5.5
2024-08-21 CVE-2023-52914 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: io_uring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak.
local
low complexity
linux CWE-401
5.5
2024-08-21 CVE-2024-43871 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_release() instead of devres_destroy() within devm_free_percpu().
local
low complexity
linux CWE-401
5.5
2024-08-21 CVE-2024-43872 Improper Locking vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently.
local
low complexity
linux CWE-667
5.5
2024-08-21 CVE-2024-43874 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked Fix a null pointer dereference induced by DEBUG_TEST_DRIVER_REMOVE. Return from __sev_snp_shutdown_locked() if the psp_device or the sev_device structs are not initialized.
local
low complexity
linux CWE-476
5.5
2024-08-21 CVE-2024-43862 Improper Locking vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: net: wan: fsl_qmc_hdlc: Convert carrier_lock spinlock to a mutex The carrier_lock spinlock protects the carrier detection.
local
low complexity
linux CWE-667
5.5
2024-08-21 CVE-2024-43863 Improper Locking vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll->fence wait->fence unref deadlocks. vmwgfx overwrites the wait callback to iterate over the list of all fences and update their status, to do that it holds a lock to prevent the list modifcations from other threads.
local
low complexity
linux CWE-667
5.5
2024-08-21 CVE-2024-43866 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown.
local
high complexity
linux CWE-476
4.7
2024-08-20 CVE-2024-43861 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.
local
low complexity
linux CWE-401
5.5
2024-08-17 CVE-2024-43817 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again 1.
local
low complexity
linux
5.5