Vulnerabilities > Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-12 CVE-2023-52429 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
local
low complexity
linux fedoraproject CWE-754
5.5
2024-02-12 CVE-2024-25739 Improper Check for Unusual or Exceptional Conditions vulnerability in Linux Kernel
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
local
low complexity
linux CWE-754
5.5
2024-02-12 CVE-2024-25740 Memory Leak vulnerability in Linux Kernel
A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.
local
low complexity
linux CWE-401
5.5
2024-02-08 CVE-2024-1312 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function.
local
high complexity
linux fedoraproject CWE-416
4.7
2024-02-05 CVE-2024-22386 NULL Pointer Dereference vulnerability in Linux Kernel
A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function.
local
high complexity
linux CWE-476
4.7
2024-02-05 CVE-2024-23196 NULL Pointer Dereference vulnerability in Linux Kernel
A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function.
local
high complexity
linux CWE-476
4.7
2024-02-05 CVE-2024-24855 NULL Pointer Dereference vulnerability in Linux Kernel
A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function.
local
high complexity
linux CWE-476
4.7
2024-02-05 CVE-2024-24857 Integer Overflow or Wraparound vulnerability in Linux Kernel
A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function.
high complexity
linux CWE-190
6.8
2024-02-05 CVE-2024-24858 Race Condition vulnerability in Linux Kernel
A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function.
high complexity
linux CWE-362
5.3
2024-02-05 CVE-2024-24859 Race Condition vulnerability in Linux Kernel
A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function.
high complexity
linux CWE-362
4.8