Multiple Linux Kernel Vulnerabilities

September 10, 2024

Severity

Medium

Analysis Summary

CVE-2024-43846 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a general protection fault. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-43856 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a flaw with call order in dmam_free_coherent. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-43867 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a refcount underflow when calling nouveau_bo_ref() on a nouveau_bo without initializing it. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-43817 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a missing check in virtio_net_hdr_to_skb(). By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-43902 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereferences flaw when passing variables to functions. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2022-48913 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in struct blk_trace. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-43880 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a object nesting flaw. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-43882 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a ToCToU flaw between perm check and set-uid/gid usage. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-42290 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a flaw in the handling of runtime power management. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-42287 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference when performing NPIV and FW reset. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-42304 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a flaw related to the first directory block is a hole. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-42280 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by an use-after-free in hfcmulti_tx(). A local authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-42285 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by use-after-free related to destroying CM IDs in service RDMA/iwcm. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-42316 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by divde-by-zero in vmpressure_calc_level(). A local authenticated attacker could exploit this vulnerability to cause a denial of service.

Impact