High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
s390/cpum_sf: Handle CPU hotplug remove during sampling
CPU hotplug remove handling triggers the following function
call sequence:
CPUHP_AP_PERF_S390_SF_ONLINE --> s…
High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()
While receiving an MST up request message from one thread in
drm_dp_mst_handle_up_req(), the…
High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
spi: mpc52xx: Add cancel_work_sync before module remove
If we remove the module which will call mpc52xx_spi_remove
it will free 'ms' through spi_unregister_controller.
wh…
High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
block: avoid to reuse `hctx` not removed from cpuhp callback list
If the 'hctx' isn't removed from cpuhp callback list, we can't reuse it,
otherwise use-after-free may be…
High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
kunit: string-stream: Fix a UAF bug in kunit_init_suite()
In kunit_debugfs_create_suite(), if alloc_string_stream() fails in the
kunit_suite_for_each_test_case() loop, th…
Medium
CVSS: 4.4
UAF vulnerability in the device node access module
Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.
Medium
CVSS: 4.0
Parsing a JavaScript module as JSON could, under some circumstances, cause cross-compartment access, which may result in a use-after-free. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 1…
Medium
CVSS: 5.3
Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 1…
Medium
CVSS: 4.4
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free.
High
CVSS: 7.0
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2…
High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
The mapping VMA address is saved in VAS window struct when the
paste address is mapped. This VMA address is…
High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
ublk: detach gendisk from ublk device if add_disk() fails
Inside ublk_abort_requests(), gendisk is grabbed for aborting all
inflight requests. And ublk_abort_requests() i…
High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix use-after-free when COWing tree bock and tracing is enabled
When a COWing a tree block, at btrfs_cow_block(), and we have the
tracepoint trace_btrfs_cow_block(…
High
CVSS: 7.8
Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.
Medium
CVSS: 6.7
Memory corruption while processing frame command IOCTL calls.
Medium
CVSS: 6.7
Memory corruption while invoking IOCTL calls to unmap the DMA buffers.