QID 357301

dm_table_create in drivers/md/dm-table.c in the linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than int_max bytes, and crash, because of a missing check for struct dm_ioctl.target_count. (
( CVE-2023-52429) a flaw was found in the smb client in the linux kernel.
A potential out-of-bounds error was seen in the smb2_parse_contexts() function.
Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). (
This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. (
( CVE-2024-0340) a vulnerability was reported in the open vswitch sub-component in the linux kernel.
The flaw occurs when a recursive operation of code push recursively calls into the code block.
The ovs module does not validate the stack depth, pushing too many frames and causing a stack overflow.
As a result, this can lead to a crash or other related issues. (
( CVE-2024-1151) in btrfs_get_root_ref in fs/btrfs/disk-io.c in the linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation. (
( CVE-2024-23850) copy_params in drivers/md/dm-ioctl.c in the linux kernel through 6.7.1 can attempt to allocate more than int_max bytes, and crash, because of a missing param_kernel->data_size check.
This is related to ctl_ioctl. (
( CVE-2024-26583)

Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.