CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
Vulnerability of the phy->pending_skb() function in the st21nfca component of the Linux kernel is related to
memory leak during device check and remote memory allocation by phy->pending_skb function during device check.
device check. Exploitation of the vulnerability could allow an attacker to cause a denial of service
Vulnerability of smc_cdc_tx_handler() function in net/smc component of Linux operating system kernel is associated with
kernel errors caused by race condition in smc_sock. Exploitation of the vulnerability could allow an attacker to
cause a denial of service
Vulnerability of get_user_pages_unlocked() function in nitro_enclaves component of Linux kernel is related to kernel errors caused by a call to get_user_pages_unlocked() in smc_sock.
is related to the use of get_user_pages_unlocked() call to handle mmap statement. Exploitation
the vulnerability could allow an attacker to cause a denial of service
Vulnerability in mlx5e_tx_reporter_dump_sq() function in net/mlx5e component of Linux kernel
is related to writes outside the memory boundary. Exploitation of the vulnerability could allow an attacker to affect
confidentiality, integrity, and availability of the system
A vulnerability in the intel-sdw-acpi component of a Linux kernel is related to insufficient validation of input data.
of input data. Exploitation of the vulnerability could allow an attacker to affect the confidentiality and integrity of data.
data confidentiality and integrity
Vulnerability in the parisc component of the Linux kernel is related to improper handling of exceptional conditions.
exceptional conditions. Exploitation of the vulnerability could allow an attacker to affect the confidentiality and integrity of data.
data confidentiality and integrity
A vulnerability in the sctp_sock_dump() function of the sctp component of the Linux kernel is related to the
use of call_rcu to free memory. Exploitation of the vulnerability could allow an attacker to
cause a denial of service
Vulnerability of the list_head() function in the mtu3 component of the Linux kernel is related to
uninitialized list_head. Exploitation of the vulnerability could allow an attacker to cause a denial of service.
denial of service