Butt3Rflyh4Ck

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a null-pointer-dereference flaw in the `f2fs write end io()` function in the `fs/f2fs/data.c` module of the Linux kernel's f2fs file system. This flaw is caused by a race condition due to concurrent access to resources. Exploitation of this issue can allow a local privileged user to cause a denial of service problem. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux Kernel (affected versions not specified) **Description** The issue is related to a use-after-free flaw in the btrfs file system of the Linux Kernel, specifically in the `btrfs search slot` function in `fs/btrfs/ctree.c`. This flaw can be exploited to crash the system and potentially cause a kernel information leak, affecting the confidentiality, integrity, and availability of protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 5.18 through 6.0 **Description** A use-after-free flaw was found in the Linux kernel MCTP (Management Component Transport Protocol) functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on the system. The vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Linux kernel versions 5.18 through 6.0, update to version 6.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the MCTP functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A race condition exists in the Linux kernel's ALSA pcm oss component. The issue occurs in the `snd pcm oss sync()` function, which is called from the OSS PCM `SNDCTL DSP SYNC` ioctl. This function first calls `snd pcm oss make ready()`, then takes the `params lock` mutex. If the stream is set up again by another thread between these two operations, it can lead to inconsistency and potentially result in unexpected behavior, such as a NULL dereference of the OSS buffer. **Recommendations** To resolve this issue, apply the fix that covers the `snd pcm oss make ready()` call with the `snd pcm oss make ready locked()` variant within the same `params lock` mutex.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A race condition flaw was found in the Linux kernel sound subsystem due to improper locking, which could lead to a NULL pointer dereference while handling the `SNDCTL DSP SYNC` ioctl. This issue could allow a privileged local user, such as root or a member of the audio group, to crash the system, resulting in a denial of service condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel NILFS file system (affected versions not specified) **Description** The issue is related to a use after free flaw in the Linux kernel NILFS file system. This flaw can be triggered when a user causes the `security inode alloc` function to fail, followed by a call to the `nilfs mdt destroy` function. A local user could exploit this issue to crash the system or potentially escalate their privileges. The exploitation may also allow an attacker to access confidential data, compromise their integrity, and cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A flaw in the Linux kernel's UDF file system functionality has been found, related to an out of bounds memory write. This issue arises when a user triggers a file operation that invokes the `udf write fi()` function. A local user could exploit this flaw to crash the system or potentially execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 4.2-rc1 through 5.17-rc2 **Description** The issue is related to a null pointer dereference in the Linux kernel's UDF file system functionality. This can be triggered by a local user through the `udf file write iter` function with a malicious UDF image, potentially allowing an attacker to crash the system. **Recommendations** For Linux kernel versions 4.2-rc1 through 5.17-rc2, consider disabling the UDF file system functionality as a temporary workaround until a patch is available. Restrict access to the `udf file write iter` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux Kernel (affected versions not specified) **Description** A NULL pointer dereference flaw was found in the `btrfs rm device` function in `fs/btrfs/volumes.c` in the Linux Kernel. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability. Triggering the bug requires `CAP SYS ADMIN`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.12.10 **Description** The issue is related to a NULL pointer dereference in the net/nfc/llcp sock.c component of the Linux kernel. It can be exploited by local unprivileged users to cause a denial of service by making a getsockname call after a certain type of failure of a bind call, such as when LLCP SAP MAX is used as SAP. This can lead to a denial of service (NULL pointer dereference and BUG). **Recommendations** For Linux kernel versions prior to 5.12.10, update to version 5.12.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the `getsockname()` function and the `bind()` call in the net/nfc/llcp sock.c component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.12.0-rc4 **Description** An out-of-bounds memory access flaw was found in the f2fs module of the Linux kernel. This flaw is due to a bounds check failure, allowing a local attacker to access out-of-bounds memory. The exploitation of this issue can lead to a system crash or the leak of internal kernel information, with the highest threat being to system availability. **Recommendations** For versions prior to 5.12.0-rc4, update to version 5.12.0-rc4 or later to resolve the issue. As a temporary workaround, consider restricting access to the f2fs module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 5.10.12 **Description** The issue is related to a use-after-free in the `ndb queue rq` function in the Linux kernel, specifically in the `drivers/block/nbd.c` file. This could be triggered by local attackers with access to the nbd device via an I/O request at a certain point during device setup, potentially allowing them to execute arbitrary code. **Recommendations** For Linux kernel versions through 5.10.12, update to a version newer than 5.10.12 to resolve the issue. As a temporary workaround, consider restricting access to the nbd device to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux Kernel (affected versions not specified) **Description** A flaw was found in the JFS filesystem code, allowing a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this issue is to confidentiality, integrity, as well as system availability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.7-rc6 **Description** A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. **Recommendations** For Linux kernel versions prior to 5.7-rc6, update to a version that includes the fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to midi devices to minimize the risk of exploitation. Avoid using the `ioctl` command on midi devices until the issue is resolved.