Linux Kernel is vulnerable to a denial of service, caused by a loophole flaw in the usb_giveback_urb function in the USB Host Controller Driver framework. By using a specially crafted USB device, a physical attacker could exploit this vulnerability to cause an infinite loop, and results in a denial of service condition.
Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the nft_pipapo_remove function in the netfilter. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges or cause the system to crash.
Upgrade to the latest version of Linux Kernel, available from the Linux Kernel Website.