Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redosRedosROS-20240813-04
HistoryAug 13, 2024 - 12:00 a.m.

ROS-20240813-04

2024-08-1300:00:00
redos.red-soft.ru
11
linux kernel
vulnerability
memory leak
race condition
memory boundary
input validation
exceptional condition
dos
confidentiality
integrity

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

JSON

Vulnerability of the phy->pending_skb() function in the st21nfca component of the Linux kernel is related to
memory leak during device check and remote memory allocation by phy->pending_skb function during device check.
device check. Exploitation of the vulnerability could allow an attacker to cause a denial of service

Vulnerability of smc_cdc_tx_handler() function in net/smc component of Linux operating system kernel is associated with
kernel errors caused by race condition in smc_sock. Exploitation of the vulnerability could allow an attacker to
cause a denial of service

Vulnerability of get_user_pages_unlocked() function in nitro_enclaves component of Linux kernel is related to kernel errors caused by a call to get_user_pages_unlocked() in smc_sock.
is related to the use of get_user_pages_unlocked() call to handle mmap statement. Exploitation
the vulnerability could allow an attacker to cause a denial of service

Vulnerability in mlx5e_tx_reporter_dump_sq() function in net/mlx5e component of Linux kernel
is related to writes outside the memory boundary. Exploitation of the vulnerability could allow an attacker to affect
confidentiality, integrity, and availability of the system

A vulnerability in the intel-sdw-acpi component of a Linux kernel is related to insufficient validation of input data.
of input data. Exploitation of the vulnerability could allow an attacker to affect the confidentiality and integrity of data.
data confidentiality and integrity

Vulnerability in the parisc component of the Linux kernel is related to improper handling of exceptional conditions.
exceptional conditions. Exploitation of the vulnerability could allow an attacker to affect the confidentiality and integrity of data.
data confidentiality and integrity

A vulnerability in the sctp_sock_dump() function of the sctp component of the Linux kernel is related to the
use of call_rcu to free memory. Exploitation of the vulnerability could allow an attacker to
cause a denial of service

Vulnerability of the list_head() function in the mtu3 component of the Linux kernel is related to
uninitialized list_head. Exploitation of the vulnerability could allow an attacker to cause a denial of service.
denial of service

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64kernel-lt< 6.1.94-1UNKNOWN

Related

redhatcve 8
ubuntucve 8
cve 8
cvelist 8
vulnrichment 8
nvd 8
prion 8
debiancve 8
nessus 35
openvas 26
osv 6
ubuntu 4
amazon 1
redhatcve
redhatcve
CVE-2021-46924
2024-02-28 03:33:46
CVE-2021-46927
2024-02-27 17:32:58
CVE-2021-46930
2024-02-27 17:02:36
ubuntucve
ubuntucve
CVE-2021-46928
2024-02-27 00:00:00
CVE-2021-46927
2024-02-27 00:00:00
CVE-2021-46924
2024-02-27 00:00:00
cve
cve
CVE-2021-46928
2024-02-27 10:15:07
CVE-2021-46931
2024-02-27 10:15:07
CVE-2021-46924
2024-02-27 10:15:07
cvelist
cvelist
CVE-2021-46924 NFC: st21nfca: Fix memory leak in device probe and remove
2024-02-27 09:43:54
CVE-2021-46928 parisc: Clear stale IIR value on instruction access rights trap
2024-02-27 09:43:57
CVE-2021-46926 ALSA: hda: intel-sdw-acpi: harden detection of controller
2024-02-27 09:43:56
vulnrichment
vulnrichment
CVE-2021-46927 nitro_enclaves: Use get_user_pages_unlocked() call to handle mmap assert
2024-02-27 09:43:56
CVE-2021-46930 usb: mtu3: fix list_head check warning
2024-02-27 09:43:58
CVE-2021-46929 sctp: use call_rcu to free endpoint
2024-02-27 09:43:58
nvd
nvd
CVE-2021-46931
2024-02-27 10:15:07
CVE-2021-46928
2024-02-27 10:15:07
CVE-2021-46925
2024-02-27 10:15:07
prion
prion
Spoofing
2024-02-27 10:15:00
Spoofing
2024-02-27 10:15:00
Spoofing
2024-02-27 10:15:00
debiancve
debiancve
CVE-2021-46927
2024-02-27 10:15:07
CVE-2021-46924
2024-02-27 10:15:07
CVE-2021-46925
2024-02-27 10:15:07
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-009)
2022-05-02 00:00:00
Ubuntu 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6973-2)
2024-08-23 00:00:00
Ubuntu 18.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-6973-4)
2024-09-02 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6973-4)
2024-09-03 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1320-1)
2024-04-19 00:00:00
Ubuntu: Security Advisory (USN-6973-2)
2024-08-26 00:00:00
osv
osv
linux-raspi-5.4 vulnerabilities
2024-09-02 18:35:41
linux-azure-5.4 vulnerabilities
2024-08-23 15:26:07
linux, linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-xilinx-zynqmp vulnerabilities
2024-08-21 19:27:38
ubuntu
ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
2024-09-02 00:00:00
Linux kernel vulnerabilities
2024-08-21 00:00:00
Linux kernel (Azure) vulnerabilities
2024-08-23 00:00:00
amazon
amazon
Important: kernel
2022-02-04 23:25:00

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

JSON
Related for ROS-20240813-04
redhatcve8ubuntucve8cve8cvelist8vulnrichment8nvd8prion8debiancve8nessus35openvas26osv6ubuntu4amazon1