Lucene search

K

GeForce, Workstation, Compute Security Vulnerabilities

cve
cve

CVE-2024-36286

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() syzbot reported that nf_reinject() could be called without rcu_read_lock() : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0...

6.5AI Score

EPSS

2024-06-21 11:15 AM
nvd
nvd

CVE-2024-36286

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() syzbot reported that nf_reinject() could be called without rcu_read_lock() : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0...

EPSS

2024-06-21 11:15 AM
cvelist
cvelist

CVE-2024-36286 netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() syzbot reported that nf_reinject() could be called without rcu_read_lock() : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0...

EPSS

2024-06-21 10:18 AM
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for google-cloud SDK (SUSE-SU-SUSE-RU-2024:1637-2)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2024:1637-2 advisory. - Add python311 cloud services packages and dependencies (jsc#PED-7987, jsc#PED-6697) - Bellow 5....

7.5CVSS

7.3AI Score

0.001EPSS

2024-06-21 12:00 AM
1
redhatcve
redhatcve

CVE-2022-48763

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace forces the vCPU out of SMM...

6.7AI Score

0.0004EPSS

2024-06-20 02:53 PM
3
redhatcve
redhatcve

CVE-2022-48726

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

7AI Score

0.0004EPSS

2024-06-20 01:52 PM
debiancve
debiancve

CVE-2022-48763

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace forces the vCPU out of...

6.4AI Score

0.0004EPSS

2024-06-20 12:15 PM
nvd
nvd

CVE-2022-48763

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace forces the vCPU out of SMM...

0.0004EPSS

2024-06-20 12:15 PM
3
cve
cve

CVE-2022-48763

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace forces the vCPU out of SMM...

6.2AI Score

0.0004EPSS

2024-06-20 12:15 PM
6
debiancve
debiancve

CVE-2022-48726

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

6.7AI Score

0.0004EPSS

2024-06-20 12:15 PM
cve
cve

CVE-2022-48726

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

6.6AI Score

0.0004EPSS

2024-06-20 12:15 PM
4
nvd
nvd

CVE-2022-48726

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

0.0004EPSS

2024-06-20 12:15 PM
redhatcve
redhatcve

CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6_dev_free() from sit_init_net() ipip6_dev_free is sit dev->priv_destructor, already called by register_netdevice() if something goes wrong. Alternative would be to make ipip6_dev_free() robust against...

7.1AI Score

0.0004EPSS

2024-06-20 11:27 AM
cvelist
cvelist

CVE-2022-48763 KVM: x86: Forcibly leave nested virt when SMM state is toggled

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace forces the vCPU out of SMM...

0.0004EPSS

2024-06-20 11:13 AM
2
vulnrichment
vulnrichment

CVE-2022-48763 KVM: x86: Forcibly leave nested virt when SMM state is toggled

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace forces the vCPU out of SMM...

6.6AI Score

0.0004EPSS

2024-06-20 11:13 AM
1
cvelist
cvelist

CVE-2022-48726 RDMA/ucma: Protect mc during concurrent multicast leaves

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

0.0004EPSS

2024-06-20 11:13 AM
qualysblog
qualysblog

Secure Your Containerized Environments with Qualys Containerized Scanner Appliance (QCSA)

IT has undergone a series of significant shifts over the years, from physical infrastructure to virtual, and how infrastructure was managed and maintained. This shift led IT through the digital transformation era, introducing various types of clouds and “As-a-Service” models. Although...

7AI Score

2024-06-20 11:06 AM
2
redhatcve
redhatcve

CVE-2021-47598

In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free:...

7.2AI Score

0.0004EPSS

2024-06-20 10:54 AM
redhatcve
redhatcve

CVE-2021-47597

In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of inet_sk_diag_fill()....

7.1AI Score

0.0004EPSS

2024-06-20 10:54 AM
redhatcve
redhatcve

CVE-2021-47594

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint the netlink PM treverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP matching...

7AI Score

0.0004EPSS

2024-06-20 10:53 AM
redhatcve
redhatcve

CVE-2024-36979

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward...

6.8AI Score

0.0004EPSS

2024-06-20 07:50 AM
ubuntucve
ubuntucve

CVE-2021-47598

In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free:...

7AI Score

0.0004EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2021-47597

In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of inet_sk_diag_fill()....

6.9AI Score

0.0004EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2024-36979

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward...

6.8AI Score

0.0004EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2022-48763

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace forces the vCPU out of SMM...

6.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2022-48726

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

7AI Score

0.0004EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2021-47594

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint the netlink PM treverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP matching...

6.8AI Score

0.0004EPSS

2024-06-20 12:00 AM
googleprojectzero
googleprojectzero

Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models

Posted by Sergei Glazunov and Mark Brand, Google Project Zero Introduction At Project Zero, we constantly seek to expand the scope and effectiveness of our vulnerability research. Though much of our work still relies on traditional methods like manual source code audits and reverse engineering,...

7.9AI Score

2024-06-20 12:00 AM
1
nvd
nvd

CVE-2021-47598

In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free:...

0.0004EPSS

2024-06-19 03:15 PM
debiancve
debiancve

CVE-2021-47598

In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: ...

7AI Score

0.0004EPSS

2024-06-19 03:15 PM
cve
cve

CVE-2021-47597

In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of inet_sk_diag_fill()....

6.5AI Score

0.0004EPSS

2024-06-19 03:15 PM
8
cve
cve

CVE-2021-47598

In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free:...

6.5AI Score

0.0004EPSS

2024-06-19 03:15 PM
8
nvd
nvd

CVE-2021-47597

In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of inet_sk_diag_fill()....

0.0004EPSS

2024-06-19 03:15 PM
debiancve
debiancve

CVE-2021-47597

In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of inet_sk_diag_fill()....

6.9AI Score

0.0004EPSS

2024-06-19 03:15 PM
debiancve
debiancve

CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6_dev_free() from sit_init_net() ipip6_dev_free is sit dev->priv_destructor, already called by register_netdevice() if something goes wrong. Alternative would be to make ipip6_dev_free() robust against...

7AI Score

0.0004EPSS

2024-06-19 03:15 PM
3
debiancve
debiancve

CVE-2021-47594

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint the netlink PM treverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP...

6.8AI Score

0.0004EPSS

2024-06-19 03:15 PM
nvd
nvd

CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6_dev_free() from sit_init_net() ipip6_dev_free is sit dev->priv_destructor, already called by register_netdevice() if something goes wrong. Alternative would be to make ipip6_dev_free() robust against...

0.0004EPSS

2024-06-19 03:15 PM
nvd
nvd

CVE-2021-47594

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint the netlink PM treverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP matching...

0.0004EPSS

2024-06-19 03:15 PM
cve
cve

CVE-2021-47594

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint the netlink PM treverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP matching...

6.3AI Score

0.0004EPSS

2024-06-19 03:15 PM
8
cve
cve

CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6_dev_free() from sit_init_net() ipip6_dev_free is sit dev->priv_destructor, already called by register_netdevice() if something goes wrong. Alternative would be to make ipip6_dev_free() robust against...

6.5AI Score

0.0004EPSS

2024-06-19 03:15 PM
9
hackread
hackread

Sophon and Aethir Partner to Bring Decentralized Compute to The ZK Community

Sophon and Aethir have announced the beginning of a strategic collaboration between the two networks, connecting the...

7.3AI Score

2024-06-19 03:10 PM
thn
thn

UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying

The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed...

9.8CVSS

8AI Score

0.321EPSS

2024-06-19 03:09 PM
27
qualysblog
qualysblog

TotalCloud Insights: Protect Your AWS Environment by Managing Access Keys Securely

Introduction With the average cost of a data breach coming in at $4.45M in 2023, safeguarding sensitive information and maintaining the security of cloud environments is more critical than ever. Instances of compromised access keys, not exclusive to AWS (Amazon Web Services) but prevalent across...

7.3AI Score

2024-06-19 03:02 PM
2
cvelist
cvelist

CVE-2021-47598 sch_cake: do not call cake_destroy() from cake_init()

In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free:...

0.0004EPSS

2024-06-19 02:53 PM
cvelist
cvelist

CVE-2021-47597 inet_diag: fix kernel-infoleak for UDP sockets

In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of inet_sk_diag_fill()....

0.0004EPSS

2024-06-19 02:53 PM
vulnrichment
vulnrichment

CVE-2021-47594 mptcp: never allow the PM to close a listener subflow

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint the netlink PM treverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP matching...

6.6AI Score

0.0004EPSS

2024-06-19 02:53 PM
cvelist
cvelist

CVE-2021-47594 mptcp: never allow the PM to close a listener subflow

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint the netlink PM treverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP matching...

0.0004EPSS

2024-06-19 02:53 PM
cvelist
cvelist

CVE-2021-47588 sit: do not call ipip6_dev_free() from sit_init_net()

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6_dev_free() from sit_init_net() ipip6_dev_free is sit dev->priv_destructor, already called by register_netdevice() if something goes wrong. Alternative would be to make ipip6_dev_free() robust against...

0.0004EPSS

2024-06-19 02:53 PM
1
debiancve
debiancve

CVE-2024-36979

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward...

6.9AI Score

0.0004EPSS

2024-06-19 02:15 PM
cve
cve

CVE-2024-36979

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward...

6.3AI Score

0.0004EPSS

2024-06-19 02:15 PM
8
Total number of security vulnerabilities21215