Lucene search
K

2567 matches found

Cvelist
Cvelist
added 2024/08/17 9:24 a.m.28 views

CVE-2024-43856 dma: fix call order in dmam_free_coherent

In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent dmamfreecoherent frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devresdestroy to remove and free the data structure used to track the DMA allocation...

0.00398EPSS
Exploits0References8
OSV
OSV
added 2024/08/17 9:15 a.m.8 views

AZL-47962 CVE-2024-42302 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpchandler awaits readiness of the seconda...

7.8CVSS6.3AI score0.00228EPSS
Exploits0References1
OSV
OSV
added 2024/08/17 9:15 a.m.14 views

AZL-48048 CVE-2024-42302 affecting package kernel for versions less than 6.6.47.1-1

In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpchandler awaits readiness of the seconda...

7.8CVSS6.3AI score0.00228EPSS
Exploits0References1
OSV
OSV
added 2024/08/17 9:15 a.m.2 views

UBUNTU-CVE-2024-42302

In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpchandler awaits readiness of the seconda...

7.8CVSS6.2AI score0.00228EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2024/08/13 10:53 a.m.4 views

kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge

CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...

5.5CVSS7.3AI score0.00225EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.7 views

kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge

CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...

5.5CVSS7.3AI score0.00225EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.3 views

kernel: USB: core: Fix access violation during port device removal

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disablestore: usbhubtostructhub can return NULL if the hub that the port belongs to is concurrently removed, but...

9.1CVSS6.7AI score0.00923EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.3 views

kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge

CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...

5.5CVSS7.3AI score0.00225EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.5 views

The vulnerability of the netpoll_owner_active() function in the Linux operating system allows a hacker to compromise the accessibility of protected information.

The vulnerability of the netpollowneractive function in the net/core/netpoll.c module of the Linux kernel is related to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...

4.7CVSS6.4AI score0.0019EPSS
Exploits0References34Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.3 views

The vulnerability of the __dwc3_stop_active_transfer() function in the DesignWare USB3 driver for Linux operating systems allows a hacker to compromise the accessibility of protected information.

The vulnerability of the dwc3stopactivetransfer function in the drivers/usb/dwc3/gadget.c file of the DesignWare USB3 driver for the Linux operating system is related to concurrent access to resources race conditions. Exploiting this vulnerability could allow a attacker to compromise the...

4.6CVSS6.3AI score0.00212EPSS
Exploits0References21Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.4 views

The vulnerability of the register_winch_irq() function in the User-Mode Linux (UML) subsystem of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the registerwinchirq function in the arch/um/drivers/line.c file of the User-Mode Linux subsystem driver for the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow a...

5.5CVSS6.8AI score0.00233EPSS
Exploits0References25Affected Software4
Positive Technologies
Positive Technologies
added 2024/08/05 12:0 a.m.5 views

PT-2024-25079 · Qualcomm · Snapdragon +92

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time...

8.4CVSS6.8AI score0.00104EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/01 7:52 a.m.6 views

kernel: GSM multiplexing race condition leads to privilege escalation

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...

7CVSS6.9AI score0.00767EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/07/31 9:15 a.m.22 views

CVE-2024-41088

An infinite loop flaw was found in the MCP251xfd CAN driver in Linux Kernel that occurs when mcp251xfdstartxmit fails. Failure to transmit a message can lead to the driver halting message processing and getting stuck in an endless loop, particularly when multiple devices shared the same SPI...

5.5CVSS6.1AI score0.00227EPSS
Exploits0References4
OSV
OSV
added 2024/07/30 8:15 a.m.2 views

DEBIAN-CVE-2024-42152

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...

4.7CVSS5.4AI score0.00226EPSS
Exploits0References1
OSV
OSV
added 2024/07/30 8:15 a.m.2 views

DEBIAN-CVE-2024-42149

In the Linux kernel, the following vulnerability has been resolved: fs: don't misleadingly warn during thaw operations The block device may have been frozen before it was claimed by a filesystem. Concurrently another process might try to mount that frozen block device and has temporarily claimed...

5.5CVSS5.4AI score0.00183EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/30 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a possible concurrent list addition issue in the btrfs module when adding block groups to retry lists and unus...

5.5CVSS6.4AI score0.00242EPSS
Exploits0References6
OSV
OSV
added 2024/07/29 4:15 p.m.2 views

UBUNTU-CVE-2024-41088

In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfdstartxmit function fails, the driver stops processing messages, and the interrupt routine does not return, running indefinitely even after killing the running...

5.5CVSS6.3AI score0.00227EPSS
Exploits0References17
RedHat Linux
RedHat Linux
added 2024/07/25 7:26 p.m.4 views

undertow: url-encoded request path information can be broken on ajp-listener

A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processe...

7.5CVSS5.9AI score0.01702EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/07/16 9:24 p.m.14 views

CVE-2022-48822

In the Linux kernel, the following vulnerability has been resolved: usb: ffs: Fix use-after-free for epfile Consider a case where ffsfuncepsdisable is called from ffsfuncdisable as part of composition switch and at the same time ffsepfilerelease get called from userspace. ffsepfilerelease will fr...

4.4CVSS7AI score0.00272EPSS
Exploits0References4
Rows per page
Query Builder