Lucene search
K

280 matches found

OSV
OSV
added 2024/12/27 3:15 p.m.0 views

DEBIAN-CVE-2024-56559

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: combine all TLB flush operations of KASAN shadow virtual address into one operation When compiling kernel source 'make -j $nproc' with the up-and-running KASAN-enabled kernel on a 256-core machine, the following soft...

5.5CVSS5.5AI score0.0014EPSS
Exploits0References1
OSV
OSV
added 2024/12/24 6:17 p.m.4 views

CLSA-2024-1735064231 Fix CVE(s): CVE-2024-11234

SECURITY UPDATE: Security vulnerability - debian/patches/CVE-2024-11234.patch: Fix stream HTTP fulluri CRLF injection issue - CVE-2024-11234...

7.2CVSS6.2AI score0.01132EPSS
Exploits1References1
OSV
OSV
added 2024/12/24 12:15 p.m.1 views

DEBIAN-CVE-2024-53158

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geniseclktblget This loop is supposed to break if the frequency returned from clkroundrate is the same as on the previous iteration. However, that check doesn't make sense on the first...

5.5CVSS5.5AI score0.00265EPSS
Exploits0References1
OSV
OSV
added 2024/12/19 9:18 p.m.4 views

CLSA-2024-1734643101 Fix CVE(s): CVE-2024-6923

SECURITY UPDATE: Improper newline quoting in email module header serialization - debian/patches/CVE-2024-6923.patch: Encode newlines in headers and verify headers to be sound - CVE-2024-6923...

5.5CVSS6.8AI score0.00737EPSS
Exploits0References1
OSV
OSV
added 2024/12/04 3:15 p.m.1 views

DEBIAN-CVE-2024-53131

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in blocktouchbuffer tracepoint Patch series "nilfs2: fix null-ptr-deref bugs on block tracepoints". This series fixes null pointer dereference bugs that occur when using nilfs2 and two block-related...

5.5CVSS5.9AI score0.00236EPSS
Exploits0References1
OSV
OSV
added 2024/12/02 2:15 p.m.1 views

DEBIAN-CVE-2024-53118

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix skerrorqueue memory leak Kernel queues MSGZEROCOPY completion notifications on the error queue. Where they remain, until explicitly recved. To prevent memory leaks, clean up the queue when the socket is destroyed...

5.5CVSS5.8AI score0.00203EPSS
Exploits0References1
OSV
OSV
added 2024/12/02 2:15 p.m.3 views

DEBIAN-CVE-2024-53114

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client A number of Zen4 client SoCs advertise the ability to use virtualized VMLOAD/VMSAVE, but using these instructions is reported to be a cause of a random host reboot. Thes...

5.5CVSS5.7AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 2024/11/26 4:5 p.m.6 views

CLSA-2024-1732637149 Fix CVE(s): CVE-2024-23672

SECURITY UPDATE: Denial of Service vulnerability - debian/patches/CVE-2024-23672.patch: refactor WebSocket close for suspend/resume to ensure WebSocket connection closure completes - CVE-2024-23672...

6.3CVSS6.8AI score0.02313EPSS
Exploits0References1
OSV
OSV
added 2024/11/25 5:18 p.m.7 views

CLSA-2024-1732555093 Fix CVE(s): CVE-2020-27767

SECURITY UPDATE: Undefined behavior due to values outside range in quantum.h - debian/patches/CVE-2020-27767.patch: Fix quantum.h to include float.h to handle min and max values for Quantum type - debian/patches/CVE-2020-27767-1.patch: Fix ClampToQuantum function to handle negative values correct...

4.3CVSS7AI score0.01124EPSS
Exploits1References1
OSV
OSV
added 2024/11/19 6:15 p.m.1 views

DEBIAN-CVE-2024-53051

In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intelhdcpgetcapability Sometimes during hotplug scenario or suspend/resume scenario encoder is not always initialized when intelhdcpgetcapability add a check to avoid kernel null pointer...

5.5CVSS5.6AI score0.00204EPSS
Exploits0References1
OSV
OSV
added 2024/11/14 3:52 p.m.5 views

CLSA-2024-1731599555 Fix CVE(s): CVE-2023-25815

SECURITY UPDATE: gettext machinery might get auto-initialized using an unintended locale directory - debian/patches/CVE-2023-25815.patch: avoid using gettext if the locale dir is not present - CVE-2023-25815...

3.3CVSS6.8AI score0.01055EPSS
Exploits0References1
OSV
OSV
added 2024/11/11 4:59 p.m.5 views

CLSA-2024-1731344359 Fix CVE(s): CVE-2020-27763

SECURITY UPDATE: Division by zero vulnerability - debian/patches/CVE-2020-27763.patch: Fix window function scaling in resize.c to avoid division on every filter call - CVE-2020-27763...

4.3CVSS6.8AI score0.00914EPSS
Exploits0References1
OSV
OSV
added 2024/11/11 4:38 p.m.9 views

CLSA-2024-1731343085 Fix CVE(s): CVE-2020-27772

SECURITY UPDATE: Integer overflow vulnerability in bmp.c - debian/patches/CVE-2020-27772.patch: fix integer overflow causing incorrect color primary values in BMP image encoding - CVE-2020-27772 - debian/patches/fix-cast-to-ssizet-always-resulting-in-zero.patch: Fix cast to ssizet always resultin...

4.3CVSS6.8AI score0.01124EPSS
Exploits1References1
OSV
OSV
added 2024/11/01 4:42 p.m.5 views

CLSA-2024-1730478623 Fix CVE(s): CVE-2023-7347, CVE-2024-7347

SECURITY UPDATE: mp4 module allows buffer underread and unordered chunks - debian/patches/CVE-2024-7347.patch: fix buffer underread while updating stsz atom and reject unordered chunks - CVE-2023-7347...

5.7CVSS6.8AI score0.0032EPSS
Exploits0References1
OSV
OSV
added 2024/10/22 8:10 p.m.4 views

CLSA-2024-1729627812 Fix CVE(s): CVE-2024-8927

SECURITY UPDATE: insecure configuration vulnerability - debian/patches/CVE-2024-8927.patch: fix bypass of cgi.forceredirect configuration - CVE-2024-8927...

7.5CVSS6.7AI score0.01077EPSS
Exploits1References1
OSV
OSV
added 2024/10/22 7:59 p.m.5 views

CLSA-2024-1729627193 Fix CVE(s): CVE-2023-27043

SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses and parseaddr functions - CVE-2023-27043...

5.3CVSS6.8AI score0.02507EPSS
Exploits1References1
OSV
OSV
added 2024/10/22 7:54 p.m.7 views

CLSA-2024-1729626893 Fix CVE(s): CVE-2024-8927

SECURITY UPDATE: security vulnerability in package - debian/patches/CVE-2024-8927.patch: Fix bypass of cgi.forceredirect configuration - CVE-2024-8927...

7.5CVSS7.3AI score0.01077EPSS
Exploits1References1
OSV
OSV
added 2024/10/22 8:15 a.m.1 views

DEBIAN-CVE-2023-52918

In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: check cx23885vdevinit return cx23885vdevinit can return a NULL pointer, but that pointer is used in the next line without a check. Add a NULL pointer check and go to the error unwind if it is NULL...

5.5CVSS5.7AI score0.00207EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 6:15 p.m.2 views

DEBIAN-CVE-2024-49947

In the Linux kernel, the following vulnerability has been resolved: net: test for not too small csumstart in virtionethdrtoskb syzbot was able to trigger this warning 1, after injecting a malicious packet through afpacket, setting skb-csumstart and thus the transport header to an incorrect value...

5.5CVSS5.7AI score0.00234EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 6:15 p.m.1 views

DEBIAN-CVE-2024-49935

In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exitroundrobin The kernel occasionally crashes in cpumaskclearcpu, which is called within exitroundrobin, because when executing clearbitnr, addr with nr set to 0xffffffff, the address calculation may caus...

5.5CVSS5.7AI score0.00247EPSS
Exploits0References1
Rows per page
Query Builder