CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1683 matches found

RedHat Linux•added 2024/03/12 12:51 a.m.•0 views

kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction

A use-after-free flaw was found in the Linux kernel’s nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system due to a missing call to nftsetelemmarkbusy, causing double deactivation of the element...

7.8CVSS6.8AI score0.00218EPSS

Exploits0References6

OSV•added 2024/03/06 7:15 a.m.•0 views

UBUNTU-CVE-2023-52588

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to tag gcing flag on page during block migration It needs to add missing gcing flag on page during block migration, in order to garantee migrated data be persisted during checkpoint, otherwise out-of-order persistency...

7.1CVSS6.2AI score0.00251EPSS

Exploits0References22

SUSE CVE•added 2024/03/05 4:31 a.m.•1 views

SUSE CVE-2023-52581

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak when more than 255 elements expired When more than 255 elements expired we're supposed to switch to a new gc container structure. This never happens: u8 type will wrap before reaching the boundary...

5.5CVSS6.5AI score0.00257EPSS

Exploits0References16

Microsoft CVE•added 2024/03/04 8:0 a.m.•3 views

netfilter: nft_set_rbtree: skip end interval element from gc

...

7.8CVSS6.6AI score0.02224EPSS

Exploits1

OSV•added 2024/03/02 10:15 p.m.•1 views

DEBIAN-CVE-2023-52581

6.3CVSS5.5AI score0.00257EPSS

Exploits0References1

OSV•added 2024/03/02 10:15 p.m.•1 views

DEBIAN-CVE-2023-52566

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential use after free in nilfsgccachesubmitreaddata In nilfsgccachesubmitreaddata, brelsebh is called to drop the reference count of bh when the call to nilfsdattranslate fails. If the reference count hits 0 and it...

5.5CVSS5.5AI score0.00222EPSS

Exploits0References1

OSV•added 2024/03/02 10:15 p.m.•2 views

UBUNTU-CVE-2023-52581

6.3CVSS6.1AI score0.00257EPSS

Exploits0References3

SUSE CVE•added 2024/03/01 4:7 a.m.•7 views

SUSE CVE-2021-47004

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid touching checkpointed data in getvictim In CP disabling mode, there are two issues when using LFS or SSR | ATSSR mode to select victim: 1. LFS is set to find source section during GC, the victim should have no...

7.1CVSS6.5AI score0.00236EPSS

Exploits0References3

RedHat Linux•added 2024/02/28 12:48 p.m.•1 views

kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction

7.8CVSS6.8AI score0.00218EPSS

Exploits0References6

RedHat Linux•added 2024/02/28 12:36 p.m.•1 views

kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFTCHAIN object or NFTOBJECT object, allowing a local...

7.8CVSS7.1AI score0.00836EPSS

Exploits0References4

OSV•added 2024/02/28 9:15 a.m.•4 views

DEBIAN-CVE-2021-47004

7.1CVSS5.6AI score0.00236EPSS

Exploits0References1

OSV•added 2024/02/28 9:15 a.m.•4 views

UBUNTU-CVE-2021-47004

7.1CVSS5.7AI score0.00236EPSS

Exploits0References7

OSV•added 2024/02/20 1:15 p.m.•7 views

AZL-35475 CVE-2024-26581 affecting package hyperv-daemons for versions less than 6.6.22.1-2

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active...

7.8CVSS6.1AI score0.02224EPSS

Exploits1References1

OSV•added 2024/02/20 1:15 p.m.•2 views

DEBIAN-CVE-2023-52433

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path might walk over an alrea...

4.4CVSS5.3AI score0.00265EPSS

Exploits0References1

OSV•added 2024/02/20 1:15 p.m.•2 views

UBUNTU-CVE-2024-26581

7.8CVSS6.1AI score0.02224EPSS

Exploits1References14

OSV•added 2024/02/20 1:15 p.m.•1 views

UBUNTU-CVE-2023-52433

4.4CVSS5.8AI score0.00265EPSS

Exploits0References5

OSV•added 2024/02/20 12:52 p.m.•8 views

CVE-2024-26581 netfilter: nft_set_rbtree: skip end interval element from gc

7.8CVSS5.9AI score0.02224EPSS

Exploits1References12

CNNVD•added 2024/02/20 12:0 a.m.•1 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the netfilter module that could lead to the skipping of the synchronization GC for new elemen...

4.4CVSS8.1AI score0.00265EPSS

Exploits0References4

Tenable Nessus•added 2024/02/18 12:0 a.m.•40 views

GLSA-202402-14 : QtWebEngine: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-14 QtWebEngine: Multiple Vulnerabilities - Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...

9.6CVSS7.9AI score0.30339EPSS

Exploits4References30

Microsoft CVE•added 2024/01/30 8:0 a.m.•4 views

Kernel: gc's deletion of an skb races with unix_stream_read_generic() leading to uaf

...

7CVSS6.8AI score0.00224EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by