CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3432 matches found

RedHat Linux•added 2024/08/13 10:53 a.m.•3 views

kernel: Squashfs: check the inode number is not the invalid value of zero

A flaw was found in the squashfs module in the Linux kernel. A missing check of an inode number with an invalid value of zero can cause an out-of-bounds read and result in a denial of service...

7.1CVSS6.8AI score0.0028EPSS

Exploits0References5

RedHat Linux•added 2024/08/08 4:44 a.m.•2 views

kernel: ovl: fix warning in ovl_create_real()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

5.5CVSS6.4AI score0.00235EPSS

Exploits0References5

RedHat Linux•added 2024/08/08 4:44 a.m.•2 views

kernel: quota: Fix potential NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference Below race may cause NULL pointer dereference P1 P2 dquotfreeinode quotaoff dropdquotref removedquotref dquots = idquotinode dquots = idquotinode srcureadlock dquotscnt != NULL 1...

4.7CVSS6.7AI score0.00189EPSS

Exploits0References5

BDU FSTEC•added 2024/08/07 12:0 a.m.•1 views

The vulnerability of the `eventfs_find_events()` function in the file system of the Linux operating system’s kernel allows a attacker to cause a service failure.

The vulnerability of the eventfsfindevents function in the fs/tracefs/event inode.c file of the file system tracefs in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.4AI score0.00213EPSS

Exploits0References17Affected Software4

SUSE CVE•added 2024/08/06 2:1 a.m.•1 views

SUSE CVE-2024-41049

In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posixlockinode Light Hsieh reported a KASAN UAF warning in traceposixlockinode. The request pointer had been changed earlier to point to a lock entry that was added to the inode's list...

6.7CVSS6.4AI score0.00258EPSS

Exploits0References13

SUSE CVE•added 2024/08/06 2:1 a.m.•2 views

SUSE CVE-2024-41083

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix netfspagemkwrite to check folio-mapping is valid Fix netfspagemkwrite to check that folio-mapping is valid once it has taken the folio lock as filemappagemkwrite does. Without this, generic/247 occasionally oopses with...

5.5CVSS7.5AI score0.00196EPSS

Exploits0References3

SUSE CVE•added 2024/08/06 1:59 a.m.•9 views

SUSE CVE-2024-42104

In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem images causes a use-after-free of metadata file inodes, which trigger...

6.1CVSS6.4AI score0.0026EPSS

Exploits0References14

SUSE CVE•added 2024/08/06 1:59 a.m.•1 views

SUSE CVE-2024-42105

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix inode number range checks Patch series "nilfs2: fix potential issues related to reserved inodes". This series fixes one use-after-free issue reported by syzbot, caused by nilfs2's internal inode being exposed in the...

6.1CVSS6.9AI score0.0026EPSS

Exploits0References13

SUSE CVE•added 2024/08/06 1:59 a.m.•4 views

SUSE CVE-2024-42115

In the Linux kernel, the following vulnerability has been resolved: jffs2: Fix potential illegal address access in jffs2freeinode During the stress testing of the jffs2 file system,the following abnormal printouts were found: 2430.649000 Unable to handle kernel paging request at virtual address...

4.7CVSS6.4AI score0.0025EPSS

Exploits0References13

RedhatCVE•added 2024/07/31 9:18 a.m.•16 views

CVE-2024-42105

5.8CVSS8.4AI score0.0026EPSS

Exploits0References4

RedhatCVE•added 2024/07/31 9:18 a.m.•21 views

CVE-2024-42104

7.8CVSS8.1AI score0.0026EPSS

Exploits0References4

RedHat Linux•added 2024/07/31 12:54 a.m.•3 views

kernel: Squashfs: check the inode number is not the invalid value of zero

A flaw was found in the squashfs module in the Linux kernel. A missing check of an inode number with an invalid value of zero can cause an out-of-bounds read and result in a denial of service...

7.1CVSS6.8AI score0.0028EPSS

Exploits0References5

Positive Technologies•added 2024/07/31 12:0 a.m.•5 views

PT-2024-33774

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.10.0-rc7+ Description: The issue arises when the Linux kernel's btrfs filesystem is backed by a RAID stripe tree and readahead is performed on the relocation inode. This can lead to an ENOENT error due to...

5.5CVSS5.5AI score0.00201EPSS

Exploits0

BDU FSTEC•added 2024/07/31 12:0 a.m.•4 views

The vulnerability of the software for managing and optimizing Cisco Intelligent Node (iNode) networks stems from the use of a hard-crypted cryptographic key. This allows attackers to carry out “man-in-the-middle” attacks.

The vulnerability of Cisco Intelligent Node iNode management and optimization software is related to the use of a rigidly encrypted cryptographic key. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information by...

7.5CVSS5.5AI score0.00194EPSS

Exploits0References5Affected Software2