Lucene search
K

93 matches found

osv
osv
added 2024/11/19 6:15 p.m.3 views

DEBIAN-CVE-2024-53086

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Drop VM dma-resv lock on xesyncinfenceget failure in exec IOCTL Upon failure all locks need to be dropped before returning to the user. cherry picked from commit 7d1a4258e602ffdce529f56686925034c1b3b095...

5.5CVSS5.7AI score0.00146EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/11/19 5:45 p.m.3 views

CVE-2024-53086 drm/xe: Drop VM dma-resv lock on xe_sync_in_fence_get failure in exec IOCTL

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Drop VM dma-resv lock on xesyncinfenceget failure in exec IOCTL Upon failure all locks need to be dropped before returning to the user. cherry picked from commit 7d1a4258e602ffdce529f56686925034c1b3b095...

7.6AI score0.00146EPSS
Exploits0References2
osv
osv
added 2024/11/08 6:15 a.m.10 views

UBUNTU-CVE-2024-50210

In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pcclocksettime If getclockdesc succeeds, it calls fget for the clockid's fd, and get the clk-rwsem read lock, so the error path should release the lock to make the lock balance...

5.5CVSS6.6AI score0.00171EPSS
Exploits0References17
susecve
susecve
added 2024/10/24 3:18 a.m.7 views

SUSE CVE-2024-49965

In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove unreasonable unlock in ocfs2readblocks Patch series "Misc fixes for ocfs2readblocks", v5. This series contains 2 fixes for ocfs2readblocks. The first patch fix the issue reported by syzbot, which detects bad unlock...

5.5CVSS6.3AI score0.00189EPSS
Exploits0References20
susecve
susecve
added 2024/10/22 2:49 a.m.3 views

SUSE CVE-2024-50060

In the Linux kernel, the following vulnerability has been resolved: iouring: check if we need to reschedule during overflow flush In terms of normal application usage, this list will always be empty. And if an application does overflow a bit, it'll have a few entries. However, nothing obviously...

3.3CVSS6.8AI score0.00219EPSS
Exploits0References16
osv
osv
added 2024/10/21 12:15 p.m.1 views

UBUNTU-CVE-2024-47676

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway Syzbot reports a UAF in hugetlbfault. This happens because vmfanonprepare could drop the per-VMA lock and allow the current VMA to be freed before hugetlbvmaunlockread is...

7.8CVSS6.6AI score0.00242EPSS
Exploits0References9
redhat
redhat
added 2024/08/08 4:53 a.m.11 views

kernel: isdn: mISDN: Fix sleeping function called from invalid context

In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card-isac.release function from an atomic context. Fix this by calling this function after releasing the lock. The following log reveals it:...

5.5CVSS6.8AI score0.00175EPSS
Exploits0References5
redhat
redhat
added 2024/08/08 4:44 a.m.3 views

kernel: isdn: mISDN: Fix sleeping function called from invalid context

In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card-isac.release function from an atomic context. Fix this by calling this function after releasing the lock. The following log reveals it:...

5.5CVSS6.8AI score0.00175EPSS
Exploits0References5
osv
osv
added 2024/07/18 2:15 p.m.3 views

ALPINE-CVE-2024-31143

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

7.5CVSS6.8AI score0.00507EPSS
Exploits0References1
osv
osv
added 2024/07/18 2:15 p.m.15 views

UBUNTU-CVE-2024-31143

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

7.5CVSS7.1AI score0.00507EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/07/18 1:31 p.m.19 views

CVE-2024-31143 double unlock in x86 guest IRQ handling

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

6.5AI score0.00507EPSS
Exploits0References1
nessus
nessus
added 2024/07/18 12:0 a.m.29 views

Xen: double unlock in x86 guest IRQ handling (XSA-458)

An optional feature of PCI MSI called 'Multiple Message' allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

7.5CVSS7.4AI score0.00507EPSS
Exploits0References2
susecve
susecve
added 2024/07/17 3:42 a.m.5 views

SUSE CVE-2024-31143

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

7.5CVSS6.8AI score0.00507EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2024/07/16 12:0 a.m.4 views

PT-2024-23794

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns an optional feature of PCI MSI called "Multiple Message" that allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these...

7.5CVSS8AI score0.17444EPSS
Exploits0References128
osv
osv
added 2024/05/22 7:15 a.m.3 views

DEBIAN-CVE-2021-47437

In the Linux kernel, the following vulnerability has been resolved: iio: adis16475: fix deadlock on frequency set With commit 39c024b51b560 "iio: adis16475: improve sync scale mode handling", two deadlocks were introduced: 1 The call to 'adiswritereg16' was not changed to it's unlocked version. 2...

5.5CVSS5.4AI score0.00149EPSS
Exploits0References1
osv
osv
added 2024/05/22 7:15 a.m.6 views

UBUNTU-CVE-2021-47468

In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card-isac.release function from an atomic context. Fix this by calling this function after releasing the lock. The following log reveals it:...

5.5CVSS6.2AI score0.00175EPSS
Exploits0References11
redhat
redhat
added 2023/11/13 8:57 a.m.10 views

mariadb: compress_write() fails to release mutex on failure

In MariaDB before 10.9.2, compresswrite in extra/mariabackup/dscompress.cc does not release datamutex upon a stream write failure, which allows local users to trigger a deadlock...

5.5CVSS7.4AI score0.00236EPSS
Exploits0References4
cnnvd
cnnvd
added 2023/04/19 12:0 a.m.6 views

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from Google. A code execution vulnerability exists in Google Android, which stems from a mix-up in the OnWakelockReleased instruction responsible for freeing memory in the attributeprocessor.cc component, and can be exploited by an...

9.8CVSS8AI score0.00467EPSS
Exploits0References2
osv
osv
added 2022/05/25 9:15 p.m.1 views

DEBIAN-CVE-2022-31621

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dsxbstream.cc, when an error occurs streamctxt-destfile == NULL while executing the method xbstreamopen, the held lock is not released correctly, which allows local users to trigger a denial of service due to the...

5.5CVSS6.9AI score0.00213EPSS
Exploits0References1
debiancve
debiancve
added 2022/05/25 8:36 p.m.39 views

CVE-2022-31624

MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/serveraudit/serveraudit.c method logstatementex, the held lock lockbigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock...

5.5CVSS7.5AI score0.00207EPSS
Exploits0
Rows per page
Query Builder