Lucene search
K

6503 matches found

Positive Technologies
Positive Technologies
added 2024/06/24 12:0 a.m.8 views

PT-2024-29242

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the btrfs file system in the Linux kernel. When running btrfs/060 with the forced RST feature, it would crash due to an ASSERT inside scrub read endio. This happe...

5.5CVSS5.5AI score0.00197EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/06/22 3:40 a.m.2 views

SUSE CVE-2024-33619

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...

4.4CVSS6.2AI score0.00239EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2024/06/22 3:40 a.m.1 views

SUSE CVE-2024-34777

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: fix node id validation While validating node ids in mapbenchmarkioctl, nodepossible may be provided with invalid argument outside of 0,MAXNUMNODES-1 range leading to: BUG: KASAN: wild-memory-access in...

6.1CVSS6.4AI score0.00217EPSS
Exploits0References10
OSV
OSV
added 2024/06/21 12:15 p.m.7 views

AZL-42844 CVE-2024-39277 affecting package kernel for versions less than 5.15.162.2-1

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMANONODE correctly cpumaskofnode can be called for NUMANONODE inside domapbenchmark resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in...

7.8CVSS6.8AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2024/06/21 12:15 p.m.5 views

AZL-42842 CVE-2024-38662 affecting package kernel for versions less than 5.15.162.2-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...

4.7CVSS6.1AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2024/06/21 12:15 p.m.8 views

AZL-42847 CVE-2024-38662 affecting package kernel for versions less than 6.6.35.1-4

In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...

4.7CVSS6.1AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2024/06/21 12:15 p.m.2 views

DEBIAN-CVE-2024-38662

In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...

4.7CVSS5.3AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2024/06/21 12:15 p.m.7 views

AZL-42838 CVE-2024-39277 affecting package kernel for versions less than 6.6.35.1-4

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMANONODE correctly cpumaskofnode can be called for NUMANONODE inside domapbenchmark resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in...

7.8CVSS6.8AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2024/06/21 12:15 p.m.1 views

UBUNTU-CVE-2024-39277

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMANONODE correctly cpumaskofnode can be called for NUMANONODE inside domapbenchmark resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in...

7.8CVSS6.2AI score0.0022EPSS
Exploits0References21
OSV
OSV
added 2024/06/21 12:15 p.m.2 views

UBUNTU-CVE-2024-38662

In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...

4.7CVSS6.1AI score0.0022EPSS
Exploits0References21
Vulnrichment
Vulnrichment
added 2024/06/21 11:15 a.m.28 views

CVE-2024-38662 bpf: Allow delete from sockmap/sockhash only if update is allowed

In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...

6.9AI score0.0022EPSS
Exploits0References6
OSV
OSV
added 2024/06/21 11:15 a.m.1 views

DEBIAN-CVE-2024-33619

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...

5.5CVSS5AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2024/06/21 11:15 a.m.0 views

UBUNTU-CVE-2024-33619

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...

5.5CVSS5.8AI score0.00239EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2024/06/21 3:37 a.m.2 views

SUSE CVE-2022-48714

In the Linux kernel, the following vulnerability has been resolved: bpf: Use VMMAP instead of VMALLOC for ringbuf After commit 2fd3fb0be1d1 "kasan, vmalloc: unpoison VMALLOC pages after mapping", non-VMALLOC mappings will be marked as accessible in getvmareanode when KASAN is enabled. But now the...

2.3CVSS6.2AI score0.00238EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2024/06/21 3:6 a.m.8 views

SUSE CVE-2024-36974

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If one TCATAPRIOATTRPRIOMAP attribute has been provided, taprioparsemqprioopt must validate it, or userspace can inject arbitrary data to the kernel, the second time...

7.8CVSS6.3AI score0.00281EPSS
Exploits0References27
CNNVD
CNNVD
added 2024/06/21 12:0 a.m.2 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from the efi:libstub module releasing priv.runtimemap only on allocation...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References6
OSV
OSV
added 2024/06/20 11:15 a.m.1 views

UBUNTU-CVE-2022-48714

In the Linux kernel, the following vulnerability has been resolved: bpf: Use VMMAP instead of VMALLOC for ringbuf After commit 2fd3fb0be1d1 "kasan, vmalloc: unpoison VMALLOC pages after mapping", non-VMALLOC mappings will be marked as accessible in getvmareanode when KASAN is enabled. But now the...

7.1CVSS5.8AI score0.00238EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2024/06/19 1:56 p.m.23 views

CVE-2024-38610

In the Linux kernel, the following vulnerability has been resolved: drivers/virt/acrn: fix PFNMAP PTE checks in acrnvmrammap Patch series "mm: followpte improvements and acrn followpte fixes". Patch 1 fixes a bunch of issues I spotted in the acrn driver. It compiles, that's all I know. I'll...

7.8CVSS5.6AI score0.00213EPSS
Exploits0
NVD
NVD
added 2024/06/19 4:15 a.m.28 views

CVE-2024-4663

The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.4CVSS0.00378EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/19 3:12 a.m.34 views

CVE-2024-4663 OSM Map Widget for Elementor <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.4CVSS0.00378EPSS
Exploits0References3
Rows per page
Query Builder