CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1304 matches found

CVE•added 2024/06/25 2:22 p.m.•121 views

CVE-2024-38661

CVE-2024-38661 is a Linux kernel vulnerability affecting the s390/ap subsystem. The issue stems from using signed int for internal bitmap-related variables in ap_parse_bitmap_str, allowing overflow during updates to /sys/bus/ap/apmask and related fields, which could trigger a kernel panic (panic_...

5.5CVSS7.1AI score0.00259EPSS

Exploits0References8Affected Software1

OSV•added 2024/06/18 9:56 p.m.•21 views

GHSA-X4GP-PQPJ-F43Q curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`

Timing variability of any kind is problematic when working with potentially secret values such as elliptic curve scalars, and such issues can potentially leak private keys and other secrets. Such a problem was recently discovered in curve25519-dalek. The Scalar29::sub 32-bit and Scalar52::sub...

2.9CVSS6.2AI score0.00152EPSS

Exploits0References5

RedHat Linux•added 2024/06/05 10:5 a.m.•2 views

kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix OOB read If the index provided by the user is bigger than the mask size, we might do an out of bound read...

7.1CVSS6.8AI score0.00233EPSS

Exploits0References5

SUSE CVE•added 2024/06/01 2:23 a.m.•1 views

SUSE CVE-2024-36888

In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix selection of wakecpu in kickpool With cpupossiblemask=0-63 and cpuonlinemask=0-7 the following kernel oops was observed: smp: Bringing up secondary CPUs ... smp: Brought up 1 node, 8 CPUs Unable to handle kernel...

6.2CVSS6.5AI score0.00237EPSS

Exploits0References3

OSV•added 2024/05/30 4:15 p.m.•2 views

DEBIAN-CVE-2024-36888

6.2CVSS5.5AI score0.00237EPSS

Exploits0References1

OSV•added 2024/05/30 4:15 p.m.•3 views

UBUNTU-CVE-2024-36888

6.2CVSS6.5AI score0.00237EPSS

Exploits0References11

UbuntuCve•added 2024/05/30 4:15 p.m.•19 views

CVE-2024-36888

6.2CVSS6.3AI score0.00237EPSS

Exploits0References10

Positive Technologies•added 2024/05/30 12:0 a.m.•6 views

PT-2024-9025 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the workqueue component in the Linux kernel. It causes a crash when calling arch vcpu is preempted for an offline CPU. The issue arises due to the...

9.8CVSS6.6AI score0.01483EPSS

Exploits3References726

SUSE CVE•added 2024/05/29 2:36 a.m.•4 views

SUSE CVE-2023-52831

In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU If a system has isolated CPUs via the "isolcpus=" command line parameter, then an attempt to offline the last housekeeping CPU will result in a WARNON when rebuilding the...

5.5CVSS7.6AI score0.00242EPSS

Exploits0References13

SUSE CVE•added 2024/05/28 3:1 p.m.•1 views

SUSE CVE-2023-52740

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch The RFI and STF security mitigation options can flip the interruptexitnotreentrant static branch condition concurrently with the interrupt exit code...

5.5CVSS6.5AI score0.00179EPSS

Exploits0References8

RedHat Linux•added 2024/05/28 1:43 p.m.•2 views

rust-cargo: cargo does not respect the umask when extracting dependencies

A flaw was found in the rust-cargo package. Cargo, as bundled with the Rust compiler, did not respect the umask when extracting dependency tarballs and caching the extraction for future builds. If a dependency contained files with 0777 permissions, another local user could edit the cache of the...

7.9CVSS5.9AI score0.00763EPSS

Exploits0References5

SUSE CVE•added 2024/05/24 3:35 a.m.•1 views

SUSE CVE-2021-47368

In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinityhint irqsetaffinityhit stores a reference to the cpumaskt parameter in the irq descriptor, and that reference can be accessed later from irqaffinityhintprocshow. Since the cpumask...

5.8CVSS6.3AI score0.00936EPSS

Exploits0References11

SUSE CVE•added 2024/05/23 3:5 a.m.•3 views

SUSE CVE-2021-47263

In the Linux kernel, the following vulnerability has been resolved: gpio: wcd934x: Fix shift-out-of-bounds error bit-mask for pins 0 to 4 is BIT0 to BIT4 however we ended up with BITn - 1 which is not right, and this was caught by below usban check UBSAN: shift-out-of-bounds in...

5.5CVSS6.5AI score0.00225EPSS

Exploits0References5

OSV•added 2024/05/22 9:15 a.m.•1 views

UBUNTU-CVE-2021-47497

In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound UBSAN with byte size cells If a cell has 'nbits' equal to a multiple of BITSPERBYTE the logic p &= GENMASKcell-nbits%BITSPERBYTE - 1, 0; will become undefined behavior because nbits modulo BITSPERBYT...

7.8CVSS6.1AI score0.00221EPSS

Exploits0References11

NVD•added 2024/05/21 4:15 p.m.•16 views

CVE-2023-52831

5.5CVSS6.5AI score0.00242EPSS

Exploits0References4

OSV•added 2024/05/21 4:15 p.m.•4 views

UBUNTU-CVE-2023-52740

4.7CVSS6.6AI score0.00179EPSS

Exploits0References6

CVE•added 2024/05/21 3:31 p.m.•170 views

CVE-2023-52831

CVE-2023-52831 (Linux kernel) : The issue resides in cpu/hotplug logic when CPUs are isolated with isolcpus=. Offline-ing the last non-isolated (housekeeping) CPU can cause a WARN_ON in build_sched_domains and a subsequent panic due to an empty CPU mask in partition_sched_domains_locked(), leadin...

5.5CVSS6.7AI score0.00242EPSS

Exploits0References4Affected Software1

OSV•added 2024/05/21 3:15 p.m.•2 views

DEBIAN-CVE-2021-47368

8.1CVSS5.6AI score0.00936EPSS

Exploits0References1

OSV•added 2024/05/21 3:15 p.m.•1 views

DEBIAN-CVE-2021-47263

5.5CVSS5.3AI score0.00225EPSS

Exploits0References1