Lucene search
K

1054 matches found

BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.4 views

The vulnerability of the sctp_sock_dump() function in the Linux operating system’s SCTP kernel component, which allows a hacker to cause a service failure

The vulnerability of the sctpsockdump function in the Linux operating system’s SCTP kernel component is related to the use of callrcu for memory release. Exploiting this vulnerability could allow an attacker to trigger a service failure...

5.5CVSS6.4AI score0.00248EPSS
Exploits0References23Affected Software2
OSV
OSV
added 2024/08/17 10:15 a.m.13 views

AZL-47947 CVE-2024-43853 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow An UAF can happen when /proc/cpuset is read as reported in 1. This can be reproduced by the following methods: 1.add an mdelay1000 before acquiring the cgrouplock In the cgrouppathns...

5.5CVSS6.3AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/17 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a possible post-release reuse of the cgroup/cpuset module when reading /proc/cpuset, and requires the use of...

5.5CVSS6.3AI score0.00223EPSS
Exploits0References6
Amazon
Amazon
added 2024/08/15 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bondoptionarpiptargetsset CVE-2024-39487 In the Linux kernel, the following vulnerability has been resolved: ima: Avoid blocking in RCU read-side critical section CVE-2024-40947 ...

7.8CVSS7AI score0.00299EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.5 views

kernel: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: acquire rcureadlock in instancedestroyrcu syzbot reported that nfreinject could be called without rcureadlock : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a 0 Not tainted...

5.5CVSS6.6AI score0.00265EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.5 views

kernel: tls: fix missing memory barrier in tls_init

In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...

5.5CVSS6.5AI score0.00253EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.8 views

kernel: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: acquire rcureadlock in instancedestroyrcu syzbot reported that nfreinject could be called without rcureadlock : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a 0 Not tainted...

5.5CVSS6.6AI score0.00265EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/08/08 2:20 a.m.3 views

SUSE CVE-2024-42250

In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine when iterating xarray, otherwise: Even with RCU read lock held, only the slot of the radix tree is ensured to be pinned there, while...

5.5CVSS7.6AI score0.00165EPSS
Exploits0References10
OSV
OSV
added 2024/08/07 4:15 p.m.1 views

UBUNTU-CVE-2024-42250

In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine when iterating xarray, otherwise: Even with RCU read lock held, only the slot of the radix tree is ensured to be pinned there, while...

5.5CVSS6.6AI score0.00165EPSS
Exploits0References17
RedHat Linux
RedHat Linux
added 2024/08/07 12:28 a.m.5 views

kernel: tls: fix missing memory barrier in tls_init

In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...

5.5CVSS6.5AI score0.00253EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/08/06 2:2 a.m.2 views

SUSE CVE-2024-41033

In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat is flushing stats, which can sleep, in its RCU read section see 1. This is done in the workingsettestrecent step which checks if the folio's eviction is...

5.5CVSS7.6AI score0.00288EPSS
Exploits0References3
OSV
OSV
added 2024/07/29 3:15 p.m.2 views

DEBIAN-CVE-2024-41033

In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat is flushing stats, which can sleep, in its RCU read section see 1. This is done in the workingsettestrecent step which checks if the folio's eviction is...

5.5CVSS5.3AI score0.00288EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/07/16 2:34 a.m.4 views

SUSE CVE-2024-40920

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in brmstsetstate I converted brmstsetstate to RCU to avoid a vlan use-after-free but forgot to change the vlan group dereference helper. Switch to vlan group RCU deref helper to fix the...

5.5CVSS6.5AI score0.00291EPSS
Exploits0References16
OSV
OSV
added 2024/07/12 1:15 p.m.1 views

DEBIAN-CVE-2024-40947

In the Linux kernel, the following vulnerability has been resolved: ima: Avoid blocking in RCU read-side critical section A panic happens in imamatchpolicy: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 PGD 42f873067 P4D 0 Oops: 0000 1 SMP NOPTI CPU: 5 PID: 1286325 Com...

5.5CVSS5.6AI score0.0025EPSS
Exploits0References1
OSV
OSV
added 2024/07/12 1:15 p.m.2 views

DEBIAN-CVE-2024-40921

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to brmstvlansetstate Pass the already obtained vlan group pointer to brmstvlansetstate instead of dereferencing it again. Each caller has already correctly dereferenced it for their...

5.5CVSS5.6AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2024/07/12 1:15 p.m.2 views

DEBIAN-CVE-2024-39503

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbage collection of the list:set type. The...

7CVSS6.1AI score0.00204EPSS
Exploits0References1
OSV
OSV
added 2024/07/12 1:15 p.m.1 views

UBUNTU-CVE-2024-40905

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible race in fib6droppcpufrom syzbot found a race in fib6droppcpufrom 1 If compiler reads more than once ppcpurt, second read could read NULL, if another cpu clears the value in rt6getpcpuroute. Add a READONCE to...

4.7CVSS6.6AI score0.0027EPSS
Exploits0References29
OSV
OSV
added 2024/07/12 1:15 p.m.2 views

UBUNTU-CVE-2024-40920

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in brmstsetstate I converted brmstsetstate to RCU to avoid a vlan use-after-free but forgot to change the vlan group dereference helper. Switch to vlan group RCU deref helper to fix the...

7.8CVSS6.6AI score0.00291EPSS
Exploits0References14
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.4 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from a questionable RCU usage in the net:bridge:mst component in the brmstsetstate function...

7.8CVSS8.2AI score0.00291EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.15 views

PT-2024-29225

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the bpf timer cancel and free function in the Linux kernel, where two timer callbacks trying to cancel each other can lead to a deadlock situation. This can be...

7.8CVSS5.5AI score0.00269EPSS
Exploits0
Rows per page
Query Builder