Lucene search
K

6095 matches found

Debian CVE
Debian CVE
added 2024/12/24 11:28 a.m.19 views

CVE-2024-53155

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix uninitialized value in ocfs2filereaditer Syzbot has reported the following KMSAN splat: BUG: KMSAN: uninit-value in ocfs2filereaditer+0x9a4/0xf80 ocfs2filereaditer+0x9a4/0xf80 ioread+0x8d4/0x20f0 ioread+0x3e/0xf0...

7.1CVSS5.6AI score0.00232EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/12/24 11:28 a.m.8 views

CVE-2024-53153

In the Linux kernel, the following vulnerability has been resolved: PCI: qcom-ep: Move controller cleanups to qcompcieperstdeassert Currently, the endpoint cleanup function dwpcieepcleanup and EPF deinit notify function pciepcdeinitnotify are called during the execution of qcompcieperstassert i.e...

5.5CVSS6.3AI score0.0028EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/12/24 11:28 a.m.8 views

CVE-2024-53148

In the Linux kernel, the following vulnerability has been resolved: comedi: Flush partial mappings in error case If some remappfnrange calls succeeded before one failed, we still have buffer pages mapped into the userspace page tables when we drop the buffer reference with comedibufmapputbm. The...

5.5CVSS5.9AI score0.0022EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/12/24 11:28 a.m.24 views

CVE-2024-53146

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

5.5CVSS5.7AI score0.00225EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/12/17 8:5 a.m.8 views

Advisory ROSA-SA-2024-2544

software: tomcat 9.0.37 WASP: ROSA-CHROME packageevrstring: tomcat-9.0.37-6 CVE-ID: CVE-2020-13943 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: An HTTP/2 vulnerability in Apache Tomcat allows an attacker to access unwanted resources. CVE-STATUS: The vulnerability has been resolved CVE-REV: To close t...

7.5CVSS6.4AI score0.57286EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/12/17 8:5 a.m.13 views

Advisory ROSA-SA-2024-2543

software: trousers 0.3.14 WASP: ROSA-CHROME packageevrstring: trousers-0.3.14-5 CVE-ID: CVE-2020-24332 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in TrouSerS: Vulnerability to create system.data files when running the tcsd daemon with root privileges. CVE-STATUS: The vulnerability has...

5.5CVSS6.8AI score0.00553EPSS
Exploits1
Ivanti
Ivanti
added 2024/12/10 9:43 a.m.10 views

December 2024 Security Advisory Ivanti Workspace Control (IWC) (CVE-2024-8496)

Summary Ivanti has released updates for Workspace Control which addresses one high severity vulnerability. Successful exploitation could lead to local privilege escalation. We are not aware of any customers being exploited by this vulnerability at the time of disclosure. Vulnerability Details: CV...

7.8CVSS6.4AI score0.00206EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/12/06 3:52 p.m.17 views

CVE-2023-40547 affecting package shim-unsigned-x64 for versions less than 15.8-5

CVE-2023-40547 affecting package shim-unsigned-x64 for versions less than 15.8-5. An upgraded version of the package is available that resolves this issue...

8.3CVSS6.9AI score0.04852EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/12/05 5:14 a.m.13 views

CVE-2024-53140

In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - optional kicks off the dumping process - dump - actual dump helper, keeps...

5.5CVSS6.9AI score0.00235EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2024/12/05 5:13 a.m.19 views

CVE-2024-53133

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handle dml allocation failure to avoid crash Why In the case where a dml allocation fails for any reason, the current state's dml contexts would no longer be valid. Then subsequent calls dcstatecopyinternal would...

7.8CVSS6.8AI score0.00201EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/12/05 5:13 a.m.11 views

CVE-2024-53126

In the Linux kernel, the following vulnerability has been resolved: vdpa: solidrun: Fix UB bug with devres In psnetopenpfbar and snetopenvfbar a string later passed to pcimiomapregions is placed on the stack. Neither pcimiomapregions nor the functions it calls copy that string. Should the string...

7.8CVSS6.9AI score0.00214EPSS
Exploits0References4
NVD
NVD
added 2024/12/04 3:15 p.m.35 views

CVE-2024-53136

In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmemgetattr" Revert d949d1d14fa2 "mm: shmem: fix data-race in shmemgetattr" as suggested by Chuck 1. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just t...

4.7CVSS0.00168EPSS
Exploits0References10
OSV
OSV
added 2024/12/04 2:20 p.m.9 views

CVE-2024-53139 sctp: fix possible UAF in sctp_v6_available()

In the Linux kernel, the following vulnerability has been resolved: sctp: fix possible UAF in sctpv6available A lockdep report 1 with CONFIGPROVERCULIST=y hints that sctpv6available is calling devgetbyindexrcu and ipv6chkaddr without holding rcu. 1 ============================= WARNING: suspiciou...

7.8CVSS7AI score0.00214EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/12/04 2:20 p.m.18 views

CVE-2024-53138 net/mlx5e: kTLS, Fix incorrect page refcounting

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix incorrect page refcounting The kTLS tx handling code is using a mix of getpage and pagerefinc APIs to increment the page reference. But on the release path mlx5ektlstxhandleresyncdumpcomp, only putpage is use...

0.00217EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/12/04 2:20 p.m.12 views

CVE-2024-53136 mm: revert "mm: shmem: fix data-race in shmem_getattr()"

In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmemgetattr" Revert d949d1d14fa2 "mm: shmem: fix data-race in shmemgetattr" as suggested by Chuck 1. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just t...

0.00168EPSS
Exploits0References8
CVE
CVE
added 2024/12/04 2:20 p.m.172 views

CVE-2024-53136

CVE-2024-53136 relates to the Linux kernel mm/shmem issue: reverting a previous fix for data-race in shmem_getattr() that could deadlock when accessing tmpfs over NFS. Public details indicate the change targeted the shmem_getattr() path (mm: shmem) and mentions the deadlock scenario, with remedia...

4.7CVSS6.5AI score0.00168EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2024/12/04 2:20 p.m.19 views

CVE-2024-53127 Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K"

In the Linux kernel, the following vulnerability has been resolved: Revert "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" increased the maxreqsize, even for 4K pages, causing various issues: - Panic...

0.00223EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/12/04 2:11 p.m.23 views

CVE-2024-53125 bpf: sync_linked_regs() must preserve subreg_def

In the Linux kernel, the following vulnerability has been resolved: bpf: synclinkedregs must preserve subregdef Range propagation must not affect subregdef marks, otherwise the following example is rewritten by verifier incorrectly when BPFFTESTRNDHI32 flag is set: 0: call bpfktimegetns call...

0.00207EPSS
Exploits0References6
OSV
OSV
added 2024/12/04 12:0 a.m.6 views

OPENSUSE-SU-2024:14544-1 teleport-17.0.3-1.1 on GA media

These are all security issues fixed in the teleport-17.0.3-1.1 package on the GA media of openSUSE Tumbleweed...

6.5CVSS8.2AI score0.00608EPSS
Exploits0References2
NVD
NVD
added 2024/12/03 6:15 p.m.21 views

CVE-2024-52545

An unauthenticated attacker can perform an out of bounds heap read in the IQ Service TCP port 9876. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...

6.5CVSS0.00719EPSS
Exploits1References2
Rows per page
Query Builder