Lucene search
K

6096 matches found

NVD
NVD
added 2024/12/03 6:15 p.m.22 views

CVE-2024-52545

An unauthenticated attacker can perform an out of bounds heap read in the IQ Service TCP port 9876. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...

6.5CVSS0.00719EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2024/12/02 3:26 p.m.20 views

CVE-2024-53109

In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vmaiterprealloc When deleting a vma entry from a maple tree, it has to pass NULL to vmaiterprealloc in order to calculate internal state of the tree, but it passed a wrong argument. As a result, nommu...

5.5CVSS6.7AI score0.00233EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/12/02 3:26 p.m.27 views

CVE-2024-53105

In the Linux kernel, the following vulnerability has been resolved: mm: pagealloc: move mlocked flag clearance into freepagesprepare Syzbot reported a bad page state problem caused by a page being freed using freepage still having a mlocked flag at freepagesprepare stage: BUG: Bad page state in...

5.5CVSS6.8AI score0.00233EPSS
Exploits0References4
NVD
NVD
added 2024/12/02 2:15 p.m.10 views

CVE-2024-53113

In the Linux kernel, the following vulnerability has been resolved: mm: fix NULL pointer dereference in allocpagesbulknoprof We triggered a NULL pointer dereference for ac.preferredzoneref-zone in allocpagesbulknoprof when the task is migrated between cpusets. When cpuset is enabled, in...

5.5CVSS0.00248EPSS
Exploits0References6
NVD
NVD
added 2024/12/02 2:15 p.m.11 views

CVE-2024-53115

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: avoid nullptrderef in vmwframebuffersurfacecreatehandle The 'vmwuserobjectbuffer' function may return NULL with incorrect inputs. To avoid possible null pointer dereference, add a check whether the 'bo' is NULL in the...

5.5CVSS0.002EPSS
Exploits0References2
NVD
NVD
added 2024/12/02 2:15 p.m.22 views

CVE-2024-53121

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletion function to NULL and unlock the FTE. - Lock...

5.5CVSS0.00198EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/12/02 1:44 p.m.22 views

CVE-2024-53121 net/mlx5: fs, lock FTE when checking if active

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletion function to NULL and unlock the FTE. - Lock...

0.00198EPSS
Exploits0References7
CVE
CVE
added 2024/12/02 1:44 p.m.187 views

CVE-2024-53120

CVE-2024-53120 relates to the Linux kernel mlx5 core offload path. The vulnerability occurs in net/mlx5e when offloading CT rules: in mlx5_tc_ct_entry_add_rule(), if ct_rule_add() returns an error, zone_rule->attr is used uninitialized, causing a NULL pointer dereference (kernel OOPS). The fix...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2024/12/02 1:44 p.m.15 views

CVE-2024-53118 vsock: Fix sk_error_queue memory leak

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix skerrorqueue memory leak Kernel queues MSGZEROCOPY completion notifications on the error queue. Where they remain, until explicitly recved. To prevent memory leaks, clean up the queue when the socket is destroyed...

0.00203EPSS
Exploits0References2
CVE
CVE
added 2024/12/02 1:44 p.m.164 views

CVE-2024-53117

CVE-2024-53117 (Linux kernel) : The vulnerability affects virtio/vsock in the Linux kernel. The root cause was a missing kfree_skb() in error handling for MSG_ZEROCOPY paths, which could cause memory leaks. The fix adds the missing kfree_skb() to prevent leaks when MSG_ZEROCOPY encounters errors....

5.5CVSS6.5AI score0.00203EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/12/02 1:44 p.m.123 views

CVE-2024-53115

Technical details for CVE-2024-53115 are not publicly disclosed in the provided connected documents. The initial description mentions a kernel fix for a null pointer dereference in vmw_framebuffer_surface_create_handle, but no product/version specifics or exploit info are given here. Monitor for ...

5.5CVSS6.5AI score0.002EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/12/02 1:44 p.m.15 views

CVE-2024-53115 drm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: avoid nullptrderef in vmwframebuffersurfacecreatehandle The 'vmwuserobjectbuffer' function may return NULL with incorrect inputs. To avoid possible null pointer dereference, add a check whether the 'bo' is NULL in the...

0.002EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/02 1:44 p.m.30 views

CVE-2024-53110 vp_vdpa: fix id_table array not null terminated error

In the Linux kernel, the following vulnerability has been resolved: vpvdpa: fix idtable array not null terminated error Allocate one extra virtiodeviceid as null terminator, otherwise vdpamgmtdevgetclasses may iterate multiple times and visit undefined memory...

0.00234EPSS
Exploits0References4
OSV
OSV
added 2024/12/02 1:44 p.m.5 views

CVE-2024-53105 mm: page_alloc: move mlocked flag clearance into free_pages_prepare()

In the Linux kernel, the following vulnerability has been resolved: mm: pagealloc: move mlocked flag clearance into freepagesprepare Syzbot reported a bad page state problem caused by a page being freed using freepage still having a mlocked flag at freepagesprepare stage: BUG: Bad page state in...

5.5CVSS6.1AI score0.00233EPSS
Exploits0References8
NVD
NVD
added 2024/12/02 8:15 a.m.12 views

CVE-2024-53103

In the Linux kernel, the following vulnerability has been resolved: hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk-trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by...

7.8CVSS0.00237EPSS
Exploits1References11
Debian CVE
Debian CVE
added 2024/12/02 7:29 a.m.9 views

CVE-2024-53104

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in...

7.8CVSS6.5AI score0.03301EPSS
Exploits1
CVE
CVE
added 2024/12/02 7:29 a.m.586 views

CVE-2024-53104

CVE-2024-53104 affects the Linux kernel USB Video Class (UVC) driver, specifically the uvc_parse_format logic which should skip frames of type UVC_VS_UNDEFINED. The fix prevents an out-of-bounds write in uvc_parse_streaming caused by mis-sized frame buffers, addressing an out-of-bounds write vuln...

7.8CVSS6.7AI score0.03301EPSS
In wildExploits1References12Affected Software1
Debian CVE
Debian CVE
added 2024/12/02 7:29 a.m.11 views

CVE-2024-53103

In the Linux kernel, the following vulnerability has been resolved: hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk-trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by...

7.8CVSS5.6AI score0.00237EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2024/11/29 6:53 p.m.9 views

CVE-2024-53983 Server-side request forgery in Backstage Scaffolder plugin

The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an...

5.4CVSS7.3AI score0.00368EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/11/29 6:20 a.m.12 views

CVE-2023-52922

In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcmprocshow BUG: KASAN: slab-use-after-free in bcmprocshow+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153-gc8746099c197 230 Hardwar...

5.5CVSS6.5AI score0.00286EPSS
Exploits0References4
Rows per page
Query Builder