Lucene search
K

6095 matches found

UbuntuCve
UbuntuCve
added 2024/03/01 10:15 p.m.29 views

CVE-2021-47076

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCALWRITE failures. This caused the following kernel panic if someone sent an atomic operation with an explicitly wrong lkey. leonro@...

5.5CVSS6.3AI score0.00228EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2024/03/01 9:15 p.m.25 views

CVE-2021-47081

In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: Fix a potential use after free in gaudimemsetdevicememory Our code analyzer reported a uaf. In gaudimemsetdevicememory, cb is get via hlcbkernelcreate with 2 refcount. If hlcsallocatejob failed, the execution ru...

7.8CVSS5.8AI score0.00231EPSS
Exploits0
CVE
CVE
added 2024/03/01 9:15 p.m.106 views

CVE-2021-47077

CVE-2021-47077 affects the Linux kernel scsi qedf driver. The vulnerability stems from qedf_update_link_speed() dereferencing shost_data when it has not been initialised, causing a NULL pointer dereference and potentially an impact on availability. The fix adds a NULL pointer check before using s...

5.5CVSS6.2AI score0.00225EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/01 9:15 p.m.11 views

CVE-2021-47077 scsi: qedf: Add pointer checks in qedf_update_link_speed()

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add pointer checks in qedfupdatelinkspeed The following trace was observed: 14.042059 Call Trace: 14.042061 14.042068 qedflinkupdate+0x144/0x1f0 qedf 14.042117 qedlinkupdate+0x5c/0x80 qed 14.042135...

6.6AI score0.00225EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/03/01 9:15 p.m.20 views

CVE-2021-47078 RDMA/rxe: Clear all QP fields if creation failed

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Clear all QP fields if creation failed rxeqpdocleanup relies on valid pointer values in QP for the properly created ones, but in case rxeqpfrominit failed it was filled with garbage and caused tot the following error...

7.6AI score0.00265EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2024/03/01 9:15 p.m.13 views

CVE-2021-47077

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add pointer checks in qedfupdatelinkspeed The following trace was observed: 14.042059 Call Trace: 14.042061 14.042068 qedflinkupdate+0x144/0x1f0 qedf 14.042117 qedlinkupdate+0x5c/0x80 qed 14.042135...

5.5CVSS5.2AI score0.00225EPSS
Exploits0
Cvelist
Cvelist
added 2024/03/01 9:15 p.m.14 views

CVE-2021-47076 RDMA/rxe: Return CQE error if invalid lkey was supplied

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCALWRITE failures. This caused the following kernel panic if someone sent an atomic operation with an explicitly wrong lkey. leonro@...

7.3AI score0.00228EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/01 9:15 p.m.26 views

CVE-2021-47069 ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry

In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive calls wqsleep with a stack local address. The sender domqtimedsend uses this address to later call pipelinedsend. This leads to a very hard...

6.6AI score0.00258EPSS
Exploits0References3
NVD
NVD
added 2024/03/01 4:15 p.m.30 views

CVE-2024-27296

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 10.8.3, the exact Directus version number was being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known...

5.3CVSS5.6AI score0.0057EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/01 3:43 p.m.19 views

CVE-2024-27296 Directus version number disclosure

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 10.8.3, the exact Directus version number was being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known...

5.3CVSS5.6AI score0.0057EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/03/01 5:41 a.m.38 views

CVE-2023-52485

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before sending a command Why We can hang in place trying to send commands when the DMCUB isn't powered on. How For functions that execute within a DC context or DC lock we can wrap the direct calls to...

4.4CVSS7.2AI score0.00214EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/03/01 5:40 a.m.26 views

CVE-2021-47058

In the Linux kernel, the following vulnerability has been resolved: regmap: set debugfsname to NULL after it is freed There is a upstream commit cffa4b2122f5"regmap:debugfs: Fix a memory leak when calling regmapattachdev" that adds a if condition when create name for debugfsname. With below...

3.4CVSS6.5AI score0.00246EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/03/01 5:2 a.m.23 views

CVE-2021-47063

A use-after-free flaw was found in the Linux kernel. This may lead to a crash...

6.7CVSS7.3AI score0.00255EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/02/29 11:15 p.m.12 views

CVE-2021-47058

In the Linux kernel, the following vulnerability has been resolved: regmap: set debugfsname to NULL after it is freed There is a upstream commit cffa4b2122f5"regmap:debugfs: Fix a memory leak when calling regmapattachdev" that adds a if condition when create name for debugfsname. With below...

7.8CVSS6.4AI score0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/29 10:37 p.m.18 views

CVE-2021-47066 async_xor: increase src_offs when dropping destination page

In the Linux kernel, the following vulnerability has been resolved: asyncxor: increase srcoffs when dropping destination page Now we support sharing one page if PAGESIZE is not equal stripe size. To support this, it needs to support calculating xor value with different offsets for each r5dev. One...

6.8AI score0.00232EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/02/29 10:37 p.m.23 views

CVE-2021-47064 mt76: fix potential DMA mapping leak

In the Linux kernel, the following vulnerability has been resolved: mt76: fix potential DMA mapping leak With buf uninitialized in mt76dmatxqueueskbraw, its field skipunmap could potentially inherit a non-zero value from stack garbage. If this happens, it will cause DMA mappings for MCU command...

6.8AI score0.00768EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/02/29 10:37 p.m.22 views

CVE-2021-47062 KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use onlinevcpus, not createdvcpus, to iterate over vCPUs Use the kvmforeachvcpu helper to iterate over vCPUs when encrypting VMSAs for SEV, which effectively switches to use onlinevcpus instead of createdvcpus. This fix...

6.7AI score0.00222EPSS
Exploits0References3
CVE
CVE
added 2024/02/29 10:37 p.m.96 views

CVE-2021-47062

The CVE-2021-47062 vulnerability affects the Linux kernel KVM SVM path. The issue occurs when iterating vCPUs for SEV-encrypted VMSAs using created_vcpus, which does not guarantee a vCPU’s existence and can trigger a NULL pointer dereference. The documented fix switches to iterating with online_v...

5.5CVSS6.7AI score0.00222EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/02/29 10:37 p.m.49 views

CVE-2021-47056 crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - ADFSTATUSPFRUNNING should be set after adfdevinit ADFSTATUSPFRUNNING is only used and checked by adfvf2pfshutdown before calling adfiovputmsg-mutexlockvf2pflock, however the vf2pflock is initialized in adfdevinit,...

7.5AI score0.00226EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/02/29 10:37 p.m.14 views

CVE-2021-47054 bus: qcom: Put child node before return

In the Linux kernel, the following vulnerability has been resolved: bus: qcom: Put child node before return Put child node before return to fix potential reference count leak. Generally, the reference count of child is incremented and decremented automatically in the macro...

7.5AI score0.00238EPSS
Exploits0References8
Rows per page
Query Builder