CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1524 matches found

RedHat Linux•added 2024/11/12 9:11 a.m.•2 views

kernel: powerpc/pseries: Whitelist dtl slub object for copying to userspace

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu- results in a BUG when the config CONFIGHARDENEDUSERCOPY is enabled as shown below. kernel...

5.5CVSS6.6AI score0.00017EPSS

Exploits0References5

Cvelist•added 2024/11/08 5:54 a.m.•27 views

CVE-2024-50192 irqchip/gic-v4: Don't allow a VMOVP on a dying VPE

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE Kunkun Jiang reported that there is a small window of opportunity for userspace to force a change of affinity for a VPE while the VPE has already been unmapped, but the...

0.00022EPSS

Exploits0References6

RedHat Linux•added 2024/11/05 1:22 a.m.•2 views

kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbage collection of the list:set type. The...

7CVSS6.8AI score0.00009EPSS

Exploits0References5

Amazon•added 2024/10/31 12:0 a.m.•7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: Silence a warning in btftypeidsize CVE-2023-54247 In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to memcgroupidr CVE-2024-43892 In the Linux kernel, the...

7.8CVSS6.5AI score0.0003EPSS

Exploits4

Positive Technologies•added 2024/10/31 12:0 a.m.•4 views

PT-2024-35642

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises from the improper use of userspace irqchip in use in the Linux kernel, specifically in the KVM arm64 component. This leads to a WARN ON in kvm timer update irq. The...

5.5CVSS5.5AI score0.00009EPSS

Exploits0

SUSE CVE•added 2024/10/29 4:15 a.m.•1 views

SUSE CVE-2024-50080

In the Linux kernel, the following vulnerability has been resolved: ublk: don't allow user copy for unprivileged device UBLKFUSERCOPY requires userspace to call write on ublk char device for filling request buffer, and unprivileged device can't be trusted. So don't allow user copy for unprivilege...

5.5CVSS7.7AI score0.00029EPSS

Exploits0References15

SUSE CVE•added 2024/10/24 3:18 a.m.•1 views

SUSE CVE-2024-49975

In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "uprobes" vma xoladdvma maps the uninitialized page allocated by createxolarea into userspace. On some architectures x86 this memory is readable even without VMREAD, VMEXEC results in the same...

5.5CVSS6.2AI score0.00009EPSS

Exploits0References20

SUSE CVE•added 2024/10/22 2:22 p.m.•1 views

SUSE CVE-2022-48987

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2bttimings blanking fields in order to avoid integer overflows when userspace passes weird values. But that assumed that...

3.3CVSS6.5AI score0.00012EPSS

Exploits0References8

OSV•added 2024/10/22 1:34 p.m.•16 views

SUSE-SU-2024:3744-1 Security update for qemu

This update for qemu fixes the following issues: Security fixes: - CVE-2024-8354: Fixed assertion failure in usbepget bsc1230834 - CVE-2024-8612: Fixed information leak in virtio devices bsc1230915 Update version to 8.2.7: Security fixes: - CVE-2024-7409: Fixed denial of service via improper...

7.5CVSS6AI score0.01848EPSS

Exploits0References12

RedhatCVE•added 2024/10/22 7:38 a.m.•8 views

CVE-2022-48987

4.4CVSS6.9AI score0.00012EPSS

Exploits0References4

Debian•added 2024/10/22 5:55 a.m.•6 views

[SECURITY] [DLA 3930-1] libsepol security update

Debian LTS Advisory DLA-3930-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton October 22, 2024 https://wiki.debian.org/LTS Package : libsepol Version : 3.1-1+deb11u1 CVE ID : CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 Debian Bug : 990526 Multiple...

3.3CVSS6.9AI score0.00024EPSS

Exploits4

RedhatCVE•added 2024/10/21 11:7 p.m.•14 views

CVE-2024-49984

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be...

7.8CVSS7.2AI score0.00045EPSS

Exploits0References4

NVD•added 2024/10/21 8:15 p.m.•10 views

CVE-2022-48987

5.5CVSS0.00012EPSS

Exploits0References8

OSV•added 2024/10/21 8:15 p.m.•0 views

UBUNTU-CVE-2022-48987

5.5CVSS6.2AI score0.00012EPSS

Exploits0References11

CVE•added 2024/10/21 8:6 p.m.•104 views

CVE-2022-48987

CVE-2022-48987 affects the Linux kernel in media: v4l2-dv-timings.c. The issue was a misapplied blanking sanity check: when userspace supplies only a total blanking value, the total could be assigned to front porch, backporch, or sync fields, causing an overflow check to fail. The fix adds maximu...

5.5CVSS5.2AI score0.00012EPSS

Exploits0References8Affected Software1

OSV•added 2024/10/21 8:6 p.m.•11 views

CVE-2022-48987 media: v4l2-dv-timings.c: fix too strict blanking sanity checks

5.5CVSS6AI score0.00012EPSS

Exploits0References11