CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1712 matches found

OSV•added 2024/07/12 1:15 p.m.•0 views

UBUNTU-CVE-2024-39500

In the Linux kernel, the following vulnerability has been resolved: sockmap: avoid race between sockmapclose and skpsockput skpsockget will return NULL if the refcount of psock has gone to 0, which will happen when the last call of skpsockput is done. However, skpsockdrop may not have finished ye...

4.7CVSS6.2AI score0.00004EPSS

Exploits0References21

CVE•added 2024/07/12 12:24 p.m.•149 views

CVE-2024-40913

Technical details for CVE-2024-40913 are not provided in the supplied documents. Monitor for updates from vendors/advisories.

7.8CVSS6.4AI score0.00015EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2024/07/12 12:24 p.m.•12 views

CVE-2024-40913 cachefiles: defer exposing anon_fd until after copy_to_user() succeeds

In the Linux kernel, the following vulnerability has been resolved: cachefiles: defer exposing anonfd until after copytouser succeeds After installing the anonymous fd, we can now see it in userland and close it. However, at this point we may not have gotten the reference count of the cache, but ...

6.6AI score0.00015EPSS

Exploits0References4

Cvelist•added 2024/07/12 12:20 p.m.•17 views

CVE-2024-39500 sock_map: avoid race between sock_map_close and sk_psock_put

0.00004EPSS

Exploits0References5

CNNVD•added 2024/07/12 12:0 a.m.•1 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between sockmapclose and skpsockput in the sockmap component...

4.7CVSS8.2AI score0.00004EPSS

Exploits0References7

RedHat Linux•added 2024/07/10 12:18 a.m.•2 views

kernel: tls: race between tx work scheduling and socket close

A race condition vulnerability was found in the tls subsystem of the Linux kernel. The submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete, which could lead to undefined behavior and a denial of service...

4.7CVSS6.6AI score0.00034EPSS

Exploits0References5

RedHat Linux•added 2024/07/08 2:5 a.m.•1 views

kernel: tls: race between async notify and socket close

A race condition vulnerability was found in the tls subsystem of the Linux kernel. The submitting thread that calls recvmsg/sendmsg may exit as soon as the async crypto handler calls complete; any code past that point risks touching already freed data. This could lead to a use-after-free issue an...

4.7CVSS6.8AI score0.00025EPSS

Exploits0References5

RedHat Linux•added 2024/07/08 2:5 a.m.•3 views

kernel: tls: race between tx work scheduling and socket close

4.7CVSS6.6AI score0.00034EPSS

Exploits0References5

Tenable Nessus•added 2024/07/03 12:0 a.m.•28 views

CBL Mariner 2.0 Security Update: hyperv-daemons / kernel (CVE-2024-26583)

The version of hyperv-daemons / kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26583 advisory. - In the Linux kernel, the following vulnerability has been resolved: tls: fix race between...

4.7CVSS6.1AI score0.00025EPSS

Exploits0References2

RedHat Linux•added 2024/07/02 9:2 a.m.•1 views

kernel: tls: race between async notify and socket close

4.7CVSS6.8AI score0.00025EPSS

Exploits0References5

RedHat Linux•added 2024/07/02 9:2 a.m.•3 views

kernel: tls: race between tx work scheduling and socket close

4.7CVSS6.6AI score0.00034EPSS

Exploits0References5

Amazon•added 2024/06/12 12:0 a.m.•1 views

Important: kernel

Issue Overview: An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456 In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookuprec when...

7.8CVSS6.3AI score0.00092EPSS

Exploits0

RedHat Linux•added 2024/06/10 7:39 p.m.•3 views

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

4.3CVSS7.2AI score0.00872EPSS

Exploits1References6

SUSE CVE•added 2024/06/04 1:3 p.m.•1 views

SUSE CVE-2021-3659

A NULL pointer dereference flaw was found in the Linux kernel's IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability...

5.5CVSS6.1AI score0.00122EPSS

Exploits0References30

SUSE CVE•added 2024/06/01 2:23 a.m.•1 views

SUSE CVE-2024-36881

In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: reset ptes when close for wr-protected ones Userfaultfd unregister includes a step to remove wr-protect bits from all the relevant pgtable entries, but that only covered an explicit UFFDIOUNREGISTER ioctl, not a...

6.4AI score0.00015EPSS

Exploits0References10

OSV•added 2024/05/30 4:15 p.m.•2 views

DEBIAN-CVE-2024-36881

5.5CVSS5.6AI score0.00015EPSS

Exploits0References1