CVE-2024-39950

Technical details are not publicly available in the provided documents. No specific affected products, versions, root cause, or remediation are disclosed here. Monitor for updates from the vendor and security advisories.

CVE-2024-39950

A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization...

CVE-2024-39950

A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization...

CVE-2024-39946

CVE-2024-39946 affects Dahua Network Video Recorders (notably NVR4XXX family) where, after valid administrator credentials are obtained, an attacker can send a crafted data packet to a vulnerable interface to trigger device initialization. Public documents describe the vulnerability as resulting ...

CVE-2024-39946

A vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing device initialization...

PT-2024-28748 · Dahua · Dahua

Name of the Vulnerable Software and Affected Versions: Dahua products affected versions not specified Description: A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface wi...

PT-2024-28753 · Dahua · Dahua

Name of the Vulnerable Software and Affected Versions: Dahua products affected versions not specified Description: A vulnerability has been found in Dahua products, allowing attackers to send carefully crafted data packets to the vulnerable interface, which can initiate device initialization...

Dahua NVR 安全漏洞

Dahua NVR is a series of network video recorders from Dahua China. A security vulnerability exists in the Dahua NVR4XXX IPC-HX8XXX. An attacker can send a carefully constructed packet to the vulnerable interface to initiate device initialization...

Dahua NVR 安全漏洞

Dahua NVR is a series of network video recorders from Dahua China. A security vulnerability exists in the Dahua NVR4XXX. After obtaining the administrator username and password, an attacker can send a carefully constructed packet to the vulnerable interface, causing the device to initialize...

UBUNTU-CVE-2021-47258

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix error handling of scsihostalloc After device is initialized via deviceinitialize, or its name is set via devsetname, the device has to be freed via putdevice. Otherwise device name will be leaked because it is...

CVE-2021-47361

In the Linux kernel, the following vulnerability has been resolved: mcb: fix error handling in mcballocbus There are two bugs: 1 If idasimpleget fails then this code calls putdevicecarrier but we haven't yet called getdevicecarrier and probably that leads to a use after free. 2 After...

CVE-2024-26872

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport. This seems to be because an event handler is registered before the srpt devic...

DEBIAN-CVE-2024-26872

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport. This seems to be because an event handler is registered before the srpt devic...

UBUNTU-CVE-2024-26872

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport. This seems to be because an event handler is registered before the srpt devic...

CVE-2024-26872

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport. This seems to be because an event handler is registered before the srpt devic...

CVE-2024-26872 RDMA/srpt: Do not register event handler until srpt device is fully setup

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport. This seems to be because an event handler is registered before the srpt devic...

DEBIAN-CVE-2024-26833

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix memory leak in dmswfini After destroying dmubsrv, the memory associated with it is not freed, causing a memory leak: unreferenced object 0xffff896302b45800 size 1024: comm "udev-worker", pid 222, jiffies...

CVE-2024-26738 powerpc/pseries/iommu: DLPAR add doesn't completely initialize pci_controller

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: DLPAR add doesn't completely initialize pcicontroller When a PCI device is dynamically added, the kernel oopses with a NULL pointer dereference: BUG: Kernel NULL pointer dereference on read at 0x00000030...

kernel: smsusb: use-after-free caused by do_submit_urb()

A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition...

kernel: smsusb: use-after-free caused by do_submit_urb()

A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition...