Lucene search
+L

73 matches found

OSV
OSV
added 2025/03/06 4:15 p.m.5 views

AZL-59136 CVE-2024-58063 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When initswvars fails, rtldeinitcore should not be called, specially now that it destroys the rtlwq workqueue...

5.5CVSS6.3AI score0.00192EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/01/29 10:19 p.m.8 views

fast-float2 has a segmentation fault due to lack of bound check

In this case, the "fastfloat2::common::AsciiStr::first" method within the "AsciiStr" struct uses the unsafe keyword to reading from memory without performing bounds checking. Specifically, it directly dereferences a pointer offset by "self.ptr". Because of the above reason, the method accesses...

7.4AI score
Exploits0References4Affected Software1
NVD
NVD
added 2025/01/06 5:15 p.m.15 views

CVE-2024-56765

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/vas: Add close callback in vasvmops struct The mapping VMA address is saved in VAS window struct when the paste address is mapped. This VMA address is used during migration to unmap the paste address if the window...

7.8CVSS0.00204EPSS
Exploits0References5
OSV
OSV
added 2025/01/06 4:20 p.m.9 views

CVE-2024-56765 powerpc/pseries/vas: Add close() callback in vas_vm_ops struct

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/vas: Add close callback in vasvmops struct The mapping VMA address is saved in VAS window struct when the paste address is mapped. This VMA address is used during migration to unmap the paste address if the window...

7.8CVSS5.7AI score0.00204EPSS
Exploits0References8
OSV
OSV
added 2024/12/27 3:6 p.m.8 views

CVE-2024-56665 bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog

In the Linux kernel, the following vulnerability has been resolved: bpf,perf: Fix invalid progarray access in perfeventdetachbpfprog Syzbot reported 1 crash that happens for following tracing scenario: - create tracepoint perf event with attr.inherit=1, attach it to the process and set bpf progra...

5.5CVSS6.2AI score0.00214EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the serial: sc16is7xx component accessing a special set of registers could result in an invalid FIFO access...

5.5CVSS6.5AI score0.00209EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/08/06 1:59 a.m.2 views

SUSE CVE-2024-42162

In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gvegetethtoolstats might make an invalid access on the...

5.5CVSS6.4AI score0.00195EPSS
Exploits0References16
CNNVD
CNNVD
added 2024/07/30 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to account for the possibility that the NIC may only send statistics for some queues when reading...

7CVSS8.1AI score0.00195EPSS
Exploits0References3
Amazon
Amazon
added 2024/06/12 12:0 a.m.7 views

Important: kernel

Issue Overview: An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456 In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookuprec when...

7.8CVSS6.3AI score0.00474EPSS
Exploits0
NVD
NVD
added 2024/02/26 4:27 p.m.20 views

CVE-2023-52468

In the Linux kernel, the following vulnerability has been resolved: class: fix use-after-free in classregister The lockclasskey is still registered and can be found in lockkeyshash hlist after subsysprivate is freed in error handler path.A task who iterate over the lockkeyshash later may cause...

7.8CVSS7.4AI score0.00275EPSS
Exploits0References3
Prion
Prion
added 2024/02/26 4:27 p.m.17 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: class: fix use-after-free in classregister The lockclasskey is still registered and can be found in lockkeyshash hlist after subsysprivate is freed in error handler path.A task who iterate over the lockkeyshash later may cause...

7.1AI score0.00275EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/02/26 12:0 a.m.19 views

CVE-2023-52468

In the Linux kernel, the following vulnerability has been resolved: class: fix use-after-free in classregister The lockclasskey is still registered and can be found in lockkeyshash hlist after subsysprivate is freed in error handler path.A task who iterate over the lockkeyshash later may cause...

7.8CVSS6AI score0.00275EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/02/25 8:16 a.m.13 views

CVE-2023-52468 class: fix use-after-free in class_register()

In the Linux kernel, the following vulnerability has been resolved: class: fix use-after-free in classregister The lockclasskey is still registered and can be found in lockkeyshash hlist after subsysprivate is freed in error handler path.A task who iterate over the lockkeyshash later may cause...

6.7AI score0.00275EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/02/25 8:16 a.m.21 views

CVE-2023-52468

In the Linux kernel, the following vulnerability has been resolved: class: fix use-after-free in classregister The lockclasskey is still registered and can be found in lockkeyshash hlist after subsysprivate is freed in error handler path.A task who iterate over the lockkeyshash later may cause...

7.8CVSS5.8AI score0.00275EPSS
Exploits0
CVE
CVE
added 2024/02/25 8:16 a.m.1165 views

CVE-2023-52468

The CVE-2023-52468 entry describes a Linux kernel use-after-free in class_register. The issue arises because lock_class_key remains registered in lock_keys_hash after subsys_private is freed in an error path, so a task iterating the hash later may trigger a use-after-free. The fix unregisters the...

7.8CVSS7.3AI score0.00275EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/02/25 8:16 a.m.30 views

CVE-2023-52468 class: fix use-after-free in class_register()

In the Linux kernel, the following vulnerability has been resolved: class: fix use-after-free in classregister The lockclasskey is still registered and can be found in lockkeyshash hlist after subsysprivate is freed in error handler path.A task who iterate over the lockkeyshash later may cause...

7.6AI score0.00275EPSS
Exploits0References3
OSV
OSV
added 2024/02/25 8:16 a.m.5 views

CVE-2023-52468 class: fix use-after-free in class_register()

In the Linux kernel, the following vulnerability has been resolved: class: fix use-after-free in classregister The lockclasskey is still registered and can be found in lockkeyshash hlist after subsysprivate is freed in error handler path.A task who iterate over the lockkeyshash later may cause...

7.8CVSS5.7AI score0.00275EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2023/10/30 5:56 a.m.31 views

CVE-2020-18770

An invalid memory access flaw was found in the mmapped.c file's zzipdiskentrytofileheader function in Zziplib. This issue could allow an attacker to entice a victim into opening a specially crafted file, leading to a denial of service...

5.5CVSS5.1AI score0.00317EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.2 views

SUSE CVE-2015-8790

The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access...

4.3CVSS4.6AI score0.01848EPSS
Exploits0References4
OSV
OSV
added 2021/08/25 8:50 p.m.40 views

GHSA-JRCF-4JP8-M28V miow invalidly assumes the memory layout of std::net::SocketAddr

The miow crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...

5.5CVSS5.3AI score0.00387EPSS
Exploits1References6
Rows per page
Query Builder