Lucene search
K

6634 matches found

SUSE CVE
SUSE CVE
added 2024/05/03 2:11 a.m.2 views

SUSE CVE-2023-52653

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gssimportv2context The ctx-mechused.data allocated by kmemdup is not freed in neither gssimportv2context nor it only caller gsskrb5importseccontext, which frees ctx on error. Thus, this patch reform the...

3.3CVSS6.2AI score0.00275EPSS
Exploits0References24
SUSE CVE
SUSE CVE
added 2024/05/03 2:9 a.m.2 views

SUSE CVE-2024-26990

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status Check kvmmmupageadneedwriteprotect when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU accounts for any...

5.5CVSS6.8AI score0.00224EPSS
Exploits0References10
OSV
OSV
added 2024/05/01 1:15 p.m.6 views

AZL-40298 CVE-2024-27078 affecting package hyperv-daemons for versions less than 6.6.29.1-1

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpgalloc In tpgalloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpgfree is...

5.5CVSS6.3AI score0.00291EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.5 views

kernel: Linux kernel: Information disclosure in VFIO Type1 module via uninitialized stack memory

A flaw was found in the Linux kernel's Virtual Function I/O VFIO Type1 module. This vulnerability allows a local user to expose uninitialized kernel stack memory to userspace, leading to information disclosure. The flaw occurs because a specific data structure, vfioiommutype1infocapmigration,...

5.8AI score0.0018EPSS
Exploits0References5
OSV
OSV
added 2024/04/28 1:15 p.m.1 views

DEBIAN-CVE-2022-48640

In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bondrrgenslaveid Fix a NULL dereference of the struct bonding.rrtxcounter member because if a bond is initially created with an initial mode != zero Round Robin the memory required for the counter is...

5.5CVSS5.2AI score0.00232EPSS
Exploits0References1
OSV
OSV
added 2024/04/28 1:15 p.m.2 views

UBUNTU-CVE-2022-48654

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix possible bogus match in nfosffind nfosffind incorrectly returns true on mismatch, this leads to copying uninitialized memory area in nftosf which can be used to leak stale kernel stack data to userspa...

5.5CVSS6AI score0.00238EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/04/23 3:49 a.m.10 views

CVE-2024-2760 Bkav Home v7816, build 2403161130 - Kernel Memory Leak

Bkav Home v7816, build 2403161130 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x222240 IOCTL code of the BkavSDFlt.sys driver...

5.5CVSS7AI score0.00208EPSS
Exploits0References2
OSV
OSV
added 2024/04/17 11:15 a.m.6 views

DEBIAN-CVE-2024-26894

In the Linux kernel, the following vulnerability has been resolved: ACPI: processoridle: Fix memory leak in acpiprocessorpowerexit After unregistering the CPU idle device, the memory associated with it is not freed, leading to a memory leak: unreferenced object 0xffff896282f6c000 size 1024: comm...

6CVSS5.7AI score0.00254EPSS
Exploits0References1
OSV
OSV
added 2024/04/17 11:15 a.m.12 views

AZL-40162 CVE-2024-26900 affecting package kernel for versions less than 5.15.159.1-1

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

5.5CVSS6.3AI score0.00287EPSS
Exploits0References1
OSV
OSV
added 2024/04/17 11:15 a.m.3 views

DEBIAN-CVE-2024-26863

In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsrgetnode KMSAN reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in hsrgetnode+0xa2e/0xa40 net/hsr/hsrframereg.c:2...

5.5CVSS5.5AI score0.00249EPSS
Exploits0References1
OSV
OSV
added 2024/04/17 11:15 a.m.1 views

DEBIAN-CVE-2024-26875

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix uaf in pvr2contextsetnotify Syzbot reported BUG: KASAN: slab-use-after-free in pvr2contextsetnotify+0x2c4/0x310 drivers/media/usb/pvrusb2/pvrusb2-context.c:35 Read of size 4 at addr ffff888113aeb0d8 by task...

6.4CVSS5.2AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 2024/04/17 11:15 a.m.1 views

UBUNTU-CVE-2024-26900

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

5.5CVSS6.2AI score0.00287EPSS
Exploits0References18
SUSE CVE
SUSE CVE
added 2024/04/11 2:31 a.m.2 views

SUSE CVE-2024-2201

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent FineIBT, and to leak arbitrary Linux kernel memory on Intel systems...

5.1CVSS7AI score0.08555EPSS
Exploits0References33
OSV
OSV
added 2024/04/09 12:0 a.m.4 views

UBUNTU-CVE-2024-2201

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent FineIBT, and to leak arbitrary Linux kernel memory on Intel systems...

4.7CVSS7AI score0.08555EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2024/04/08 12:0 a.m.159 views

RHEL 7 : kernel (RHSA-2024:1249)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1249 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: CVE-2024-26602, ? kernel: use-after-fr...

8.8CVSS7.4AI score0.28058EPSS
Exploits17References14
CNNVD
CNNVD
added 2024/04/05 12:0 a.m.4 views

Google Pixel 安全漏洞

Google Android is a free and open source mobile operating system developed by Google Inc. based on the Linux kernel. Google Android suffers from an out-of-bounds read vulnerability that originates from a missing boundary check in the tmugettemplut module of the tmu.c file, which can be exploited ...

5.5CVSS6.1AI score0.00085EPSS
Exploits0References3
OSV
OSV
added 2024/04/04 8:20 a.m.7 views

CVE-2024-26746 dmaengine: idxd: Ensure safe user copy of completion record

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...

5.5CVSS5.8AI score0.00225EPSS
Exploits0References6
OSV
OSV
added 2024/04/03 5:15 p.m.1 views

UBUNTU-CVE-2024-26760

In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fix bioput for error case As of commit 066ff571011d "block: turn biokmalloc into a simple kmalloc wrapper", a bio allocated by biokmalloc must be freed by biouninit and kfree. That is not done properly for th...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References7
Ubuntu
Ubuntu
added 2024/04/03 9:40 a.m.53 views

LSN-0102-1: Kernel Live Patch Security Notice

It was discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-1872 Lonial Con discovered that the...

7.8CVSS7.3AI score0.28058EPSS
Exploits16
OSV
OSV
added 2024/04/02 7:15 a.m.3 views

UBUNTU-CVE-2024-26670

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64WORKAROUNDSPECULATIVEUNPRIVLOAD Currently the ARM64WORKAROUNDSPECULATIVEUNPRIVLOAD workaround isn't quite right, as it is supposed to be applied after the last explicit memory access, but is immediately...

5.5CVSS6.2AI score0.00225EPSS
Exploits0References14
Rows per page
Query Builder