Lucene search
+L

77 matches found

cvelist
cvelist
added 2024/10/21 6:2 p.m.27 views

CVE-2024-49952 netfilter: nf_tables: prevent nf_skb_duplicated corruption

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prevent nfskbduplicated corruption syzbot found that nfdupipv4 or nfdupipv6 could write per-cpu variable nfskbduplicated in an unsafe way 1. Disabling preemption as hinted by the splat is not enough, we have ...

0.00277EPSS
Exploits0References9
debiancve
debiancve
added 2024/10/21 6:1 p.m.8 views

CVE-2024-49878

In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs addmemorydrivermanaged On a system with CXL memory, the resource tree /proc/iomem related to CXL memory may look like something as follows. 490000000-50fffffff : CXL Window 0 490000000-50fffffff ...

5.5CVSS6.1AI score0.00298EPSS
Exploits0
cvelist
cvelist
added 2024/09/27 12:42 p.m.33 views

CVE-2024-46852 dma-buf: heaps: Fix off-by-one in CMA heap fault handler

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...

0.00215EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2024/09/13 6:27 a.m.18 views

CVE-2024-46701 libfs: fix infinite directory reads for offset dir

In the Linux kernel, the following vulnerability has been resolved: libfs: fix infinite directory reads for offset dir After we switch tmpfs dir operations from simplediroperations to simpleoffsetdiroperations, every rename happened will fill new dentry to dest dir's maple...

6.8AI score0.00188EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/09/13 5:29 a.m.10 views

CVE-2024-46682 nfsd: prevent panic for nfsv4.0 closed files in nfs4_show_open

In the Linux kernel, the following vulnerability has been resolved: nfsd: prevent panic for nfsv4.0 closed files in nfs4showopen Prior to commit 3f29cc82a84c "nfsd: split scstatus out of sctype" statesshow relied on sctype field to be of valid type before calling into a subfunction to show conten...

6.6AI score0.0019EPSS
Exploits0References2
debiancve
debiancve
added 2024/08/28 7:11 a.m.26 views

CVE-2024-44943

In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The splat looks like: 464.325306 WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313...

5.5CVSS5.2AI score0.00183EPSS
Exploits0
cve
cve
added 2024/08/26 10:11 a.m.298 views

CVE-2024-43908

The CVE-2024-43908 issue is confirmed in the Linux kernel’s DRM/AMDGPU code: a null pointer dereference in ras_manager that can arise when ras_manager is consulted. The published fix is to check ras_manager before using it, preventing dereference of a null pointer. The connected Nessus advisories...

5.5CVSS6.9AI score0.00217EPSS
Exploits0References9Affected Software1
vulnrichment
vulnrichment
added 2024/08/22 1:31 a.m.19 views

CVE-2022-48912 netfilter: fix use-after-free in __nf_register_net_hook()

In the Linux kernel, the following vulnerability has been resolved: netfilter: fix use-after-free in nfregisternethook We must not dereference @newhooks after nfhookmutex has been released, because other threads might have freed our allocated hooks already. BUG: KASAN: use-after-free in...

6.8AI score0.00227EPSS
Exploits0References7
ubuntucve
ubuntucve
added 2024/08/21 7:15 a.m.11 views

CVE-2022-48888

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Fix memory leak in msmmdssparsedatabusiccpath oficcget alloc resources for path1, we should release it when not need anymore. Early return when ISERRORNULLpath0 may leak path1. Defer getting path1 to fix this...

5.5CVSS5.9AI score0.00205EPSS
Exploits0References4
cvelist
cvelist
added 2024/08/21 6:10 a.m.24 views

CVE-2023-52904 ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix possible NULL pointer dereference in sndusbpcmhasfixedrate The subs function argument may be NULL, so do not use it before the NULL check...

0.00255EPSS
Exploits0References3
redhatcve
redhatcve
added 2024/08/19 2:46 p.m.12 views

CVE-2024-42294

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sdremove & sdrelease Our test report the following hung task: 2538.459400 INFO: task "kworker/0:0":7 blocked for more than 188 seconds. 2538.459427 Call trace: 2538.459430 switchto+0x174/0x338...

5.5CVSS5.3AI score0.00171EPSS
Exploits0References4
cvelist
cvelist
added 2024/08/17 8:54 a.m.24 views

CVE-2024-42269 netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix potential null-ptr-deref in ip6tablenattableinit. ip6tablenattableinit accesses net-gen-ptrip6tablenatnetops.id, but the function is exposed to user space before the entry is allocated via...

0.00226EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2024/08/17 8:54 a.m.15 views

CVE-2024-42269 netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix potential null-ptr-deref in ip6tablenattableinit. ip6tablenattableinit accesses net-gen-ptrip6tablenatnetops.id, but the function is exposed to user space before the entry is allocated via...

6.8AI score0.00226EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2024/07/12 12:37 p.m.18 views

CVE-2024-40987 drm/amdgpu: fix UBSAN warning in kv_dpm.c

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix UBSAN warning in kvdpm.c Adds bounds check for sumovidmappingentry...

6.8AI score0.00279EPSS
Exploits0References8
debiancve
debiancve
added 2024/07/10 7:14 a.m.20 views

CVE-2024-39491

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l56: Fix lifetime of csdsp instance The csdsp instance is initialized in the driver probe so it should be freed in the driver remove. Also fix a missing call to csdspremove in the error path of cs35l56hdacommonprob...

5.5CVSS5.7AI score0.0021EPSS
Exploits0
vulnrichment
vulnrichment
added 2024/06/25 2:22 p.m.13 views

CVE-2022-48772 media: lgdt3306a: Add a check against null-pointer-def

In the Linux kernel, the following vulnerability has been resolved: media: lgdt3306a: Add a check against null-pointer-def The driver should check whether the client provides the platformdata. The following log reveals it: 29.610324 BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40 29.610730 Read o...

6.8AI score0.00244EPSS
Exploits0References7
redhatcve
redhatcve
added 2024/06/20 5:33 p.m.28 views

CVE-2024-38559

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure that the string is...

4.4CVSS7AI score0.00253EPSS
Exploits0References4
debiancve
debiancve
added 2024/06/19 2:53 p.m.23 views

CVE-2021-47590

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in mptcppushpending mptcppushpending may call mptcpflushjoinlist with subflow socket lock held. If such call hits mptcpsockoptsyncall then subsequently mptcpsockoptsync could try to lock the subflow socket for...

5.5CVSS6.1AI score0.00156EPSS
Exploits0
cvelist
cvelist
added 2024/06/19 1:37 p.m.35 views

CVE-2024-38588 ftrace: Fix possible use-after-free issue in ftrace_location()

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix possible use-after-free issue in ftracelocation KASAN reports a bug: BUG: KASAN: use-after-free in ftracelocation+0x90/0x120 Read of size 8 at addr ffff888141d40010 by task insmod/424 CPU: 8 PID: 424 Comm: insmod...

0.00239EPSS
Exploits0References8
redhatcve
redhatcve
added 2024/06/03 1:33 p.m.17 views

CVE-2024-36903

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in ip6makeskb As it was done in commit fc1092f51567 "ipv4: Fix uninit-value access in ipmakeskb" for IPv4, check FLOWIFLAGKNOWNNH on fl6-flowi6flags instead of testing HDRINCL on the socket...

5.5CVSS6.5AI score0.0023EPSS
Exploits0References4
Rows per page
Query Builder