84 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-36960
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drmevent to the size of the structure that's actually used. The length of...
Linux Distros Unpatched Vulnerability : CVE-2024-41077
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nullblk: fix validation of block size Block size should be between 512 and PAGESIZE and be a power of 2. The current check does not validate this, so update the...
Linux Distros Unpatched Vulnerability : CVE-2022-48714
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Use VMMAP instead of VMALLOC for ringbuf After commit 2fd3fb0be1d1 kasan, vmalloc:...
Linux Distros Unpatched Vulnerability : CVE-2021-47632
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/setmemory: Avoid spinlock recursion in changepageattr Commit 1f9ad21c3b38 powerpc/mm: Implement setmemory routines included a spinlock to changepageattr...
Linux Distros Unpatched Vulnerability : CVE-2024-47658
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: stm32/cryp - call finalize with bh disabled The finalize operation in interrupt mode produce a produces a spinlock recursion warning. The reason is the...
Linux Distros Unpatched Vulnerability : CVE-2024-36004
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQMEMRECLAIM flag for workqueue Issue reported by customer during SRIOV...
Linux Distros Unpatched Vulnerability : CVE-2024-41073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retried, and that...
Linux Distros Unpatched Vulnerability : CVE-2022-49518
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access...
Linux Distros Unpatched Vulnerability : CVE-2024-39463
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's dfsda...
Linux Distros Unpatched Vulnerability : CVE-2024-41011
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right...
Linux Distros Unpatched Vulnerability : CVE-2024-26740
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: actmirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 actmirred: use the backlog for nested calls to mirred...
Linux Distros Unpatched Vulnerability : CVE-2024-35789
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fastrx entry still...
Linux Distros Unpatched Vulnerability : CVE-2024-46803
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: Check debug trap enable before write dbgevfile In interrupt context, write dbgevfile will be run by work queue. It will cause write dbgevfile...
Linux Distros Unpatched Vulnerability : CVE-2024-47690
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: get rid of online repaire on corrupted directory syzbot reports a f2fs bug as below: kernel BUG at fs/f2fs/inode.c:896! RIP:...
Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerabilities (USN-7234-2)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7234-2 advisory. Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a...
Ubuntu 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7195-2)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7195-2 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...
Ubuntu: Security Advisory (USN-7169-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7089-5)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7089-5 advisory. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local...
USN-6865-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2021-33631 It w...
USN-6007-1 linux-gcp vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...