CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2024/10/21 8:15 p.m.•1 views

DEBIAN-CVE-2022-48976

5.5CVSS5.3AI score0.0001EPSS

OSV•added 2024/10/21 8:15 p.m.•2 views

DEBIAN-CVE-2022-48960

In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2rx The skb is delivered to napigroreceive which may free it, after calling this, dereferencing skb may trigger use-after-free...

7.8CVSS5.6AI score0.00013EPSS

OSV•added 2024/10/21 8:15 p.m.•0 views

UBUNTU-CVE-2022-48976

5.5CVSS6.1AI score0.0001EPSS

Cvelist•added 2024/10/21 8:5 p.m.•15 views

CVE-2022-48976 netfilter: flowtable_offload: fix using __this_cpu_add in preemptible

0.0001EPSS

Exploits0References2

OSV•added 2024/10/21 8:5 p.m.•13 views

CVE-2022-48976 netfilter: flowtable_offload: fix using __this_cpu_add in preemptible

5.5CVSS5.6AI score0.0001EPSS

OSV•added 2024/10/21 6:15 p.m.•2 views

AZL-51829 CVE-2024-49978 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: gso: fix udp gso fraglist segmentation after pull from fraglist Detect gso fraglist skbs with corrupted geometry see below and pass these to skbsegment instead of skbsegmentlist, as the first can segment them correctly. Valid...

5.5CVSS6.7AI score0.00007EPSS

OSV•added 2024/10/21 6:15 p.m.•3 views

DEBIAN-CVE-2024-49949

In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdiscpktleninit with UFO After commit 7c6d2ecbda83 "net: be more gentle about silly gso requests coming from user" virtionethdrtoskb had sanity check to detect malicious attempts from user space ...

5.5CVSS5.8AI score0.00011EPSS

OSV•added 2024/10/21 6:15 p.m.•1 views

UBUNTU-CVE-2024-49979

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix tcp fraglist segmentation after pull from fraglist Detect tcp gso fraglist skbs with corrupted geometry see below and pass these to skbsegment instead of skbsegmentlist, as the first can segment them correctly. Vali...

5.5CVSS5.8AI score0.00029EPSS

Exploits0References9

CNNVD•added 2024/10/21 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a potential underflow in the qdiscpktleninit function in the net component when handling UFOs...

5.5CVSS6.7AI score0.00011EPSS

Exploits0References9

CNNVD•added 2024/10/21 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a fraglist segmentation issue in gso's handling of udp packets resulting in a segmentation error...

5.5CVSS6.6AI score0.00007EPSS

Exploits0References7

RedHat Linux•added 2024/10/16 1:8 a.m.•3 views

kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: reset dst in route object after setting up flow dst is transferred to the flow object, route object does not own it anymore. Reset dst in route object, otherwise if flowoffloadadd fails, error path...

5.5CVSS6.6AI score0.00016EPSS

RedHat Linux•added 2024/10/15 12:42 a.m.•4 views

kernel: udp: do not accept non-tunnel GSO skbs landing in a tunnel

CVE-2024-35884 highlights a flaw in the Linux kernel's handling of UDP packets when Generic Receive Offload GRO forwarding is enabled. The issue occurs because non-tunnel UDP packets are sometimes mistakenly processed as if they belong to a tunnel. This can lead to data corruption or kernel...

8.8CVSS7.3AI score0.00018EPSS

Microsoft CVE•added 2024/10/12 7:0 a.m.•1 views

net: drop bad gso csum_start and offset in virtio_net_hdr

...

5.5CVSS7.4AI score0.00025EPSS

Microsoft CVE•added 2024/10/12 7:0 a.m.•3 views

bonding: fix null pointer deref in bond_ipsec_offload_ok

...

5.5CVSS6.9AI score0.00019EPSS

Amazon•added 2024/10/01 12:0 a.m.•4 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error CVE-2024-41098 In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcmsendmsg for the same socket. CVE-2024-44946 In the Linux...

7.8CVSS7.7AI score0.00231EPSS

Positive Technologies•added 2024/09/26 12:0 a.m.•1 views

PT-2024-7606

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58 Description The issue is related to a use-after-free vulnerability in the async decryption function of the Linux kernel's SMB client. This vulnerability can be exploited to impact the confidentiality,...

7.8CVSS5.5AI score0.00019EPSS

OSV•added 2024/09/24 8:49 a.m.•4 views

CLSA-2024-1727167500 kernel: Fix of 11 CVEs

wifi: mac80211: Avoid address calculations via out of bounds array indexing CVE-2024-41071 - bnx2x: Fix multiple UBSAN array-index-out-of-bounds CVE-2024-42148 - exec: Fix ToCToU between perm check and set-uid/gid usage CVE-2024-43882 - scsi: aacraid: Fix double-free on probe failure...

8.4CVSS6.8AI score0.00126EPSS

Exploits1References1

RedHat Linux•added 2024/09/24 2:39 a.m.•3 views

kernel: udp: do not accept non-tunnel GSO skbs landing in a tunnel

8.8CVSS7.3AI score0.00018EPSS

RedHat Linux•added 2024/09/24 1:17 a.m.•1 views

kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs

In the Linux kernel, the following vulnerability has been resolved: net: core: reject skbcopyexpand for fraglist GSO skbs SKBGSOFRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skbcopy or skbcopyexpand, in order to prevent a crash on a...

5.5CVSS6.6AI score0.0001EPSS