Lucene search
K

4 matches found

UbuntuCve
UbuntuCve
added 2024/07/12 1:15 p.m.33 views

CVE-2024-40954

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

7.8CVSS6.4AI score0.00255EPSS
Exploits0References20
CVE
CVE
added 2024/07/12 12:31 p.m.185 views

CVE-2024-40954

The CVE-2024-40954 entry concerns a Linux kernel UAF: a dangling sk pointer may be created on socket creation failure when an fentry probe hits __sock_release() and bpf_get_socket_cookie() is invoked, enabling a use-after-free in __sock_gen_cookie. Reproducing scenario described via traceroute -I...

7.8CVSS7.7AI score0.00255EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2024/07/12 12:31 p.m.24 views

CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

0.00255EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2015/12/28 11:0 a.m.46 views

CVE-2015-8543

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service NULL function pointer dereference and system crash or possibly gain...

7CVSS6.8AI score0.0123EPSS
Exploits0
Rows per page
Query Builder