Lucene search
+L

299 matches found

Vulnrichment
Vulnrichment
added 2024/04/17 10:17 a.m.23 views

CVE-2024-26857 geneve: make sure to pull inner header in geneve_rx()

In the Linux kernel, the following vulnerability has been resolved: geneve: make sure to pull inner header in geneverx syzbot triggered a bug in geneverx 1 Issue is similar to the one I fixed in commit 8d975c15c0cd "ip6tunnel: make sure to pull inner header in ip6tnlrcv" We have to save...

6.6AI score0.0025EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2024/04/11 10:2 p.m.22 views

CVE-2021-47186

In the Linux kernel, the following vulnerability has been resolved: tipc: check for null after calling kmemdup kmemdup can return a null pointer so need to check for it, otherwise the null key will be dereferenced later in tipccryptokeyxmit as can be seen in the trace 1. 1...

5.5CVSS7.2AI score0.00222EPSS
Exploits0References4
NVD
NVD
added 2024/04/04 9:15 a.m.19 views

CVE-2024-26750

In the Linux kernel, the following vulnerability has been resolved: afunix: Drop oobskb ref before purging queue in GC. syzbot reported another task hung in unixgc. 0 The current while loop assumes that all of the left candidates have oobskb and calling kfreeskboobskb releases the remaining...

5.5CVSS7.5AI score0.00224EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/04/03 2:55 p.m.37 views

CVE-2024-26702

In the Linux kernel, the following vulnerability has been resolved: iio: magnetometer: rm3100: add boundary check for the value read from RM3100REGTMRC Recently, we encounter kernel crash in function rm3100commonprobe caused by out of bound access of array rm3100samprates because of underlying...

5.5CVSS6.8AI score0.00226EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/04/02 7:3 a.m.30 views

Advisory ROSA-SA-2024-2387

Software: slapi-nis 0.56.6 OS: ROSA Virtualization 2.1 packageevrstring: slapi-nis-0.56.6-2.rv3 CVE-ID: CVE-2021-3480 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Dereferencing a null pointer during DN binding analysis could allow an unauthenticated attacker to cause the 389-ds-base directory server to...

7.5CVSS7AI score0.01701EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/04/02 6:22 a.m.25 views

CVE-2024-26665

In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in docsum+0x220/0x240 Read of size 4 at addr...

7.1CVSS7.3AI score0.00237EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/03/27 1:53 p.m.32 views

CVE-2024-26647

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'linksetdscppspacket' In linksetdscppspacket, 'struct displaystreamcompressor dsc' was dereferenced in a DCLOGGERINITdsc-ctx-logger; before the 'dsc' NULL pointer check. Fixes t...

4.4CVSS6.9AI score0.00224EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/03/06 10:41 p.m.30 views

CVE-2023-52604

A flaw was found in the jfs module in the Linux kernel. An out-of-bounds read vulnerability can be triggered due to a missing input validation before updating the leaf of a tree with a new value, resulting in a denial of service...

5.5CVSS7.2AI score0.00249EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/03/02 9:52 p.m.44 views

CVE-2022-48628

In the Linux kernel, the following vulnerability has been resolved: ceph: drop messages from MDS when unmounting When unmounting all the dirty buffers will be flushed and after the last osd request is finished the last reference of the icount will be released. Then it will flush the dirty cap/sna...

5.5CVSS5.2AI score0.00237EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/02/28 9:15 a.m.23 views

CVE-2021-47005

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix NULL pointer dereference for -getfeatures getfeatures ops of pciepcops may return NULL, causing NULL pointer dereference in pciepftestallocspace function. Let us add a check for pciepcfeature pointer in...

5.5CVSS6.3AI score0.00236EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/02/28 8:13 a.m.46 views

CVE-2020-36780

In the Linux kernel, the following vulnerability has been resolved: i2c: sprd: fix reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented on return in sprdi2cmasterxfer and sprdi2cremove. However, pmruntimegetsync will increment the PM reference count...

4.7CVSS5.1AI score0.00228EPSS
Exploits0
OSV
OSV
added 2024/02/27 7:4 p.m.6 views

CVE-2021-46960

In the Linux kernel, the following vulnerability has been resolved: cifs: Return correct error code from smb2getenckey Avoid a warning if the error percolates back up: 440700.376476 CIFS VFS: \otters.example.com cryptmessage: Could not get encryption key 440700.386947 ------------ cut here...

5.5CVSS6.1AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/02/27 7:15 a.m.31 views

CVE-2021-46908

In the Linux kernel, the following vulnerability has been resolved: bpf: Use correct permission flag for mixed signed bounds arithmetic We forbid adding unknown scalars with mixed signed bounds due to the spectre v1 masking mitigation. Hence this also needs bypassspecv1 flag instead of...

5.5CVSS6.4AI score0.00232EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/02/24 6:1 p.m.33 views

CVE-2024-26600

A NULL pointer dereference flaw was found in the Linux kernel in the phy-omap-usb2 driver. This issue arises when the external PHY used with phy-omap-usb2 does not implement the sendsrp function. If this function is called without proper implementation, it can result in a system crash, especially...

5.5CVSS6.1AI score0.00295EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2023/04/04 3:18 p.m.52 views

Advisory ROSA-SA-2023-2138

Software: java-11-openjdk 11.0.18.0.10-1 OS: rosa-server79 packageevrstring: 11.0.18.0.10-1 CVE-ID: CVE-2022-21434 BDU-ID: 2022-02839 CVE-Crit: MEDIUM CVE-DESC: A vulnerability exists in the Libraries component of the Libraries component of Oracle GraalVM Enterprise Edition virtual machine due to...

7.5CVSS7.6AI score0.33623EPSS
Exploits2
Rosalinux
Rosalinux
added 2023/03/21 12:31 p.m.57 views

Advisory ROSA-SA-2023-2133

Software: java-11-openjdk 11.0.18.0.10-1 OS: rosa-server79 packageevrstring: java-11-openjdk-11.0.18.0.10-1 CVE-ID: CVE-2021-2161 BDU-ID: 2021-02490 CVE-Crit: MEDIUM CVE-DESC: A vulnerability in the Libraries component of the Java SE, Java SE Embedded, and Oracle GraalVM Enterprise Edition softwa...

7.5CVSS6.9AI score0.04238EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/09/02 12:0 a.m.30 views

Rocky Linux 8 : systemd (RLSA-2022:6206)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6206 advisory. - systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c CVE-2022-2526 Note that Nessus has not tested for this issue but has...

9.8CVSS7.5AI score0.01091EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/08/25 12:0 a.m.123 views

Oracle Linux 7 : systemd (ELSA-2022-6160)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-6160 advisory. 219-78.0.9.el79.7 - Core: explicitly trigger changing udev systemdwants property Orabug: 31858125 - Disable unprivileged BPF by default Orabug: 32871008 - Resol...

9.8CVSS7.5AI score0.01091EPSS
Exploits0References2
NVD
NVD
added 2021/05/14 1:15 a.m.19 views

CVE-2021-31922

An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager before 21.1 could allow an attacker to smuggle an HTTP request through an HTTP/2 Header. This vulnerability is resolved in 21.1, 20.3R1, 20.2R1, 20.1R2, 19.2R4, and 18.2R3...

7.5CVSS0.00973EPSS
Exploits1References1
Rows per page
Query Builder