Lucene search
K

184 matches found

Vulnrichment
Vulnrichment
added 2024/11/05 5:10 p.m.2 views

CVE-2024-50128 net: wwan: fix global oob in wwan_rtnl_policy

In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...

7.3AI score0.00227EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/11/05 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a global out-of-bounds read issue in the net module, wwanrtnlpolicy, due to an overly large maxtype assigne...

7.1CVSS6.7AI score0.00227EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.5 views

Vulnerability of the __rtnl_newlink() function (net/core/rtnetlink.c) in the Linux operating system kernel, which allows a hacker to increase their privileges

The vulnerability of the rtnlnewlink function net/core/rtnetlink.c in the Linux operating system is related to the use of memory after it has been freed. Exploiting this vulnerability could allow an attacker to increase their privileges...

7.8CVSS6.4AI score0.00239EPSS
Exploits0References24Affected Software9
RedHat Linux
RedHat Linux
added 2024/09/24 12:49 a.m.13 views

kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...

5.5CVSS6.8AI score0.00286EPSS
Exploits0References5
OSV
OSV
added 2024/09/18 8:15 a.m.2 views

DEBIAN-CVE-2024-46766

In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...

7.8CVSS5.9AI score0.00229EPSS
Exploits0References1
NVD
NVD
added 2024/09/18 8:15 a.m.28 views

CVE-2024-46765

In the Linux kernel, the following vulnerability has been resolved: ice: protect XDP configuration with a mutex The main threat to data consistency in icexdp is a possible asynchronous PF reset. It can be triggered by a user or by TX timeout handler. XDP setup and PF reset code access the same...

5.5CVSS0.00235EPSS
Exploits0References3
NVD
NVD
added 2024/09/18 8:15 a.m.15 views

CVE-2024-46766

In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...

7.8CVSS0.00229EPSS
Exploits0References2
CVE
CVE
added 2024/09/18 7:12 a.m.102 views

CVE-2024-46766

CVE-2024-46766 affects the Linux kernel, specifically the ice driver’s VSI handling. The issue comes from moving netif_queue_set_napi to rtnl-protected sections, since netif_queue_set_napi() could be invoked from ice_vsi_rebuild() without rtnl locking during reset. The recommended fix fills napi-...

7.8CVSS7.8AI score0.00229EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/09/18 7:12 a.m.24 views

CVE-2024-46766 ice: move netif_queue_set_napi to rtnl-protected sections

In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...

0.00229EPSS
Exploits0References2
OSV
OSV
added 2024/09/18 7:12 a.m.12 views

CVE-2024-46766 ice: move netif_queue_set_napi to rtnl-protected sections

In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...

7.8CVSS6.3AI score0.00229EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/09/18 7:12 a.m.10 views

CVE-2024-46766

In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...

7.8CVSS5.9AI score0.00229EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/09/18 7:12 a.m.18 views

CVE-2024-46766 ice: move netif_queue_set_napi to rtnl-protected sections

In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...

6.5AI score0.00229EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/18 7:12 a.m.44 views

CVE-2024-46765 ice: protect XDP configuration with a mutex

In the Linux kernel, the following vulnerability has been resolved: ice: protect XDP configuration with a mutex The main threat to data consistency in icexdp is a possible asynchronous PF reset. It can be triggered by a user or by TX timeout handler. XDP setup and PF reset code access the same...

6.7AI score0.00235EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/09/18 7:12 a.m.30 views

CVE-2024-46765 ice: protect XDP configuration with a mutex

In the Linux kernel, the following vulnerability has been resolved: ice: protect XDP configuration with a mutex The main threat to data consistency in icexdp is a possible asynchronous PF reset. It can be triggered by a user or by TX timeout handler. XDP setup and PF reset code access the same...

0.00235EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/09/13 11:42 a.m.16 views

CVE-2024-46678

In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...

5.5CVSS6.8AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2024/09/13 5:29 a.m.14 views

CVE-2024-46678 bonding: change ipsec_lock from spin lock to mutex

In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...

5.5CVSS6AI score0.00168EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/09/13 5:29 a.m.22 views

CVE-2024-46678 bonding: change ipsec_lock from spin lock to mutex

In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...

0.00168EPSS
Exploits0References3
CVE
CVE
added 2024/09/13 5:29 a.m.126 views

CVE-2024-46678

CVE-2024-46678 affects the Linux kernel bonding subsystem. The root cause was ipsec_lock being a spin lock used to protect ipsec_list, but bond’s xfrm operations may sleep, triggering scheduling-while-atomic. The patch changes bond->ipsec_lock from a spin lock to a mutex, ensuring xdo_dev_stat...

5.5CVSS5.3AI score0.00168EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/09/09 12:0 a.m.13 views

CentOS 9 : kernel-5.14.0-505.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the kernel-5.14.0-505.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: net/smc: reduce rtnl pressure in smcpnetcreatepnetidslist Many syzbot report...

5.5CVSS5.8AI score0.0021EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.186 views

SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2024:2896-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2896-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were...

9.8CVSS7.2AI score0.02701EPSS
Exploits4References1253
Rows per page
Query Builder