Lucene search
K

70 matches found

OSV
OSV
added 2024/08/16 11:8 a.m.2 views

OESA-2024-1990 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as t...

7.5CVSS6.5AI score0.01027EPSS
Exploits0References2
OSV
OSV
added 2024/08/16 11:8 a.m.5 views

OESA-2024-1989 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as t...

7.5CVSS6.5AI score0.01027EPSS
Exploits0References2
OSV
OSV
added 2024/08/16 11:8 a.m.4 views

OESA-2024-1988 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as t...

7.5CVSS6.5AI score0.01027EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/08/09 1:53 a.m.2 views

SUSE CVE-2024-7409

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

7.5CVSS6.4AI score0.01027EPSS
Exploits0References14
OSV
OSV
added 2024/08/05 2:15 p.m.2 views

DEBIAN-CVE-2024-7409

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

7.5CVSS7.2AI score0.01027EPSS
Exploits0References1
OSV
OSV
added 2024/08/05 2:15 p.m.3 views

AZL-60916 CVE-2024-7409 affecting package qemu for versions less than 8.2.0-19

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

7.5CVSS7.1AI score0.01027EPSS
Exploits0References1
OSV
OSV
added 2024/08/05 2:15 p.m.9 views

AZL-60094 CVE-2024-7409 affecting package qemu for versions less than 6.2.0-26

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

7.5CVSS7.1AI score0.01027EPSS
Exploits0References1
OSV
OSV
added 2024/08/05 2:15 p.m.6 views

UBUNTU-CVE-2024-7409

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

7.5CVSS7AI score0.01027EPSS
Exploits0References5
CVE
CVE
added 2024/08/05 1:19 p.m.234 views

CVE-2024-7409

CVE-2024-7409 affects QEMU’s NBD server. The flaw is caused by improper synchronization during socket closure when a client keeps a socket open as the server goes offline, enabling potential DoS. Connected advisories/feeds indicate multiple vendors have released security updates (e.g., Debian, SU...

7.5CVSS7.2AI score0.01027EPSS
Exploits0References15
Vulnrichment
Vulnrichment
added 2024/08/05 1:19 p.m.17 views

CVE-2024-7409 Qemu: denial of service via improper synchronization in qemu nbd server during socket closure

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

7.5CVSS6.4AI score0.01027EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2024/08/05 12:0 a.m.15 views

CVE-2024-7409

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

7.5CVSS7AI score0.01027EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/05 12:0 a.m.3 views

QEMU NBD Server 安全漏洞

QEMU NBD Server is a QEMU disk network block device server that is open source from QEMU. A security vulnerability exists in QEMU NBD Server that originates from a client keeping a socket open when the server is offline, which can be used to launch a denial-of-service attack via incorrect...

7.5CVSS7.4AI score0.01027EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/10 12:18 a.m.3 views

kernel: tls: race between async notify and socket close

A race condition vulnerability was found in the tls subsystem of the Linux kernel. The submitting thread that calls recvmsg/sendmsg may exit as soon as the async crypto handler calls complete; any code past that point risks touching already freed data. This could lead to a use-after-free issue an...

4.7CVSS6.8AI score0.00177EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2024/06/26 1:32 p.m.8 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in the QEMU NBD Server. This vulnerability allows for a Denial-of-Service DoS attack through improper synchronization during socket closure, where a client keeps a socket open while the server is offline...

7.5CVSS7AI score0.01027EPSS
Exploits0References3
OSV
OSV
added 2024/02/28 9:15 a.m.7 views

CVE-2021-47024

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...

5.5CVSS7.3AI score0.0025EPSS
Exploits0References4
OSV
OSV
added 2024/02/28 9:15 a.m.2 views

DEBIAN-CVE-2021-47024

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...

5.5CVSS5.7AI score0.0025EPSS
Exploits0References1
Prion
Prion
added 2024/02/28 9:15 a.m.23 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...

6.7AI score0.0025EPSS
Exploits0References4
Prion
Prion
added 2024/02/21 3:15 p.m.22 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...

1CVSS7.3AI score0.0019EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/21 12:0 a.m.1 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention issue in the tls module between two operations, asynchronous notification and socket closure...

4.7CVSS6.6AI score0.00177EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2022/10/04 9:29 p.m.29 views

USN-5656-1: JACK vulnerability

Joseph Yasi discovered that JACK incorrectly handled the closing of a socket in certain conditions. An attacker could potentially use this issue to cause a crash...

8.1CVSS7.7AI score0.017EPSS
Exploits1
Rows per page
Query Builder