13715 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-46753
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: handle errors from btrfsdecref properly In walkupproc we BUGONret from btrfsdecref. This is incorrect, we have proper error handling here, return the...
Linux Distros Unpatched Vulnerability : CVE-2023-52642
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: rc: bpf attach/detach requires write permission Note that bpf attach/detach also requires CAPNETADMIN. CVE-2023-52642 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2024-26915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Reset IH OVERFLOWCLEAR bit Allows us to detect subsequent IH ring buffer overflows as well. CVE-2024-26915 Note that Nessus relies on the presence o...
Linux Distros Unpatched Vulnerability : CVE-2024-35864
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix potential UAF in smb2isvalidleasebreak Skip sessions that are being teared down status == SESEXITING to avoid UAF. CVE-2024-35864 Note that...
Linux Distros Unpatched Vulnerability : CVE-2024-35867
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifsstatsprocshow Skip sessions that are being teared down...
Linux Distros Unpatched Vulnerability : CVE-2024-46841
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: don't BUGON on ENOMEM from btrfslookupextentinfo in walkdownproc We handle errors here properly, ENOMEM isn't fatal, return the error. CVE-2024-46841 Not...
Linux Distros Unpatched Vulnerability : CVE-2024-38591
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/hns: Fix deadlock on SRQ async events. xalock for SRQ table may be required in AEQ. Use xastoreirq/ xaeraseirq to avoid deadlock. CVE-2024-38591 Note that...
Linux Distros Unpatched Vulnerability : CVE-2024-45021
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything...
Linux Distros Unpatched Vulnerability : CVE-2024-45018
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in...
Linux Distros Unpatched Vulnerability : CVE-2024-41017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: don't walk off the end of ealist Add a check before visiting the members of ea to make sure each ea stays within the ealist. CVE-2024-41017 Note that Nessu...
Linux Distros Unpatched Vulnerability : CVE-2024-11596
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file CVE-2024-11596 Note th...
Linux Distros Unpatched Vulnerability : CVE-2024-42281
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix a segment issue when downgrading gsosize Linearize the skb when downgrading gsosize because it may trigger a BUGON later when the skb is segmented as...
Linux Distros Unpatched Vulnerability : CVE-2024-35965
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: L2CAP: Fix not validating setsockopt user input Check user input length before copying data. CVE-2024-35965 Note that Nessus relies on the presence o...
Linux Distros Unpatched Vulnerability : CVE-2024-46809
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Check BIOS images before it is used BIOS images may fail to load and null checks are added before they are used. This fixes 6 NULLRETURNS issue...
Linux Distros Unpatched Vulnerability : CVE-2024-38535
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsin...
Linux Distros Unpatched Vulnerability : CVE-2024-45490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. CVE-2024-45490 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2024-45492
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX...
Linux Distros Unpatched Vulnerability : CVE-2021-34558
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a...
Linux Distros Unpatched Vulnerability : CVE-2021-32574
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject...
Linux Distros Unpatched Vulnerability : CVE-2021-33098
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation in the IntelR Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of...