Lucene search
K

1577 matches found

Cvelist
Cvelist
added 2024/05/20 9:42 a.m.18 views

CVE-2024-35976 xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING

In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in xsksetsockopt 1 Make sure to validate setsockopt @optlen parameter. 1 BUG: KASAN: slab-out-of-bounds in copyfromsockptroffset...

6.2AI score0.00256EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2024/05/19 9:15 a.m.18 views

CVE-2024-35871

In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...

7.1CVSS6.5AI score0.00264EPSS
Exploits0References20
Vulnrichment
Vulnrichment
added 2024/05/19 8:34 a.m.17 views

CVE-2024-35873 riscv: Fix vector state restore in rt_sigreturn()

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...

6.5AI score0.00196EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/19 8:34 a.m.38 views

CVE-2024-35873 riscv: Fix vector state restore in rt_sigreturn()

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...

6.3AI score0.00196EPSS
Exploits0References2
OSV
OSV
added 2024/05/19 8:34 a.m.17 views

CVE-2024-35873 riscv: Fix vector state restore in rt_sigreturn()

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...

5.5CVSS5.8AI score0.00196EPSS
Exploits0References5
OSV
OSV
added 2024/05/19 8:34 a.m.18 views

CVE-2024-35871 riscv: process: Fix kernel gp leakage

In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...

7.1CVSS6.3AI score0.00264EPSS
Exploits0References10
CVE
CVE
added 2024/05/19 8:34 a.m.101 views

CVE-2024-35871

CVE-2024-35871 concerns a kernel-level issue in riscv process handling that leaks the kernel global pointer (gp) via user-space observables. The vulnerability stems from how childregs (the user-context registers during syscall) can expose kernel gp in several ways (e.g., after execve, via ptrace,...

7.1CVSS6.8AI score0.00264EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/15 12:0 a.m.43 views

RHEL 9 : kernel (RHSA-2024:2845)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2845 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: untrusted VMM can trigger int8...

8.8CVSS6.9AI score0.00675EPSS
Exploits0References7
Kitploit
Kitploit
added 2024/04/28 12:30 p.m.50 views

CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training

CrimsonEDR is an open-source project engineered to identify specific malware patterns, offering a tool for honing skills in circumventing Endpoint Detection and Response EDR. By leveraging diverse detection methods, it empowers users to deepen their understanding of security evasion tactics...

7.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.23 views

RHEL 7 / 8 : OpenShift Virtualization 4.12.0 RPMs (RHSA-2023:0407)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0407 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.This advisory contains...

7.5CVSS7.3AI score0.03958EPSS
Exploits4References32
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.28 views

RHEL 8 : Red Hat OpenShift Data Foundation 4.10.0 RPM (RHSA-2022:1361)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1361 advisory. Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Re...

7.5CVSS7.1AI score0.03958EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2024/04/17 4:58 p.m.28 views

CVE-2024-26819

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.7AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/04/17 11:15 a.m.28 views

CVE-2024-26900

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

5.5CVSS6.4AI score0.00287EPSS
Exploits0References17
CVE
CVE
added 2024/04/17 9:43 a.m.71 views

CVE-2024-26819

CVE-2024-26819 is rejected/not used; this entry does not represent an active vulnerability.

6.8AI score
Exploits0
NVD
NVD
added 2024/04/04 9:15 a.m.13 views

CVE-2024-26786

In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix ioptaccesslistid overwrite bug Syzkaller reported the following WARNON: WARNING: CPU: 1 PID: 4738 at drivers/iommu/iommufd/iopagetable.c:1360 Call Trace: iommufdaccesschangeioas+0x2fe/0x4e0...

5.5CVSS6.5AI score0.00222EPSS
Exploits0References3
NVD
NVD
added 2024/04/03 3:15 p.m.20 views

CVE-2024-26688

In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbsfillsuper When configuring a hugetlb filesystem via the fsconfig syscall, there is a possible NULL dereference in hugetlbfsfillsuper caused by assigning NULL to ctx-hstate in...

5.5CVSS7AI score0.00245EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/04/03 2:54 p.m.26 views

CVE-2024-26688 fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super

In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbsfillsuper When configuring a hugetlb filesystem via the fsconfig syscall, there is a possible NULL dereference in hugetlbfsfillsuper caused by assigning NULL to ctx-hstate in...

7.4AI score0.00245EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/04/03 2:54 p.m.16 views

CVE-2024-26688 fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super

In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbsfillsuper When configuring a hugetlb filesystem via the fsconfig syscall, there is a possible NULL dereference in hugetlbfsfillsuper caused by assigning NULL to ctx-hstate in...

6.5AI score0.00245EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2024/03/18 2:23 p.m.32 views

CVE-2024-26641

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...

5.5CVSS6.5AI score0.00241EPSS
Exploits0References4
CVE
CVE
added 2024/03/18 10:19 a.m.204 views

CVE-2024-26641

CVE-2024-26641 affects the Linux kernel’s IPv6/IP tunneling path. The issue arises in ip6_tunnel when receiving inner headers in __ip6_tnl_rcv(), which could access uninitialized data via a chained path (KMSAN warnings). The fix, as described in the description, is to call pskb_inet_may_pull() to...

5.5CVSS6.1AI score0.00241EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder