CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1072 matches found

Cvelist•added 2024/10/21 6:1 p.m.•17 views

CVE-2024-49925 fbdev: efifb: Register sysfs groups through driver core

In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use of that functionality to simplify the error handling and cleanup. Also avoid a UAF race during...

0.00007EPSS

Exploits0References6

OSV•added 2024/10/12 11:9 a.m.•1 views

OESA-2024-2219 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf: Take return from setmemoryrox into account with bpfjitbinarylockro setmemoryrox can fail, leaving memory unprotected. Check return and bail out when...

7.8CVSS7AI score0.0005EPSS

Exploits0References70

Tenable Nessus•added 2024/09/30 12:0 a.m.•24 views

CentOS 9 : kernel-5.14.0-513.el9

"The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-513.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fix potential null pointer dereference In...

5.5CVSS6.1AI score0.00028EPSS

Exploits0References7

Vulnrichment•added 2024/09/27 12:39 p.m.•13 views

CVE-2024-46826 ELF: fix kernel.randomize_va_space double read

In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomizevaspace double read ELF loader uses "randomizevaspace" twice. It is sysctl and can change at any moment, so 2 loads could see 2 different values in theory with unpredictable consequences. Issue exactly on...

6.9AI score0.00009EPSS

Exploits0References4

OSV•added 2024/09/10 8:45 a.m.•22 views

SUSE-SU-2024:3189-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-43907: drm/amdgpu/pm: fix the null pointer dereference in applystateadjustrules bsc1229787. - CVE-2024-43905: drm/amd/pm: fix the null pointer dereferenc...

8.8CVSS8.2AI score0.00091EPSS

Exploits4References228

NVD•added 2024/08/22 2:15 a.m.•19 views

CVE-2022-48910

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ensure we call ipv6mcdown at most once There are two reasons for addrconfnotify to be called with NETDEVDOWN: either the network device is actually going down, or IPv6 was disabled on the interface. If either of them...

5.5CVSS0.00021EPSS

Exploits0References8

CVE•added 2024/08/22 1:30 a.m.•83 views

CVE-2022-48910

The CVE-2022-48910 case concerns the Linux kernel IPv6 addrconf path: when NETDEV_DOWN is triggered for reasons other than actual interface down, repeated calls can leak one ifmcaddr6 per multicast group by leaking idev->mc_tomb. The fix is to ensure ipv6_mc_down() runs at most once per state ...

5.5CVSS6.6AI score0.00021EPSS

Exploits0References8Affected Software1

RedhatCVE•added 2024/08/19 2:16 p.m.•17 views

CVE-2024-42312

In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize iuid/igid Always initialize iuid/igid inside the sysfs core so setownership can safely skip setting them. Commit 5ec27ec735ba "fs/proc/procsysctl.c: fix the default values of iuid/igid on /proc/sys...

5.5CVSS6.9AI score0.00028EPSS

Exploits0References4

SUSE CVE•added 2024/08/18 2:2 a.m.•1 views

SUSE CVE-2024-42312

5.5CVSS6.3AI score0.00028EPSS

Exploits0References17

NVD•added 2024/08/17 9:15 a.m.•17 views

CVE-2024-42312

5.5CVSS0.00028EPSS

Exploits0References9

OSV•added 2024/08/17 9:15 a.m.•0 views

DEBIAN-CVE-2024-42312

5.5CVSS5.4AI score0.00028EPSS

Exploits0References1

UbuntuCve•added 2024/08/17 9:15 a.m.•15 views

CVE-2024-42312

5.5CVSS6.2AI score0.00028EPSS

Exploits0References18

OSV•added 2024/08/17 9:15 a.m.•0 views

UBUNTU-CVE-2024-42312

5.5CVSS6.1AI score0.00028EPSS

Exploits0References19

Vulnrichment•added 2024/08/17 9:9 a.m.•12 views

CVE-2024-42312 sysctl: always initialize i_uid/i_gid

6.8AI score0.00028EPSS

Exploits0References6

CVE•added 2024/08/17 9:9 a.m.•142 views

CVE-2024-42312

CVE-2024-42312 relates to the Linux kernel vulnerability where sysctl did not consistently initialize i_uid/i_gid. The resolution initializes i_uid/i_gid inside the sysfs core so that set_ownership() can safely skip setting them. The change is documented as part of commit 5ec27ec735ba, which fixe...

5.5CVSS6.5AI score0.00028EPSS

Exploits0References9Affected Software1

Cvelist•added 2024/08/17 9:9 a.m.•23 views

CVE-2024-42312 sysctl: always initialize i_uid/i_gid

0.00028EPSS

Exploits0References6

Debian CVE•added 2024/08/17 9:9 a.m.•13 views

CVE-2024-42312

5.5CVSS5.4AI score0.00028EPSS

Exploits0

OSV•added 2024/08/17 9:9 a.m.•15 views

CVE-2024-42312 sysctl: always initialize i_uid/i_gid

5.5CVSS6AI score0.00028EPSS

Exploits0References11

SUSE CVE•added 2024/05/21 2:0 a.m.•1 views

SUSE CVE-2024-27419

In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctlnetbusyread We need to protect the reader reading the sysctl value because the value can be changed concurrently...

2.5CVSS6.5AI score0.00012EPSS

Exploits0References14

RedhatCVE•added 2024/05/17 10:24 p.m.•18 views

CVE-2024-27426

A flaw was found in the netrom module in the Linux kernel. A race condition can occur when reading the sysctlnetromtransportmaximumtries resource due to a missing lock, which may impact system stability and can result in a denial of service...

5.5CVSS6.2AI score

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by