Lucene search
K

6038 matches found

CVE
CVE
added 2024/10/21 8:6 p.m.118 views

CVE-2022-49033

CVE-2022-49033 affects the Linux kernel’s btrfs qgroup code, where a sleep was performed in an invalid context during qgroup inheritance. The advisory and connected documents describe the fix as: call qgroup_dirty() on the destination qgroup and update the limit item in btrfs_run_qgroups() later,...

5.5CVSS5.4AI score0.00248EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/21 8:6 p.m.16 views

CVE-2022-49018 mptcp: fix sleep in atomic at close time

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 inatomic: 1, irqsdisabled: 0, nonblock: 0, pid: 155, name:...

7.1AI score0.00152EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/21 8:6 p.m.17 views

CVE-2022-48983 io_uring: Fix a null-ptr-deref in io_tctx_exit_cb()

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...

6.9AI score0.00259EPSS
Exploits0References3
OSV
OSV
added 2024/10/21 8:6 p.m.13 views

CVE-2022-48983 io_uring: Fix a null-ptr-deref in io_tctx_exit_cb()

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...

5.5CVSS6.2AI score0.00259EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/10/21 8:5 p.m.27 views

CVE-2022-48956 ipv6: avoid use-after-free in ip6_fragment()

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6fragment Blamed commit claimed rcureadlock was held by ip6fragment callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6dstidev...

0.00265EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/10/21 8:5 p.m.29 views

CVE-2022-48954 s390/qeth: fix use-after-free in hsci

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix use-after-free in hsci KASAN found that addr was dereferenced after br2deveventwork was freed. ================================================================== BUG: KASAN: use-after-free in...

0.00238EPSS
Exploits0References3
CVE
CVE
added 2024/10/21 7:39 p.m.131 views

CVE-2024-50042

Technical details for CVE-2024-50042 are not publicly available in the provided documents. The connected advisories list kernel issues but do not disclose the affected product/version, root cause, impact, or a concrete fix for this CVE. Monitor for updates.

7.1CVSS6.6AI score0.0021EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/10/21 6:15 p.m.14 views

AZL-51165 CVE-2024-49863 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: vhost/scsi: null-ptr-dereference in vhostscsigetreq Since commit 3f8ca2e115e5 "vhost/scsi: Extract common handling code from control queue handler" a null pointer dereference bug can be triggered when guest sends an SCSI AN...

5.5CVSS6.6AI score0.00286EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/21 6:2 p.m.21 views

CVE-2024-49953 net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash caused by calling xfrmstatedelete twice The km.state is not checked in driver's delayed work. When xfrmstatecheckexpire is called, the state can be reset to XFRMSTATEEXPIRED, even if it is XFRMSTATEDEAD...

0.00302EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/10/21 6:1 p.m.20 views

CVE-2024-49884 ext4: fix slab-use-after-free in ext4_split_extent_at()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4splitextentat We hit the following use-after-free: ================================================================== BUG: KASAN: slab-use-after-free in ext4splitextentat+0xba8/0xcc0 Read of...

0.00265EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2024/10/21 4:8 p.m.18 views

CVE-2024-47736

In the Linux kernel, the following vulnerability has been resolved: erofs: handle overlapped pclusters out of crafted images properly syzbot reported a task hang issue due to a deadlock case where it is waiting for the folio lock of a cached folio that will be used for cache I/Os. After looking...

5.5CVSS6.8AI score0.0018EPSS
Exploits0References4
OSV
OSV
added 2024/10/21 1:15 p.m.1 views

DEBIAN-CVE-2024-47736

In the Linux kernel, the following vulnerability has been resolved: erofs: handle overlapped pclusters out of crafted images properly syzbot reported a task hang issue due to a deadlock case where it is waiting for the folio lock of a cached folio that will be used for cache I/Os. After looking...

5.5CVSS5.4AI score0.0018EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 11:53 a.m.15 views

CVE-2024-47707 ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in rt6uncachedlistflushdev Blamed commit accidentally removed a check for rt-rt6iidev being NULL, as spotted by syzbot: Oops: general protection fault, probably for non-canonical address...

5.5CVSS6.2AI score0.00237EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2024/10/21 11:53 a.m.10 views

CVE-2024-47701 ext4: avoid OOB when system.data xattr changes underneath the filesystem

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem When looking up for an entry in an inlined directory, if evalueoffs is changed underneath the filesystem by some change in the block device, it will lead to...

6.7AI score0.00245EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a potential post-release reuse issue in the fbdev component pxafb in pxafbtask...

7.8CVSS6.7AI score0.00249EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible post-release reuse error in the perfpendingtask function if the perfpendingtask function runs aft...

7.8CVSS6.5AI score0.00253EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.7 views

The vulnerability of the Passwork password manager lies in the improper implementation of the sequence of actions required for processing tasks. This allows attackers to compromise the integrity of the protected information.

The vulnerability of the Passwork password manager is related to the incorrect implementation of the sequence of actions performed. Exploiting this vulnerability allows a malicious actor, operating remotely, to compromise the integrity of the protected information...

6.8CVSS5.5AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/10/13 12:0 a.m.19 views

CBL Mariner 2.0 Security Update: kernel (CVE-2024-43856)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43856 advisory. - In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent...

5.5CVSS6AI score0.00398EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.5 views

Fortra Robot Schedule Enterprise Agent 安全漏洞

Fortra Robot Schedule Enterprise Agent is a component of Fortra's Enterprise Task Scheduler software. A security vulnerability exists in Fortra Robot Schedule Enterprise Agent versions prior to 3.05 that stems from FTP username and password information being written to the agent log file when...

5.5CVSS6.6AI score0.0018EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2024/10/08 2:0 p.m.247 views

October 8, 2024—KB5044281 (OS Build 20348.2762)

October 8, 2024—KB5044281 OS Build 20348.2762 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when...

9CVSS8.3AI score0.60954EPSS
Exploits4
Rows per page
Query Builder