Lucene search
K

149 matches found

RedhatCVE
RedhatCVE
added 2024/06/20 2:1 p.m.23 views

CVE-2024-38618

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to ...

4.4CVSS6.9AI score0.00642EPSS
Exploits0References4
NVD
NVD
added 2024/06/19 2:15 p.m.17 views

CVE-2024-38618

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to ...

5.5CVSS0.00642EPSS
Exploits0References9
OSV
OSV
added 2024/06/19 2:15 p.m.3 views

DEBIAN-CVE-2024-38618

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to ...

5.5CVSS5.5AI score0.00642EPSS
Exploits0References1
OSV
OSV
added 2024/06/19 2:15 p.m.3 views

UBUNTU-CVE-2024-38618

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to ...

5.5CVSS6.2AI score0.00642EPSS
Exploits0References30
CVE
CVE
added 2024/06/19 1:56 p.m.179 views

CVE-2024-38618

CVE-2024-38618 affects the Linux kernel: ALSA timer start tick time had no lower bound, enabling very small values (e.g., 1 tick at 1ns) that could trigger an unexpected RCU stall by repeatedly queuing expire updates. The connected docs describe the fix as a patch adding a sanity check for the ti...

5.5CVSS7.3AI score0.00642EPSS
Exploits0References9Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/19 1:56 p.m.19 views

CVE-2024-38618 ALSA: timer: Set lower bound of start tick time

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to ...

6.8AI score0.00642EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2024/06/19 1:56 p.m.19 views

CVE-2024-38618

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to ...

5.5CVSS5.5AI score0.00642EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/05/23 3:4 a.m.5 views

SUSE CVE-2021-47318

In the Linux kernel, the following vulnerability has been resolved: archtopology: Avoid use-after-free for scalefreqdata Currently topologyscalefreqtick which gets called from schedulertick may end up using a pointer to "struct scalefreqdata", which was previously cleared by...

7.8CVSS6.5AI score0.0023EPSS
Exploits0References4
OSV
OSV
added 2024/05/21 3:15 p.m.14 views

CVE-2021-47318

In the Linux kernel, the following vulnerability has been resolved: archtopology: Avoid use-after-free for scalefreqdata Currently topologyscalefreqtick which gets called from schedulertick may end up using a pointer to "struct scalefreqdata", which was previously cleared by...

7.8CVSS6.2AI score
Exploits0References2
OSV
OSV
added 2024/05/21 3:15 p.m.2 views

DEBIAN-CVE-2021-47318

In the Linux kernel, the following vulnerability has been resolved: archtopology: Avoid use-after-free for scalefreqdata Currently topologyscalefreqtick which gets called from schedulertick may end up using a pointer to "struct scalefreqdata", which was previously cleared by...

7.8CVSS5.6AI score0.0023EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/05/21 2:35 p.m.16 views

CVE-2021-47318

In the Linux kernel, the following vulnerability has been resolved: archtopology: Avoid use-after-free for scalefreqdata Currently topologyscalefreqtick which gets called from schedulertick may end up using a pointer to "struct scalefreqdata", which was previously cleared by...

7.8CVSS6AI score0.0023EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.6 views

kernel: rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-ed

In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobe-ed Registering a kprobe on rcuirqenterchecktick can cause kernel stack overflow as shown below. This issue can be reproduced by enabling CONFIGNOHZFULL and bootin...

5.5CVSS6.9AI score0.00162EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2024/04/08 12:0 a.m.47 views

Unbreakable Enterprise kernel security update

4.14.35-2047.535.2.1 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36467681 CVE-2024-1086 4.14.35-2047.535.2 - Fix null ptr in rdstcprecvpath Allison Henderson Orabug: 33499812 - LTS version: v4.14.338 Saeed Mirzamohammadi - crypto: scompress - initialize...

7.8CVSS8AI score0.28058EPSS
Exploits16
Packet Storm
Packet Storm
added 2024/02/26 12:0 a.m.246 views

Backdoor.Win32.AutoSpy.10 MVID-2024-0671 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/b012704cad2bae6edbd23135394b9127.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.AutoSpy.10 Vulnerability: Unauthenticated Remote Command Execution...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/11/14 3:46 p.m.4 views

kernel: tick/nohz: unexport __init-annotated tick_nohz_full_setup()

In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport init-annotated ticknohzfullsetup EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to ...

5.5CVSS6.3AI score0.00273EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL

In the Linux kernel, the following vulnerability has been resolved: x86/i8259: Mark legacy PIC interrupts with IRQLEVEL Baoquan reported that after triggering a crash the subsequent crash-kernel fails to boot about half of the time. It triggers a NULL pointer dereference in the periodic tick code...

5.5CVSS6.3AI score0.00247EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/10/19 10:15 a.m.3 views

CVE-2022-26943

The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using a tick count register as its sole entropy source. Low boottime entropy and limited re-seeding of the pool renders the authentication challenge vulnerable to two attacks. First, due to the limited...

8.8CVSS5.9AI score0.00314EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.6 views

PT-2023-12895 · Motorola · Motorola Mtm5000

Name of the Vulnerable Software and Affected Versions: Motorola MTM5000 series firmwares affected versions not specified Description: The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG that relies on a tick count register as its sole entropy source. This...

8.8CVSS8.5AI score0.00314EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/10/19 12:0 a.m.4 views

Motorola MTM5000 Security Feature Issue Vulnerability

The Motorola MTM5000 is a mobile radio from Motorola, USA. The Motorola MTM5000 suffers from a security vulnerability that stems from the use of PRNG to generate TETRA authentication polls and the use of the tick count register as its only source of entropy, which can be exploited by an attacker ...

8.8CVSS6.9AI score0.00314EPSS
Exploits0References2
Code423n4
Code423n4
added 2023/10/06 12:0 a.m.15 views

Unbounded tick arrays; add max length check to prevent gas issues.

Lines of code Vulnerability details Impact Tick arrays like tickTracking can grow unbounded. Could hit gas limit. As ticks are crossed, new TickTracking elements are pushed: function crossTicks bytes32 poolIdx, int24 exitTick, int24 entryTick internal tickTrackingpoolIdxexitTick.push...

6.8AI score
Exploits0
Rows per page
Query Builder