Lucene search
K

87 matches found

OSV
OSV
added 2025/08/24 11:40 p.m.5 views

USN-7714-1 open-vm-tools vulnerabilities

Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A local attacker could possibly use this issue to hijack /dev/uinput and simulate user inputs. CVE-2023-34059 Dolev Farhi discovered that Open VM Tools incorrectly handled certain file...

7.4CVSS6.1AI score0.00405EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-34059

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack...

7.4CVSS7.2AI score0.00402EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:55 p.m.7 views

CVE-2021-46894

Use After Free UAF vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation...

9.8CVSS6.8AI score0.00382EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.3 views

kernel: Input: uinput - reject requests with unreasonable number of slots

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...

5.5CVSS6.8AI score0.00283EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-46745

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large numbe...

5.5CVSS6.7AI score0.00283EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/02/14 6:24 a.m.4 views

SUSE CVE-2023-34059

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs...

7CVSS6.3AI score0.00402EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Input: uinput – rejects requests with an unreasonable number of slots When using uinput, the syzkaller may attempt to set up a device with a very large number of slots, leading to a memory allocation failure in inputmtinitslots...

5.5CVSS6.2AI score0.00283EPSS
Exploits0References3
Amazon
Amazon
added 2024/11/15 12:0 a.m.7 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow CVE-2024-43853 In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media CVE-2024-43854 ...

7.8CVSS6.8AI score0.00879EPSS
Exploits2
Amazon
Amazon
added 2024/10/14 12:0 a.m.6 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization CVE-2024-46713 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd CVE-2024-46734 In the...

7.8CVSS8AI score0.00299EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/10/10 12:0 a.m.53 views

SUSE SLES12: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2024:3566-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3566-1 advisory. The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

7.8CVSS6.9AI score0.00879EPSS
Exploits3References273
SUSE CVE
SUSE CVE
added 2024/09/19 3:10 a.m.2 views

SUSE CVE-2024-46745

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...

5.5CVSS6.5AI score0.00283EPSS
Exploits0References18
RedhatCVE
RedhatCVE
added 2024/09/18 9:47 a.m.23 views

CVE-2024-46745

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...

5.5CVSS6.9AI score0.00283EPSS
Exploits0References4
NVD
NVD
added 2024/09/18 8:15 a.m.18 views

CVE-2024-46745

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...

5.5CVSS0.00283EPSS
Exploits0References13
OSV
OSV
added 2024/09/18 8:15 a.m.1 views

DEBIAN-CVE-2024-46745

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...

5.5CVSS5.6AI score0.00283EPSS
Exploits0References1
OSV
OSV
added 2024/09/18 8:15 a.m.1 views

UBUNTU-CVE-2024-46745

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...

5.5CVSS6.1AI score0.00283EPSS
Exploits0References27
Vulnrichment
Vulnrichment
added 2024/09/18 7:12 a.m.21 views

CVE-2024-46745 Input: uinput - reject requests with unreasonable number of slots

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...

6.9AI score0.00283EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/09/18 7:12 a.m.15 views

CVE-2024-46745 Input: uinput - reject requests with unreasonable number of slots

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...

0.00283EPSS
Exploits0References8
CVE
CVE
added 2024/09/18 7:12 a.m.148 views

CVE-2024-46745

CVE-2024-46745 affects the Linux kernel uinput interface. The root cause is an unbounded request for slots via syzkaller, causing memory allocation failure in input_mt_init_slots. The fix limits the allowed number of slots to 100 (extendable if devices require more). Consequences described in the...

5.5CVSS6.6AI score0.00283EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2024/09/18 7:12 a.m.18 views

CVE-2024-46745 Input: uinput - reject requests with unreasonable number of slots

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...

5.5CVSS6.2AI score0.00283EPSS
Exploits0References13
OSV
OSV
added 2023/12/06 9:43 a.m.3 views

USN-6463-2 open-vm-tools vulnerabilities

USN-6463-1 fixed vulnerabilities in Open VM Tools. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker with Guest Operations privileges could...

7.5CVSS6.8AI score0.00667EPSS
Exploits0References3
Rows per page
Query Builder