Lucene search
K

241 matches found

Vulnrichment
Vulnrichment
added 2024/08/17 8:54 a.m.21 views

CVE-2024-42272 sched: act_ct: take care of padding in struct zones_ht_key

In the Linux kernel, the following vulnerability has been resolved: sched: actct: take care of padding in struct zoneshtkey Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zoneshtkey got a struct net pointer. Make sure rhashtablelookup is not using the padding bytes whic...

6.8AI score0.00233EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/08/17 8:54 a.m.18 views

CVE-2024-42272

In the Linux kernel, the following vulnerability has been resolved: sched: actct: take care of padding in struct zoneshtkey Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zoneshtkey got a struct net pointer. Make sure rhashtablelookup is not using the padding bytes whic...

5.5CVSS5.6AI score0.00233EPSS
Exploits0
OSV
OSV
added 2024/08/13 2:7 p.m.34 views

SUSE-SU-2024:2894-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe bsc1220952. - CVE-2021-47103: net: sock: preserve kabi for sock bsc1221010. - CVE-2021-47186: tipc:...

9.1CVSS8.3AI score0.01219EPSS
Exploits6References672
Oracle linux
Oracle linux
added 2024/08/12 12:0 a.m.43 views

Unbreakable Enterprise kernel security update

4.14.35-2047.539.5 - Revert 'mm/writeback: fix possible divide-by-zero in wbdirtylimits, again' Jan Kara - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879158 CVE-2024-41090 CVE-2024-41091 4.14.35-2047.539.4 - Fix parsing error in UEK5 kernel-uek-spec Yifei Liu Orabug: 368471...

6.9AI score0.00254EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.8 views

kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING

In the Linux kernel, the following vulnerability has been resolved: tipc: Change nlapolicy for bearer-related names to NLANULSTRING syzbot reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in strlen lib/string.c:418...

5.5CVSS6.9AI score0.00262EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.10 views

kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING

In the Linux kernel, the following vulnerability has been resolved: tipc: Change nlapolicy for bearer-related names to NLANULSTRING syzbot reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in strlen lib/string.c:418...

5.5CVSS6.9AI score0.00262EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/07/31 9:18 a.m.21 views

CVE-2024-42106

In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...

4.4CVSS8.1AI score0.00258EPSS
Exploits0References4
NVD
NVD
added 2024/07/30 8:15 a.m.18 views

CVE-2024-42106

In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...

5.5CVSS0.00258EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2024/07/30 8:15 a.m.23 views

CVE-2024-42106

In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...

5.5CVSS6.3AI score0.00258EPSS
Exploits0References32
Cvelist
Cvelist
added 2024/07/30 7:46 a.m.22 views

CVE-2024-42106 inet_diag: Initialize pad field in struct inet_diag_req_v2

In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...

0.00258EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/07/30 7:46 a.m.21 views

CVE-2024-42106 inet_diag: Initialize pad field in struct inet_diag_req_v2

In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...

6.3AI score0.00258EPSS
Exploits0References8
OSV
OSV
added 2024/07/30 7:46 a.m.24 views

CVE-2024-42106 inet_diag: Initialize pad field in struct inet_diag_req_v2

In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...

5.5CVSS5.9AI score0.00258EPSS
Exploits0References12
CVE
CVE
added 2024/07/30 7:46 a.m.120 views

CVE-2024-42106

CVE-2024-42106 : In the Linux kernel, the inet_diag path for raw sockets could read an uninitialized pad field in inet_diag_req_v2 when converting inet_diag_req to v2, leading to uninitialized reads in raw_lookup(). The root cause is that inet_diag_get_exact_compat() and inet_diag_dump_compat() d...

5.5CVSS6.1AI score0.00258EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2024/07/29 3:15 p.m.14 views

CVE-2024-41059

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copyname syzbot reported BUG: KMSAN: uninit-value in sizedstrscpy+0xc4/0x160 sizedstrscpy+0xc4/0x160 copyname+0x2af/0x320 fs/hfsplus/xattr.c:411 hfspluslistxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750...

7.1CVSS0.00269EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/07/29 2:57 p.m.21 views

CVE-2024-41059 hfsplus: fix uninit-value in copy_name

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copyname syzbot reported BUG: KMSAN: uninit-value in sizedstrscpy+0xc4/0x160 sizedstrscpy+0xc4/0x160 copyname+0x2af/0x320 fs/hfsplus/xattr.c:411 hfspluslistxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750...

0.00269EPSS
Exploits0References8
CVE
CVE
added 2024/07/29 2:57 p.m.148 views

CVE-2024-41059

CVE-2024-41059 (Linux kernel) : A KMSAN-uninitialized value occurred in hfsplus when copying names during extended attributes operations (copy_name in fs/hfsplus/xattr.c). The issue traces to uninitialized memory used during sized_strscpy, leading to a potential information leak or instability wi...

7.1CVSS6.5AI score0.00269EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2024/07/22 2:39 p.m.12 views

CLSA-2024-1721659158 Fix of 66 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof vs ARRAYSIZE bug CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADFDEVRESETSYNC memory leak CVE-url:...

7.8CVSS6.7AI score0.01136EPSS
Exploits1References1
NVD
NVD
added 2024/06/25 3:15 p.m.18 views

CVE-2024-39301

In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9clientrpc Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace9pclientres include/trace/events/9p.h:146 inline BUG: KMSAN: uninit-value in...

5.5CVSS0.00228EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/06/25 2:22 p.m.34 views

CVE-2024-39301 net/9p: fix uninit-value in p9_client_rpc()

In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9clientrpc Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace9pclientres include/trace/events/9p.h:146 inline BUG: KMSAN: uninit-value in...

0.00228EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/06/25 2:22 p.m.16 views

CVE-2024-39301 net/9p: fix uninit-value in p9_client_rpc()

In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9clientrpc Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace9pclientres include/trace/events/9p.h:146 inline BUG: KMSAN: uninit-value in...

7.1AI score0.00228EPSS
Exploits0References8
Rows per page
Query Builder