Lucene search
K

241 matches found

CVE
CVE
added 2024/10/21 7:39 p.m.205 views

CVE-2024-50035

CVE-2024-50035 affects the Linux kernel PPP path, specifically a fault in ppp_async_encode() that can be triggered by a zero-size pppoe_sendmsg() followed by an empty skb, leading to a possible uninitialized access (KMSAN) in drivers/net/ppp/ppp_async.c. The issue was fixed in upstream Linux comm...

7.1CVSS7.7AI score0.00272EPSS
Exploits0References12Affected Software1
CVE
CVE
added 2024/10/21 7:39 p.m.218 views

CVE-2024-50033

CVE-2024-50033 relates to the Linux kernel slip/slhc.c, where slhc_remember() failed to validate packets against malicious inputs. The issue allowed uninit reads due to insufficient checks on packet contents beyond a 20-byte minimum, risking exposure via PPP/SLIP processing when IPv4 and TCP head...

7.1CVSS7.8AI score0.00272EPSS
Exploits0References11Affected Software1
Cvelist
Cvelist
added 2024/10/21 7:39 p.m.22 views

CVE-2024-50033 slip: make slhc_remember() more robust against malicious packets

In the Linux kernel, the following vulnerability has been resolved: slip: make slhcremember more robust against malicious packets syzbot found that slhcremember was missing checks against malicious packets 1. slhcremember only checked the size of the packet was at least 20, which is not good...

0.00272EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/10/21 7:39 p.m.12 views

CVE-2024-50033 slip: make slhc_remember() more robust against malicious packets

In the Linux kernel, the following vulnerability has been resolved: slip: make slhcremember more robust against malicious packets syzbot found that slhcremember was missing checks against malicious packets 1. slhcremember only checked the size of the packet was at least 20, which is not good...

7.1AI score0.00272EPSS
Exploits0References7
NVD
NVD
added 2024/10/21 6:15 p.m.11 views

CVE-2024-49900

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of newea in eabuffer syzbot reports that lzo1x1docompress is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x1docompress+0x19f9/0x2510...

7.1CVSS0.00279EPSS
Exploits0References13
Cvelist
Cvelist
added 2024/10/21 6:1 p.m.21 views

CVE-2024-49900 jfs: Fix uninit-value access of new_ea in ea_buffer

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of newea in eabuffer syzbot reports that lzo1x1docompress is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x1docompress+0x19f9/0x2510...

0.00279EPSS
Exploits0References9
OSV
OSV
added 2024/10/21 6:1 p.m.14 views

CVE-2024-49900 jfs: Fix uninit-value access of new_ea in ea_buffer

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of newea in eabuffer syzbot reports that lzo1x1docompress is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x1docompress+0x19f9/0x2510...

7.1CVSS6.3AI score0.00279EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2024/10/21 6:1 p.m.9 views

CVE-2024-49900 jfs: Fix uninit-value access of new_ea in ea_buffer

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of newea in eabuffer syzbot reports that lzo1x1docompress is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x1docompress+0x19f9/0x2510...

6.7AI score0.00279EPSS
Exploits0References9
NVD
NVD
added 2024/10/21 12:15 p.m.23 views

CVE-2024-47685

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was possibly sending garbage on the four reserved tcp bits th-res1 Use skbputzero to clear the whole TCP header, as done in...

9.1CVSS0.01367EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2024/10/17 12:0 a.m.30 views

SUSE SLES15 Security Update : kernel (Live Patch 19 for SLE 15 SP4) (SUSE-SU-2024:3643-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3643-1 advisory. This update for the Linux Kernel 5.14.21-1504002492 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed...

7.8CVSS6.9AI score0.00269EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2024/10/17 12:0 a.m.30 views

SUSE SLES15 Security Update : kernel (Live Patch 15 for SLE 15 SP5) (SUSE-SU-2024:3702-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3702-1 advisory. This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: - CVE-2024-36899: gpiolib:...

7.8CVSS6.9AI score0.00278EPSS
Exploits0References19
SUSE Linux
SUSE Linux
added 2024/10/16 8:52 p.m.2 views

Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024125 fixes several issues. The following security issues were fixed: CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808 CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. Patch Instructions:...

7.8CVSS8.1AI score0.00269EPSS
Exploits0References8
OSV
OSV
added 2024/10/16 7:34 p.m.16 views

SUSE-SU-2024:3702-1 Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails...

7.8CVSS7.5AI score0.00278EPSS
Exploits0References13
OSV
OSV
added 2024/10/16 7:4 p.m.28 views

SUSE-SU-2024:3697-1 Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005552 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

7.8CVSS8.3AI score0.00767EPSS
Exploits1References39
OSV
OSV
added 2024/10/16 7:4 p.m.27 views

SUSE-SU-2024:3695-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

7.8CVSS8.3AI score0.00767EPSS
Exploits1References41
OSV
OSV
added 2024/10/16 6:33 p.m.20 views

SUSE-SU-2024:3687-1 Security update for the Linux Kernel (Live Patch 48 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122176 fixes several issues. The following security issues were fixed: - CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 bsc1226325...

7.1CVSS7.2AI score0.00269EPSS
Exploits0References5
OSV
OSV
added 2024/10/16 10:4 a.m.12 views

SUSE-SU-2024:3651-1 Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651. -...

9.8CVSS8.2AI score0.01166EPSS
Exploits2References39
OSV
OSV
added 2024/10/16 5:3 a.m.23 views

SUSE-SU-2024:3643-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002492 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

7.8CVSS7.2AI score0.00269EPSS
Exploits0References11
OSV
OSV
added 2024/10/15 12:33 p.m.16 views

SUSE-SU-2024:3640-1 Security update for the Linux Kernel (Live Patch 50 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122183 fixes several issues. The following security issues were fixed: - CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 bsc1226325...

7.1CVSS7.2AI score0.00269EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2024/10/15 3:33 a.m.14 views

Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001361 fixes several issues. The following security issues were fixed: CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808 CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. CVE-2024-40909: bpf:...

7.8CVSS8.2AI score0.00278EPSS
Exploits0References12
Rows per page
Query Builder