Lucene search
K

1534 matches found

Cvelist
Cvelist
added 2024/08/17 9:9 a.m.18 views

CVE-2024-42313 media: venus: fix use after free in vdec_close

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdecclose There appears to be a possible use after free with vdecclose. The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly...

0.00228EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/08/17 8:54 a.m.17 views

CVE-2024-42264 drm/v3d: Prevent out of bounds access in performance query extensions

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be...

6.8AI score0.00216EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/08/17 8:54 a.m.14 views

CVE-2024-42263

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it by...

5.5CVSS5.8AI score0.00196EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/08/17 8:54 a.m.13 views

CVE-2024-42260 drm/v3d: Validate passed in drm syncobj handles in the performance extension

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking...

6.9AI score0.00196EPSS
Exploits0References2
OSV
OSV
added 2024/08/13 5:30 p.m.14 views

USN-6949-2 linux-lowlatency, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

9.8CVSS6.6AI score0.01483EPSS
Exploits3References227
Tenable Nessus
Tenable Nessus
added 2024/08/13 12:0 a.m.76 views

Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6952-2)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6952-2 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...

9.8CVSS7.8AI score0.01483EPSS
Exploits3References233
OSV
OSV
added 2024/08/12 6:5 p.m.18 views

USN-6955-1 linux-oem-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

9.8CVSS6.6AI score0.01483EPSS
Exploits3References226
Oracle linux
Oracle linux
added 2024/08/12 12:0 a.m.43 views

Unbreakable Enterprise kernel security update

4.14.35-2047.539.5 - Revert 'mm/writeback: fix possible divide-by-zero in wbdirtylimits, again' Jan Kara - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879158 CVE-2024-41090 CVE-2024-41091 4.14.35-2047.539.4 - Fix parsing error in UEK5 kernel-uek-spec Yifei Liu Orabug: 368471...

6.9AI score0.00256EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.2 views

kernel: block: Fix wrong offset in bio_truncate()

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

7.5CVSS6.9AI score0.00915EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/08/08 12:0 a.m.51 views

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-6949-1)

"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6949-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

9.8CVSS7.2AI score0.01483EPSS
Exploits3References226
CVE
CVE
added 2024/08/07 3:14 p.m.123 views

CVE-2024-42236

CVE-2024-42236 affects the Linux kernel in the usb gadget configfs string handling. The vulnerability arises from not validating userspace-provided strings that can be empty, enabling an out-of-bounds (OOB) read at str[0-1] and a subsequent OOB write to str[0-1] = '\0'. The issue is fixed by addi...

5.5CVSS6.4AI score0.00233EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2024/08/07 3:14 p.m.15 views

CVE-2024-42236 usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' could trivially have the length zero. Left unchecked this will firstly result in an OOB read in the form if str0 - 1 == '\n' followed...

5.5CVSS6.2AI score0.00233EPSS
Exploits0References12
NVD
NVD
added 2024/07/29 3:15 p.m.18 views

CVE-2024-41065

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu- results in a BUG when the config CONFIGHARDENEDUSERCOPY is enabled as shown below. kernel...

5.5CVSS0.00225EPSS
Exploits0References8
OSV
OSV
added 2024/07/29 3:15 p.m.3 views

DEBIAN-CVE-2024-41052

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Init the count variable in collecting hot-reset devices The count variable is used without initialization, it results in mistakes in the device counting and crashes the userspace if the get hot reset info path is...

5.5CVSS5.3AI score0.00272EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 3:15 p.m.9 views

UBUNTU-CVE-2024-41052

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Init the count variable in collecting hot-reset devices The count variable is used without initialization, it results in mistakes in the device counting and crashes the userspace if the get hot reset info path is...

5.5CVSS5.7AI score0.00272EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2024/07/29 2:57 p.m.15 views

CVE-2024-41065 powerpc/pseries: Whitelist dtl slub object for copying to userspace

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu- results in a BUG when the config CONFIGHARDENEDUSERCOPY is enabled as shown below. kernel...

6.6AI score0.00225EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/07/29 2:32 p.m.14 views

CVE-2024-41052 vfio/pci: Init the count variable in collecting hot-reset devices

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Init the count variable in collecting hot-reset devices The count variable is used without initialization, it results in mistakes in the device counting and crashes the userspace if the get hot reset info path is...

6.8AI score0.00272EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/07/17 1:6 a.m.4 views

kernel: octeontx2-af: avoid off-by-one read from userspace

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...

5.5CVSS6.9AI score0.00238EPSS
Exploits0References5
NVD
NVD
added 2024/07/16 1:15 p.m.28 views

CVE-2022-48862

In the Linux kernel, the following vulnerability has been resolved: vhost: fix hung thread due to erroneous iotlb entries In vhostiotlbaddrangectx, range size can overflow to 0 when start is 0 and last is ULONGMAX. One instance where it can happen is when userspace sends an IOTLB message with...

5.5CVSS0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/07/16 2:35 a.m.5 views

SUSE CVE-2024-39504

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: validate mandatory meta and payload Check for mandatory netlink attributes in payload and meta expression when used embedded from the inner expression, otherwise NULL pointer dereference is possible from...

4.4CVSS6.8AI score0.00272EPSS
Exploits0References11
Rows per page
Query Builder