Lucene search
K

1534 matches found

UbuntuCve
UbuntuCve
added 2024/05/30 4:15 p.m.16 views

CVE-2024-36957

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...

5.5CVSS6.5AI score0.00238EPSS
Exploits0References20
UbuntuCve
UbuntuCve
added 2024/05/30 4:15 p.m.16 views

CVE-2024-36899

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...

7CVSS6.4AI score0.00178EPSS
Exploits0References21
OSV
OSV
added 2024/05/30 4:15 p.m.2 views

UBUNTU-CVE-2024-36957

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...

5.5CVSS6.3AI score0.00238EPSS
Exploits0References21
Vulnrichment
Vulnrichment
added 2024/05/30 3:35 p.m.23 views

CVE-2024-36957 octeontx2-af: avoid off-by-one read from userspace

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...

6.9AI score0.00238EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/05/30 3:35 p.m.33 views

CVE-2024-36957 octeontx2-af: avoid off-by-one read from userspace

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...

7.5AI score0.00238EPSS
Exploits0References6
OSV
OSV
added 2024/05/30 3:35 p.m.19 views

CVE-2024-36957 octeontx2-af: avoid off-by-one read from userspace

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...

5.5CVSS6.1AI score0.00238EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/05/30 3:29 p.m.28 views

CVE-2024-36899 gpiolib: cdev: Fix use after free in lineinfo_changed_notify

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...

7AI score0.00178EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/05/30 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the octeontx2-af module avoiding reads from userspace one by one...

5.5CVSS6.4AI score0.00238EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/05/29 8:15 a.m.3 views

kernel: netfilter: nf_tables: disallow anonymous set with timeout flag

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFTSETEVAL to ensure legacy meters still work...

5.5CVSS6.8AI score0.00257EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/05/23 3:55 p.m.2 views

SUSE CVE-2021-47360

In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BCFREEBUFFER processing, the BINDERTYPEFDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to...

5.5CVSS6.5AI score0.0025EPSS
Exploits0References8
Ubuntu
Ubuntu
added 2024/05/23 12:2 p.m.60 views

USN-6777-4: Linux kernel (HWE) vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...

7.8CVSS6.8AI score0.00315EPSS
Exploits0
OSV
OSV
added 2024/05/23 12:2 p.m.8 views

USN-6777-4 linux-aws-hwe vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...

7.8CVSS6.7AI score0.00315EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2024/05/23 7:36 a.m.4 views

kernel: netfilter: nf_tables: disallow anonymous set with timeout flag

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFTSETEVAL to ensure legacy meters still work...

5.5CVSS6.8AI score0.00257EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/05/23 3:5 a.m.1 views

SUSE CVE-2021-47272

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...

5.5CVSS6.4AI score0.00222EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.77 views

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-6777-4)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6777-4 advisory. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use-...

7.8CVSS7AI score0.00315EPSS
Exploits0References18
RedhatCVE
RedhatCVE
added 2024/05/22 12:28 p.m.22 views

CVE-2021-47326

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.7AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/05/22 10:16 a.m.4 views

kernel: KVM: information leak in KVM_GET_DEBUGREGS ioctl on 32-bit systems

A flaw was found in KVM. When calling the KVMGETDEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvmdebugregs structure that could be copied to userspace, causing an information leak...

3.3CVSS6.8AI score0.00231EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2024/05/21 10:34 p.m.68 views

USN-6777-3: Linux kernel (GCP) vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...

7.8CVSS6.8AI score0.00315EPSS
Exploits0
OSV
OSV
added 2024/05/21 10:34 p.m.6 views

USN-6777-3 linux-gcp vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...

7.8CVSS6.7AI score0.00315EPSS
Exploits0References18
CVE
CVE
added 2024/05/21 3:31 p.m.91 views

CVE-2023-52861

In CVE-2023-52861, the Linux kernel DRM bridge it66121 had a NULL pointer dereference when no monitor is connected and the sound card is opened from userspace. The fix returns an empty EDID buffer (zeros) to the sound framework when no connector is attached, preventing the dereference and its pot...

6.2CVSS7.5AI score0.00248EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder