CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

269 matches found

RedHat Linux•added 2024/11/05 1:22 a.m.•4 views

kernel: block: initialize integrity buffer to zero before writing it to media

A flaw was found in the Linux kernel, where it initialized the integrity buffer to zero before writing it to media. Metadata added by biointegrityprep uses plain kmalloc, which leads to random kernel memory being written. Protection Information PI metadata is limited to the app tag not used by...

5.5CVSS6.8AI score0.00232EPSS

Exploits0References5

RedHat Linux•added 2024/11/05 12:54 a.m.•2 views

kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in genradixptralloc If we need to increase the tree depth, allocate a new node, and then race with another thread that increased the tree depth before us, we'll still have a preallocated no...

4.7CVSS6.5AI score0.00161EPSS

Exploits0References5

SUSE CVE•added 2024/10/23 1:22 p.m.•2 views

SUSE CVE-2024-49997

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...

5.5CVSS7.8AI score0.01087EPSS

Exploits0References5

OSV•added 2024/10/21 6:15 p.m.•3 views

AZL-52969 CVE-2024-49885 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: mm, slub: avoid zeroing kmalloc redzone Since commit 946fa0dbf2d8 "mm/slub: extend redzone check to extra allocated kmalloc space than requested", setting origsize treats the wasted space objectsize - origsize as a redzone. Howev...

5.5CVSS6.3AI score0.00233EPSS

Exploits0References1

Vulnrichment•added 2024/10/21 6:1 p.m.•13 views

CVE-2024-49885 mm, slub: avoid zeroing kmalloc redzone

6.8AI score0.00233EPSS

Exploits0References3

RedhatCVE•added 2024/10/21 3:40 p.m.•12 views

CVE-2024-47728

In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...

4.4CVSS6.7AI score0.00237EPSS

Exploits0References4

CNNVD•added 2024/10/21 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to zero out a buffer when using the skbputpadto function for Ethernet frame stuffing, resulting in...

7.5CVSS6.7AI score0.01087EPSS

Exploits0References9

OSV•added 2024/10/09 3:15 p.m.•1 views

UBUNTU-CVE-2024-47668

4.7CVSS6.1AI score0.00161EPSS

Exploits0References25

RedHat Linux•added 2024/10/02 11:50 a.m.•5 views

golang-fips: Golang FIPS zeroed buffer

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

6.5CVSS5.8AI score0.00297EPSS

Exploits0References5

Microsoft CVE•added 2024/08/16 7:0 a.m.•7 views

wifi: mt76: replace skb_put with skb_put_zero

...

7.5CVSS7.3AI score0.00478EPSS

Exploits0

OSV•added 2024/07/29 3:15 p.m.•0 views

UBUNTU-CVE-2024-41059

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copyname syzbot reported BUG: KMSAN: uninit-value in sizedstrscpy+0xc4/0x160 sizedstrscpy+0xc4/0x160 copyname+0x2af/0x320 fs/hfsplus/xattr.c:411 hfspluslistxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750...

7.1CVSS6.3AI score0.00269EPSS

Exploits0References36

OSV•added 2024/06/19 3:15 p.m.•3 views

DEBIAN-CVE-2021-47616

In the Linux kernel, the following vulnerability has been resolved: RDMA: Fix use-after-free in rxequeuecleanup On error handling path in rxeqpfrominit qp-sq.queue is freed and then rxecreateqp will drop last reference to this object. qp clean up function will try to free this queue one time and ...

7.8CVSS5.5AI score0.00217EPSS

Exploits0References1

OSV•added 2024/06/19 3:15 p.m.•1 views

UBUNTU-CVE-2021-47616

7.8CVSS5.7AI score0.00217EPSS

Exploits0References5

SUSE CVE•added 2024/06/01 2:23 a.m.•4 views

SUSE CVE-2024-36892

In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid zeroing outside-object freepointer for single free Commit 284f17ac13fe "mm/slub: handle bulk and single object freeing separately" splits single and bulk object freeing in two functions slabfree and slabfreebulk...

5.5CVSS6.5AI score0.00196EPSS

Exploits0References3

Cvelist•added 2024/05/30 3:28 p.m.•27 views

CVE-2024-36892 mm/slub: avoid zeroing outside-object freepointer for single free

6.4AI score0.00196EPSS

Exploits0References2

SUSE CVE•added 2024/05/25 3:33 a.m.•4 views

SUSE CVE-2021-47460

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 "fs: Don't invalidate page buffers in blockwritefullpage" uncovered a latent bug in ocfs2 conversion from inline inode format to a normal inode...

6.1CVSS6.8AI score0.0021EPSS

Exploits0References14

SUSE CVE•added 2024/05/23 2:56 a.m.•2 views

SUSE CVE-2023-52874

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDXHYPERCALL macro In the TDXHYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid...

3.8CVSS6.8AI score0.00253EPSS

Exploits0References12