CVE-2024-26877

The CVE-2024-26877 issue is in the Linux kernel crypto/xilinx path: crypto_finalize_request is invoked with BH enabled, triggering a call trace. The vulnerability is resolved in the kernel (patches linked in the entry), with the root cause described as needing BH to be disabled when finalize is c...

CVE-2024-27009

The vulnerability CVE-2024-27009 (Linux kernel, s390) is covered by connected security bulletins. A race in ccw_device_set_online() could leave a device in an inconsistent state if a path verification arrives after final state wait but before result state evaluation, causing subsequent online att...

CVE-2023-52486

CVE-2023-52486 affects the Linux kernel DRM subsystem. The root cause is a logic error in drm_mode_page_flip_ioctl() where, after a deadlock is encountered, the framebuffer reference is unref’d and the operation retried without resetting the fb pointer to NULL. If another error occurs before the ...

CVE-2024-26992

The CVE-2024-26992 entry concerns the Linux kernel KVM: x86/pmu feature to disable adaptive PEBS. The advisory states that adaptive PEBS support is dropped due to architectural/breakage and because adaptive PEBS could leak host LBRs/addresses to guests. Root causes include: (1) improper handling ...

CVE-2023-52647

The CVE-2023-52647 issue affects the Linux kernel media/nxp imx8-isi crossbar driver. In the crossbar subdev translation from source to sink streams, the code may dereference a NULL remote pad when a stream targets an unconnected crossbar sink, potentially crashing the system. The advisory states...

CVE-2024-27389

CVE-2024-27389 affects the Linux kernel pstore code. The issue arises when unloading a modular pstore backend with records in pstorefs, where dput() and d_drop() were used together, causing a reference-counting problem. The root cause is that d_invalidate() is the correct contender for invalidati...

CVE-2024-27080

CVE-2024-27080 resolves a race in the Linux kernel's btrfs fiemap handling. The change stops locking the entire fiemap target range to avoid a deadlock with memory-mapped buffers, but creates a race where delalloc ranges in holes can be missed. As a result, fiemap consumers may not see delalloc d...

CVE-2024-38629

In CVE-2024-38629, the Linux kernel’s dmaengine: idxd driver had a use-after-free risk where ida_destroy(&file_ida) could run after file_ida was already destroyed during WQ cdev teardown, risking a kernel panic. The fix removes ida_destroy(&file_ida) since file_ida is allocated on cdev open and f...

CVE-2024-27039

The CVE-2024-27039 issue affects the Linux kernel clock framework for Hisilicon hi3559a. The root cause is an array p_clk that is allocated before iterating over clocks to register, and is incremented each loop iteration. If a clk_register() call fails, p_clk may point to memory that should not b...

CVE-2023-52648

CVE-2023-52648 – Linux kernel flaw in drm/vmwgfx: unmap the surface before resetting it on a plane state. Root cause: when switching to a new plane state surfaces are unreferenced, but the mapped flag may not be reset, allowing a plane backed by a bo to be treated as mapped, causing null derefs d...

CVE-2024-30737

CVE-2024-30737 entry is rejected/not used; it does not represent an active vulnerability.

CVE-2024-27391

CVE-2024-27391 concerns the Linux kernel wireless driver wilc1000. The issue arises from how wilc_netdev_ifc_init creates a workqueue; it reallocates the workqueue on each added interface, overwriting the existing one and causing a leakage across netdevs. The description notes that a single workq...

CVE-2024-31142

CVE-2024-31142 concerns the Xen hypervisor. The issue stems from a logical error in XSA-407 (Branch Type Confusion); the mitigation is not applied as intended, and XSA-434 (Speculative Return Stack Overflow) uses the same infrastructure, making it equally impacted. Available connected sources des...

CVE-2024-27390

CVE-2024-27390 : In the Linux kernel, the mutex/barrier introduced in ipv6_mc_down() via synchronize_net() is removed (ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down()). The change is aimed at reducing latency under load since synchronize_net() can delay 200 µs to 5 ms and may ...

CVE-2024-26284

Focus for iOS is affected by a UXSS vulnerability that can be triggered via a 302 redirect if a victim site links to the attacker’s site. The issue is described for all Focus for iOS versions prior to 123, with remediation implemented in Focus for iOS 123 and later. The root cause involves improp...

CVE-2022-20853

CVE-2022-20853 concerns Cisco Expressway Series and Cisco TelePresence VCS. The issue is a CSRF vulnerability in the REST API/web-based management interface caused by insufficient CSRF protections, allowing an unauthenticated, remote attacker to persuade a logged-in user to follow a crafted link,...

CVE-2023-52497

CVE-2023-52497 affects the Linux kernel EROFS: the vulnerability stems from in-place LZ4 decompression where two mapped buffers could cause data corruption due to overlapping buffers and buffer ordering, especially on newer Intel CPUs with FS RM. The fix switches to using the decompressed buffer ...

CVE-2024-30736

CVE-2024-30736 entry is rejected/not used; withdrawn by CNA with no vulnerability evidence.

CVE-2024-30691

CVE-2024-30691 is rejected; this entry is not active and does not represent a vulnerability.

CVE-2023-4859

CVE-2023-4859 is rejected; do not use this candidate number, reference CVE-2024-27957 instead.

CVE-2024-30692

CVE-2024-30692 has been withdrawn as invalid. Connected PT-2024-23572 documents a DoS vulnerability in ROS2 Galactic Geochelone, affecting ROS2 VERSION 2 and ROS PYTHON VERSION 3, with remote DoS possible and no fix available yet; no exploit details provided. Monitor for updates.

CVE-2024-26972

CVE-2024-26972 : Linux kernel UBIFS implementation issue in ubifs_symlink could leak inode->i_link in error paths when symlink encryption is involved. The description in connected advisories states the issue arises after marking an inode bad and calling iput(), if inode->i_link was initiali...

CVE-2024-5027

CVE-2024-5027 affects Citrix Workspace app for Mac (pre-2402.10). Elevation of privilege from a local authenticated user to root is possible. Remedy: upgrade to Citrix Workspace app for Mac 2402.10 or later (per CTX675851). If details on root-cause are not provided, note that explicit root-cause ...

CVE-2024-26959

CVE-2024-26959 affects the Linux kernel Bluetooth subsystem (btnxpuart). The issue is a scheduling while atomic BUG in btnxpuart_close that could leave the transmit queue unpurged and skb release unsafe. The fixed path is in btnxpuart_close, with related call chain through tty/serdev/uart during ...

CVE-2024-27034

CVE-2024-27034 : In the Linux kernel, the f2fs compression path had a fix for normal cluster writes overlapped with compressed clusters. If a compressed cluster is overwritten by a normal cluster, unlocking cp_rwsem during f2fs_write_raw_pages() could cause data corruption when partial blocks wer...

CVE-2021-26691

CVE-2021-26691 affects Apache HTTP Server, where a crafted SessionHeader can cause a heap overflow in 2.4.0–2.4.46. Several connected advisories indicate that updates have been released (e.g., AlmaLinux/CentOS/Red Hat ecosystems) and that newer Apache HTTP Server versions (e.g., 2.4.51 in Check P...

CVE-2024-26948

The CVE-2024-26948 entry concerns the Linux kernel DRM/AMD display path: a NULL state check is added in dc_state_release to prevent operating on a NULL dc_state. The issue is described as a local-attack surface with low privileges and no user interaction, but with a high availability impact. A fi...

CVE-2024-26621

CVE-2024-26621 affects the Linux kernel mm subsystem: huge_memory/THP alignment on 32-bit architectures. The issue arose from a change that aligned larger anonymous mappings on THP boundaries, which is problematic on 32-bit virtual address spaces. The vulnerability is resolved in the provided adv...

CVE-2024-27007

The CVE-2024-27007 issue affects the Linux kernel, specifically the userfaultfd path for UFFDIO_MOVE. The root cause was an incorrect update of src_folio (mapping/index) before the page-table is cleared and after unpin, risking memory corruption and swapout/migration failure. A fix was implemente...

CVE-2024-35938

CVE-2024-35938 : Linux kernel wifi/ath11k MHI channel buffers were reduced from the default 64KB to 8KB by setting buf_len to 8KB for QCA6390/WCN6855. This avoids large allocations that can fail under memory fragmentation when memory compaction/reclaim is not allowed, reducing risk of page‑alloca...

CVE-2023-20125

Cisco BroadWorks Network Server TCP Denial of Service vulnerability (CVE-2023-20125) arises from missing rate limiting for certain inbound TCP connections, allowing unauthenticated remote attackers to exhaust server resources and render the system unusable. Affected component is the local interfa...

CVE-2024-27066

CVE-2024-27066 concerns a Linux kernel vulnerability in the virtio packed indirect descriptor handling. When use_dma_api and premapped are true, do_unmap may be left false, causing vring_unmap_extra_packed not to be invoked during detach_buf_packed and creating an unmap leak for the indirect desc...

CVE-2024-26946

CVE-2024-26946: In the Linux kernel, the vulnerability resides in kprobes/x86 where arch_adjust_kprobe_addr() could read from an unsafe address. The fix switches the read to copy_from_kernel_nofault() to prevent kernel panics when data is inaccessible, as Syzcaller reported. Public details confir...

CVE-2024-26947

CVE-2024-26947 affects the Linux kernel ARM path handling for remap/pfn validation. The description across connected docs shows that after the commit adding the new semantics for pfn_valid (to consider freed memory map alignment), a valid page for a reserved address could crash when memory was re...

CVE-2024-26985

CVE-2024-26985 affects the Linux kernel DRM/xe path, specifically the intel_fb_bo_framebuffer_init function where a Bo reference could leak. The connected advisories confirm the fix: add an unreference of the BO in the error path and return 0 on success to clarify the normal path. The change is d...

CVE-2024-30684

CVE-2024-30684 is rejected; this entry is not used and does not indicate an active vulnerability.

CVE-2022-23087

The CVE-2022-23087 issue affects the e1000 device emulation in bhyve on FreeBSD, where the device model uses an on‑stack buffer to modify transmitted packets. When checksum offload is requested, a guest‑provided checksum offset is accepted without validation for certain packet types, enabling a m...

CVE-2024-26814

CVE-2024-26814 affects the Linux kernel vfio-fsl-mc driver. The eventfd_ctx trigger pointer for vfio_fsl_mc_irq can be NULL and may become NULL if the trigger is set to -1. The interrupt handler itself is guaranteed to have a valid trigger between request_irq() and free_irq(), but loopback tests ...

CVE-2024-1547

CVE-2024-1547 affects Mozilla Firefox (stable and ESR) and Thunderbird prior to certain patched versions. Affected: Firefox < 123, Firefox ESR < 115.8, Thunderbird

CVE-2024-26979

CVE-2024-26979 is rejected/not used; not an active vulnerability entry.

CVE-2024-30730

CVE-2024-30730 entry is rejected; this candidate was withdrawn and does not represent an active vulnerability.

CVE-2018-1312

CVE-2018-1312 affects Apache httpd 2.2.0–2.4.29 where nonce generation for HTTP Digest authentication was not seeded with a proper pseudo-random seed. This allowed replay across servers in a common Digest configuration. Public advisories (CentOS, Debian, Arch Linux, ALT Linux) fix confirmed in ve...

CVE-2024-26990

In CVE-2024-26990, the Linux kernel KVM x86/mmu vulnerability concerns write-protection of L2 SPTEs in the TDP MMU when clearing dirty status. The fix ensures that TDP MMU SPTEs are write-protected when using the L2 page table level with EPT disabled on L1 and PML enabled; since KVM disables PML ...

CVE-2024-30661

CVE-2024-30661 is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-30666

This CVE entry is rejected/not used and does not represent an active vulnerability.

CVE-2020-11022

CVE-2020-11022 affects jQuery versions >=1.2 and =3.5.0 or apply vendor guidance where applicable.

CVE-2024-26938

CVE-2024-26938 is a Linux kernel vulnerability in the drm/i915/bios path. The issue occurs when int​el_bios_encoder_supports_dp_dual_mode() encounters a NULL devdata for a DP encoder (e.g., if there is no VBT or the VBT does not declare the encoder). The kernel previously could oops or mis-handle...

CVE-2024-26963

CVE-2024-26963 affects the Linux kernel USB subsystem for the DWC3 controller on AM62 (usb: dwc3-am62). The vulnerability arises from runtime PM handling: when the kernel module is removed with runtime suspend active, the refclock may remain enabled and operations on device registers can occur. T...

CVE-2024-26607

The CVE-2024-26607 issue affects the Linux kernel sii902x bridge driver on TI platforms. Root cause: a probing race where drm_bridge_add() is invoked before the driver fully initializes the i2c EDID path, leading to a NULL pointer dereference in sii902x_bridge_get_edid during EDID reads. Impact: ...

CVE-2024-6235

CVE-2024-6235 is a NetScaler vulnerability in the NetScaler Console (and related components) that enables sensitive information disclosure. It affects NetScaler Console versions 14.1 before 14.1-25.53 (and related console/SDX/agent lines for CVE-2024-6236); exploitation can reveal sensitive data ...