Linux Kernel Organization, Inc. Security Vulnerabilities
In the Linux kernel, the following vulnerability has been resolved: peci: cpu: Fix use-after-free in adev_release() When auxiliary_device_add() returns an error, auxiliary_device_uninit() is called, which causes refcount for device to be decremented and .release callback will be triggered. Because....
7.8CVSS
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQ after QP is in error target the wrong CQ. This causes the ib_drain_sq to hang with no completion. Fix this to generate...
7.8CVSS
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix memory leak during rmmod Driver failed to release all memory allocated. This would lead to memory leak during driver removal. Properly free memory when the module is...
5.5CVSS
6.4AI Score
0.0004EPSS
Exploit for Integer Overflow or Wraparound in Linux Linux Kernel
Needle (CVE-2023-0179) exploit This repository contains the...
7.8CVSS
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU but the htt mlo-offset event handling code calling ath12k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section. Mark the....
7.8CVSS
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move i915_gem_context.link under ref protection i915_perf assumes that it can use the i915_gem_context reference to protect its i915->gem.contexts.list iteration. However, this requires that we do not remove...
7.8CVSS
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets when 'act_mirred' tries to fragment IPv4 packets that had been previously re-assembled using 'act_ct', splats like the following can be observed on kernels...
7.1CVSS
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix unbalanced device enable/disable in suspend/resume pci_disable_device() called in __ixgbe_shutdown() decreases dev->enable_cnt by 1. pci_enable_device_mem() which increases dev->enable_cnt by 1, was removed from...
5.5CVSS
5.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: r8169: fix LED-related deadlock on module removal Binding devm_led_classdev_register() to the netdev is problematic because on module removal we get a RTNL-related deadlock. Fix this by avoiding the device-managed LED functions....
7.8CVSS
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix NULL pointer dereference when get power limit Because powerplay_table initialization is skipped under sriov case, We check and set default lower and upper OD value if powerplay_table is...
5.5CVSS
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on...
5.5CVSS
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: perf: RISCV: Fix panic on pmu overflow handler (1 << idx) of int is not desired when setting bits in unsigned long overflowed_ctrs, use BIT() instead. This panic happens when running 'perf record -e branches' on sophgo sg2042...
5.5CVSS
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Revert "kobject: Remove redundant checks for whether ktype is NULL" This reverts commit 1b28cb81dab7c1eedc6034206f4e8d644046ad31. It is reported to cause problems, so revert it for now until the root cause can be...
5.5CVSS
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsim_init_netdevsim(), which is only called if (nsim_dev_port_is_pf()). Create a counterpart of nsim_init_netdevsim() and move the mock_phc_destroy() there....
5.5CVSS
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are 0 in "iommu-addresses" property. If IOVA region is reserved with 0 length, then it ends up...
7.8CVSS
6.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a race condition between btf_put() and map_free() When running ./test_progs -j in my local vm with latest kernel, I once hit a kasan error like below: [ 1887.184724] BUG: KASAN: slab-use-after-free in...
7.8CVSS
7.1AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bits. Write back the bits actually read instead so the driver avoids clobbering the OVERFLOW bit that...
5.5CVSS
5.6AI Score
0.0004EPSS
Exploit for Improper Initialization in Linux Linux Kernel
DirtyPipe Exploit for the DirtyPipe...
7.8CVSS
8.3AI Score
0.076EPSS
(RHSA-2024:2049) Important: OpenShift Container Platform 4.13.41 packages and security update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.41. See the following advisory for the container...
7.4AI Score
0.0005EPSS
Fedora 28 : kernel / kernel-headers / kernel-tools (2019-1b986880ea)
The 5.0.9 update contains a number of important fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing.....
8.3CVSS
6.4AI Score
0.007EPSS
Fedora 29 : kernel / kernel-headers / kernel-tools (2019-1e8a4c6958)
The 5.0.9 update contains a number of important fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing.....
8.3CVSS
6.4AI Score
0.007EPSS
DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or...
7.5CVSS
7.5AI Score
0.024EPSS
Summary IBM Storage Copy Data Management can be affected by vulnerabilities in libcurl, cURL and Linux Kernel. Vulnerabilities include an attacker could exploit these vulnerabilities to overflow a buffer and execute arbitrary code on the system, to insert cookies at will into a running program, to....
9.8CVSS
9.7AI Score
0.003EPSS
Fedora 30 : kernel / kernel-headers / kernel-tools (2019-e37c348348)
The 5.2.7 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
5.6CVSS
7.1AI Score
0.001EPSS
Fedora 29 : kernel / kernel-headers / kernel-tools (2019-6bda4c81f4)
The 5.2.7 stable kernel update contains a number of important fixes across the tree. The 5.2.6 kernel rebase contains new hardware support, features, and a number of important bug fixes across the tree. Update to v5.1.12 Note that Tenable Network Security has extracted the preceding description...
5.6CVSS
6.9AI Score
0.001EPSS
An out-of-bounds read in Organization Specific TLV was found in various versions of...
9.8CVSS
9.3AI Score
0.002EPSS
6.7AI Score
lunary-ai/lunary Access Control Vulnerability in Prompt Variation Management
In lunary-ai/lunary version 1.2.13, an insufficient granularity of access control vulnerability allows users to create, update, get, and delete prompt variations for datasets not owned by their organization. This issue arises due to the application not properly validating the ownership of dataset.....
8.1CVSS
6.8AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd->result only when scmnd is not NULL This change fixes the following kernel NULL pointer dereference which is reproduced by blktests srp/007 occasionally. BUG: kernel NULL pointer dereference, address:...
5.5CVSS
6.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context. Commit 5a836bf6b09f ("mm: slub: move flush_cpu_slab() invocations __free_slab() invocations out of IRQ context") moved all flush_cpu_slab() invocations to...
7.8CVSS
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix TPM reservation for seal/unseal The original patch 8c657a0590de ("KEYS: trusted: Reserve TPM for seal and unseal operations") was correct on the mailing list:...
5.5CVSS
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq size store permission state WQ size can only be changed when the device is disabled. Current code allows change when device is enabled but wq is disabled. Change the check to detect device...
5.5CVSS
5.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq cleanup of WQCFG registers A pre-release silicon erratum workaround where wq reset does not clear WQCFG registers was leaked into upstream code. Use wq reset command instead of blasting the MMIO region....
5.5CVSS
5.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether withdrawn or not, the quota should be cleaned up by gfs2_quota_cleanup(). Otherwise, struct gfs2_sbd will be freed before gfs2_qd_dealloc (rcu callback)....
7.8CVSS
6.7AI Score
0.0004EPSS
(RHSA-2024:2627) Moderate: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit (AMD-SN-3008,CVE-2024-25742,CVE-2024-25743) Bug Fix(es): CVE-2024-25743 kernel: hw: amd: Instruction raise #VC exception at...
7.5AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initialization. However,...
5.5CVSS
6.4AI Score
0.0004EPSS
An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the...
7.8CVSS
7.8AI Score
0.0005EPSS
In the Linux kernel, the following vulnerability has been resolved: parisc: Clear stale IIR value on instruction access rights trap When a trap 7 (Instruction access rights) occurs, this means the CPU couldn't execute an instruction due to missing execute permissions on the memory region. In this.....
5.5CVSS
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set element expression template memcpy() breaks when using connlimit in set elements. Use nft_expr_clone() to initialize the connlimit expression list, otherwise connlimit garbage collector crashes when.....
5.5CVSS
5.2AI Score
0.0004EPSS
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-517)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-517 advisory. 2024-06-06: CVE-2023-52498 was added to this advisory. 2024-06-06: CVE-2023-52489 was added to this advisory. 2024-06-06: CVE-2024-26614 was added to this advisory. 2024-06-06: CVE-2023-52486...
7.8CVSS
7.6AI Score
0.002EPSS
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-385)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-385 advisory. 2024-06-06: CVE-2023-52501 was added to this advisory. 2024-06-06: CVE-2023-52567 was added to this advisory. 2024-06-06: CVE-2023-52482 was added to this advisory. 2024-03-27: CVE-2023-52433...
7.8CVSS
7.3AI Score
0.0004EPSS
An integer underflow in Organization Specific TLV was found in various versions of...
9.8CVSS
9.3AI Score
0.002EPSS
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
EPSS
It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/ using its view key. This functionality is intended to only be available to individuals with the permission to write/edit...
6.5CVSS
7AI Score
0.0004EPSS
lunary-ai/lunary allows users unauthorized access to projects
In lunary-ai/lunary version v1.2.13, an improper authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the checkProjectAccess method within the...
9.8CVSS
6.8AI Score
0.0004EPSS
(RHSA-2024:2628) Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit (AMD-SN-3008,CVE-2024-25742,CVE-2024-25743) Bug Fix(es): kernel-rt:...
7.3AI Score
EPSS
(RHSA-2024:0448) Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe (CVE-2023-2163) kernel: use after free in unix_stream_sendpage (CVE-2023-4622) kernel:...
7.8AI Score
0.001EPSS
gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available....
5.5CVSS
5.8AI Score
0.0004EPSS
(RHSA-2024:2582) Moderate: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283) kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586) kernel: netfilter:...
7.9AI Score
0.0004EPSS
A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local...
7.8CVSS
6.2AI Score
0.0004EPSS