Linux Kernel Organization, Inc. Security Vulnerabilities
Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute...
6.9AI Score
0.002EPSS
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled (!CONFIG_IPV6) we'll hit a NULL pointer dereference[1] in the error path of nh_create_ipv6() due to...
5.5CVSS
6.3AI Score
0.0004EPSS
Fedora 29 : kernel / kernel-headers / kernel-tools (2019-7bdeed7fc5)
The 4.20.11 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
7.8CVSS
7.9AI Score
0.001EPSS
(RHSA-2024:2758) Moderate: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit...
6.8AI Score
EPSS
Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer...
9.8CVSS
7AI Score
EPSS
The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause....
6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Both errors are embarassingly simple, and the fixes are...
7.1CVSS
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort path, nft_mapelem_activate() needs to restore refcounters to the original state. Currently, it uses the set->ops->walk() to iterate over these set...
5.5CVSS
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bd_link_disk_holder and partition scan 'open_mutex' of gendisk is used to protect open/close block devices. But in bd_link_disk_holder(), it is used to protect the creation of symlink between holding...
5.5CVSS
6.4AI Score
0.0004EPSS
Exploit for Use After Free in Linux Linux Kernel
Demonstration that Claude 3 Opus does not understand...
7.9AI Score
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI bus the PE is...
5.5CVSS
6.6AI Score
0.0004EPSS
OAuthenticator provides plugins for JupyterHub to use common OAuth providers, as well as base classes for writing one's own Authenticators with any OAuth 2.0 provider. GoogleOAuthenticator.hosted_domain is used to restrict what Google accounts can be authorized access to a JupyterHub. The...
7.5CVSS
7.6AI Score
0.0004EPSS
(RHSA-2022:8267) Moderate: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): off-path attacker may inject data or terminate victim's TCP session (CVE-2020-36516) use-after-free vulnerability in function sco_sock_sendmsg() (CVE-2021-3640) smb2_ioctl_query_info NULL...
7.8AI Score
EPSS
CVE-2024-0552 Intumit inc. SmartRobot - Remote Code Execution
Intumit inc. SmartRobot's web framwork has a remote code execution vulnerability. An unauthorized remote attacker can exploit this vulnerability to execute arbitrary commands on the remote...
9.8CVSS
10AI Score
0.002EPSS
Moderate: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section....
9.8CVSS
6.7AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report [1] showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...
7CVSS
6.5AI Score
0.0004EPSS
Exploit for Use After Free in Linux Linux Kernel
Use-After-Free in Netfilter nf_tables when processing batch...
7.8CVSS
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: fix potential memleak In function amdgpu_get_xgmi_hive, when kobject_init_and_add failed There is a potential memleak if not call...
5.5CVSS
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential null pointer derefernce The amdgpu_ras_get_context may return NULL if device not support ras feature, so add check before...
5.5CVSS
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatile_panel_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate(). Add....
5.5CVSS
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"), the PCI code will call the IRQ mapping function whenever a PCI driver is probed. If these are...
5.5CVSS
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference of timing generator [Why & How] Check whether assigned timing generator is NULL or not before accessing its funcs to prevent NULL...
5.5CVSS
6.7AI Score
0.0004EPSS
Exploit for Improper Initialization in Linux Linux Kernel
CVE-2022-0847 Dirty Pipe linux内核提权分析 [toc]...
7.8CVSS
8AI Score
0.076EPSS
(RHSA-2022:7683) Moderate: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): off-path attacker may inject data or terminate victim's TCP session (CVE-2020-36516) race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference...
8AI Score
0.01EPSS
A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service...
6CVSS
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() Coverity reports a possible NULL dereferencing problem: in smc_vlan_by_tcpsk(): 6. returned_null: netdev_lower_get_next returns NULL (checked 29 out of 30 times). 7....
5.5CVSS
6.7AI Score
0.0004EPSS
CVE-2024-1313 Users outside an organization can delete a snapshot with its key
It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/ using its view key. This functionality is intended to only be available to individuals with the permission to write/edit...
6.5CVSS
6.7AI Score
0.0004EPSS
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0;...
(RHSA-2022:7444) Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): off-path attacker may inject data or terminate victim's TCP session (CVE-2020-36516) Race condition in VT_RESIZEX ioctl when...
8.2AI Score
0.01EPSS
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode Fix the following NULL pointer dereference in mt7915_get_phy_mode routine adding an ibss interface to the mt7915 driver. [ 101.137097] wlan0: Trigger new scan to...
5.5CVSS
6.5AI Score
0.0004EPSS
Unbreakable Enterprise kernel security update
[4.1.12-124.85.1] - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition (Zheng Wang) [Orabug: 35282809] ...
7CVSS
7AI Score
0.0004EPSS
(RHSA-2022:7933) Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): off-path attacker may inject data or terminate victim's TCP session (CVE-2020-36516) use-after-free vulnerability in function...
7.9AI Score
EPSS
Fedora 29 : kernel / kernel-headers (2019-96b31a9602)
The 4.20.6 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
5.6CVSS
6.5AI Score
0.001EPSS
Fedora 28 : kernel / kernel-headers (2019-7d3500d712)
The 4.20.6 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
5.6CVSS
6.5AI Score
0.001EPSS
kernel security, bug fix, and enhancement update
An update is available for kernel. This update affects Rocky Linux SIG Cloud 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux....
7.8CVSS
8.7AI Score
0.002EPSS
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get() We should call of_node_put() for the reference returned by of_parse_phandle() in fail path or when it is not used anymore. Here we only need to move the...
5.5CVSS
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning at cpuset_attach() [1], for commit 4f7e7236435ca0ab ("cgroup: Fix threadgroup_rwsem <->...
5.5CVSS
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the system. static inline.....
5.5CVSS
6.6AI Score
0.0004EPSS
In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds...
5.5CVSS
5.9AI Score
0.0004EPSS
A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to...
5.5CVSS
4.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This patch adds a...
7.8CVSS
6AI Score
0.0004EPSS
An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a...
6CVSS
6.3AI Score
0.0005EPSS
Exploit for Out-of-bounds Write in Linux Linux Kernel
CVE-2021-22555 pipe version Using pipe-primitive to...
8.3CVSS
0.5AI Score
0.002EPSS
CVE-2024-1313 Users outside an organization can delete a snapshot with its key
It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/ using its view key. This functionality is intended to only be available to individuals with the permission to write/edit...
6.5CVSS
6.7AI Score
0.0004EPSS
A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the...
7.8CVSS
7.1AI Score
0.0004EPSS
In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume...
5.5CVSS
5.7AI Score
0.0004EPSS
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of...
7.5CVSS
7AI Score
0.001EPSS
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the...
7.8CVSS
7.5AI Score
0.0004EPSS
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for...
5.5CVSS
5.8AI Score
0.0004EPSS
A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the dst array. On each iteration, 8 bytes are written, but dst is an array of u32, so each element only has space for 4 bytes....
6.6CVSS
6.6AI Score
0.0004EPSS