Lucene search
K
LinuxLinux Kernel6.6.18

9 matches found

CVE
CVE
added 2024/07/12 12:20 p.m.194 views

CVE-2024-39503

CVE-2024-39503 : Linux kernel netfilter ipset race in the list:set type (namespace cleanup vs. gc) has a confirmed fix. The issue was a race that could cause use-after-free by GC data being accessed after the set is destroyed. The patch changes destruction order: when destroying all sets, first r...

7CVSS6.5AI score0.00204EPSS
CVE
CVE
added 2024/07/30 7:45 a.m.136 views

CVE-2024-42102

CVE-2024-42102 concerns a Linux kernel vulnerability in the dirty throttling path used by the mm/wb subsystem. The issue centers on assuming that dirty limits in page units fit in 32 bits and a patch series titled “mm: Avoid possible overflows in dirty throttling” was applied. The entry notes tha...

4.7CVSS6.7AI score0.00256EPSS
CVE
CVE
added 2024/04/03 2:55 p.m.132 views

CVE-2024-26722

Technical details about CVE-2024-26722 (affected products, exact root cause, versions, impact, remediation) are not provided in the connected documents. Monitor for updated advisories for explicit fixes and affected platforms.

5.5CVSS6.1AI score0.00182EPSS
CVE
CVE
added 2024/04/04 8:20 a.m.125 views

CVE-2024-26800

The CVE-2024-26800 entry concerns a Linux kernel TLS use-after-free in backlog decryption. Root cause: when crypto_aead_decrypt returns -EBUSY (not EINPROGRESS), tls_do_decryption waits for async decryptions, but if any completes with a failure, the code releases pages that may still be held by a...

7.8CVSS6.7AI score0.0028EPSS
CVE
CVE
added 2024/04/04 8:20 a.m.104 views

CVE-2024-26792

CVE-2024-26792 : Linux kernel bug in btrfs snapshot creation can cause a double free of an anonymous device number. Root cause: during snapshot creation, anon_dev is allocated, later freed in nested calls, and if the transaction path fails, the same anon_dev may be freed again even if it has been...

7.8CVSS6.2AI score0.00236EPSS
CVE
CVE
added 2024/06/03 7:50 a.m.93 views

CVE-2024-36963

CVE-2024-36963 affects the Linux kernel tracefs feature. The issue arises from how permissions are generated for tracefs files: they default to the root inode’s permissions unless the user changes them, and a remount with permissions should update all files, but currently leaves unchanged files t...

7.8CVSS6.8AI score0.0019EPSS
CVE
CVE
added 2024/09/18 7:12 a.m.93 views

CVE-2024-46785

CVE-2024-46785 affects the Linux kernel, specifically an issue in eventfs relating to SRCU-protected lists. The root cause is a NULL pointer access in tracefs when ei_child can be set to LIST_POISON1 after removal in eventfs_remove_rec, leading to a crash/panic. The vulnerability materializes whe...

5.5CVSS5.1AI score0.00221EPSS
CVE
CVE
added 2026/04/23 3:11 p.m.84 views

CVE-2026-31533

The CVE-2026-31533 entry concerns a Linux kernel net/tls use-after-free in tls_do_encryption() when crypto_aead_encrypt() returns -EBUSY. The underlying issue is double cleanup of encrypt_pending and the scatterlist entry due to distinct cleanup paths (async callback tls_encrypt_done() vs synchro...

9.8CVSS5.7AI score0.00263EPSS
CVE
CVE
added 2024/06/25 2:28 p.m.71 views

CVE-2024-39470

CVE-2024-39470 : In the Linux kernel, a null-pointer dereference could occur in eventfs_find_events() when ei is NULL after update_events_attr, potentially leading to a crash if ei->is_freed is set. The issue has been resolved via kernel patches (stable releases) implementing a guard that retu...

5.5CVSS7AI score0.00213EPSS