VIR Vulnerability Intelligence Relay

Search

Found 5,520 results in 1872ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2024-36939 medium 5.5 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpc_proc_register() in nfs_net_init(). syzkaller reported a warning [0] triggered while destroying immature …
CVE-2024-36936 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: efi/unaccepted: touch soft lockup during memory accept Commit 50e782a86c98 ("efi/unaccepted: Fix soft lockups caused by parallel …
CVE-2024-36932 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermal_debug_cdev_remove() does not run under cd…
CVE-2024-36930 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: spi: fix null pointer dereference within spi_sync If spi_sync() is called with the non-empty queue and the same spi_message is th…
CVE-2024-36926 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open …
CVE-2024-36905 medium 5.5 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn co…
CVE-2024-36902 medium 5.5 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() syzbot is able to trigger the following crash [1], caused…
CVE-2024-36891 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix mas_empty_area_rev() null pointer dereference Currently the code calls mas_start() followed by mas_data_end() if …
CVE-2024-36885 medium 5.5 rhel sles 2y ago RHSA-2024:9315: kernel security update (Moderate)
CVE-2024-36884 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidia_smmu_context_fault() This was missed because of the function pointer indirection. …
CVE-2024-36882 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mm: use memalloc_nofs_save() in page_cache_ra_order() See commit f2c817bed58d ("mm: use memalloc_nofs_save in readahead path"), e…
CVE-2024-36881 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: reset ptes when close() for wr-protected ones Userfaultfd unregister includes a step to remove wr-protect bits fr…
CVE-2024-36477 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer The TPM SPI transfer mechanism uses MAX_SPI_FRAMESIZE for…
CVE-2024-36472 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:5298: gnome-shell security update (Moderate)
CVE-2024-36039 medium 5.5 FIX rhel rocky sles 2y ago PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict.
CVE-2024-36031 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiati…
CVE-2024-36030 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: fix the double free in rvu_npc_freemem() Clang static checker(scan-build) warning: drivers/net/ethernet/marvell/oct…
CVE-2024-36028 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning…
CVE-2024-36022 medium 5.5 rhel sles 2y ago RHSA-2024:9315: kernel security update (Moderate)
CVE-2024-36015 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ppdev: Add an error check in register_device In register_device, the return value of ida_simple_get is unchecked, in witch ida_si…
CVE-2024-36006 medium 5.5 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the fun…
CVE-2024-36002 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: dpll: fix dpll_pin_on_pin_register() for multiple parent pins In scenario where pin is registered with multiple parent pins via d…
CVE-2024-35995 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit …
CVE-2024-35991 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drain_workqueue() cannot be called safely in a spinlocked contex…
CVE-2024-35983 medium 5.5 5.5 FIX rheldebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS bits_per() rounds up to the next power of two when passed a …
CVE-2024-35979 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: raid1: fix use-after-free for original bio in raid1_write_request() r1_bio->bios[] is used to record new bios that will be issued…
CVE-2024-35976 medium 6.7 6.7 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING syzbot reported an illegal copy in xsk_setsockopt() [1] Make sure t…
CVE-2024-35973 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : Whi…
CVE-2024-35957 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix WARN_ON in iommu probe path Commit 1a75cc710b95 ("iommu/vt-d: Use rbtree to track iommu probed devices") adds all…
CVE-2024-35954 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sg_remove_sfp_usercontext() must not use sg_device_destroy() after calling scsi_device_pu…
CVE-2024-35950 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mod…
CVE-2024-35944 medium 5.5 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() Syzkaller hit 'WARNING in dg_dispatch_as_host' bug. memcpy: detecte…
CVE-2024-35942 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is p…
CVE-2024-35939 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dma_set_decrypted() failure On TDX it is possible for the untrusted host to cause set_memory_encrypted(…
CVE-2024-35931 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip do PCI error slot reset during RAS recovery Why: The PCI error slot reset maybe triggered after inject ue to…
CVE-2024-35930 medium 5.5 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() The call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an u…
CVE-2024-35928 medium 5.5 rhel sles 2y ago RHSA-2024:9315: kernel security update (Moderate)
CVE-2024-35927 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drm_kms_helper_poll_disable() check if output polling support is initia…
CVE-2024-35925 medium 5.5 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: block: prevent division by zero in blk_rq_stat_sum() The expression dst->nr_samples + src->nr_samples may have zero value on over…
CVE-2024-35923 medium 5.5 rhel sles 2y ago RHSA-2024:9315: kernel security update (Moderate)
CVE-2024-35918 medium 5.5 rhel sles 2y ago RHSA-2024:9315: kernel security update (Moderate)
CVE-2024-35913 medium 5.5 FIX rheldebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF When we want to know whether we should look for the mac_id or th…
CVE-2024-35908 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: tls: get psock ref after taking rxlock to avoid leak At the start of tls_sw_recvmsg, we take a reference on the psock, and then c…
CVE-2024-35904 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the e…
CVE-2024-35900 medium 5.5 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject new basechain after table flag update When dormant flag is toggled, hooks are disabled in the commit…
CVE-2024-35894 medium 5.5 FIX rheldebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: prevent BPF accessing lowat from a subflow socket. Alexei reported the following splat: WARNING: CPU: 32 PID: 3276 at ne…
CVE-2024-35892 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() qdisc_tree_reduce_backlog() is called with the qdisc lock held, not R…
CVE-2024-35888 medium 5.5 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb->head syzbot reported a problem in ip6erspan_rcv() [1] Issue is that ip6ersp…
CVE-2024-35880 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: hold io_buffer_list reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until afte…
CVE-2024-35878 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which …
CVE-2024-35877 medium 5.5 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VM_PAT handling in COW mappings PAT handling won't do the right thing in COW mappings: the first PTE (or, in fact…
CVE-2024-35872 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folio_is_secretmem() currently relies on secretmem folios being LRU fol…
CVE-2024-35869 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: guarantee refcounted children from parent session Avoid potential use-after-free bugs when walking DFS referrals, mo…
CVE-2024-35867 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoi…
CVE-2024-35866 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are being teared down (status == SES_EXITING) to avoid …
CVE-2024-35865 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) t…
CVE-2024-35864 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to…
CVE-2024-35863 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avo…
CVE-2024-35862 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING)…
CVE-2024-35861 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITI…
CVE-2024-35859 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdev_open_by_dev error path At the time bdev_may_open() is called, module reference is g…
CVE-2024-35843 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in iopf reporting path The existing I/O page fault handler currently locates the PCI device by call…
CVE-2024-35840 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac,…
CVE-2024-35831 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: io_uring: Fix release of pinned pages when __io_uaddr_map fails Looking at the error path of __io_uaddr_map, if we fail after pin…
CVE-2024-35827 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() The "controllen" variable is type size_t (unsigned long). Casting it…
CVE-2024-35822 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible trigger below warning message from mass storage function, WARNING…
CVE-2024-35817 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but a…
CVE-2024-35812 medium 5.5 rhel sles 2y ago RHSA-2024:9315: kernel security update (Moderate)
CVE-2024-35808 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call md_reap_sync_thread() directly Currently md_reap_sync_thread() is called from raid_message() directly with…
CVE-2024-35807 medium 5.5 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16…
CVE-2024-35805 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fix lockup in dm_exception_table_exit There was reported lockup when we exit a snapshot with many exceptions. Fix th…
CVE-2024-35795 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix deadlock while reading mqd from debugfs An errant disk backup on my desktop got into debugfs and triggered the fo…
CVE-2024-35794 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: dm-raid: really frozen sync_thread during suspend 1) commit f52f5c71f3d4 ("md: fix stopping sync thread") remove MD_RECOVERY_F…
CVE-2024-35787 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sb_index Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap fi…
CVE-2024-3446 medium 5.5 FIX rhel rocky sles 2y ago A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues.…
CVE-2024-34055 medium 5.5 FIX rheldebian debianalmalinux almalinux 2y ago Moderate: cyrus-imapd security update
CVE-2024-32662 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: freerdp security update
CVE-2024-32661 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: freerdp security update
CVE-2024-32660 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: freerdp security update
CVE-2024-32659 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: freerdp security update
CVE-2024-32658 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: freerdp security update
CVE-2024-32460 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: freerdp security update
CVE-2024-32459 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: freerdp security update
CVE-2024-32458 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: freerdp security update
CVE-2024-32041 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: freerdp security update
CVE-2024-32040 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: freerdp security update
CVE-2024-32039 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: freerdp security update
CVE-2024-30205 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:6987: emacs security update (Moderate)
CVE-2024-30204 medium 5.5 FIX rheldebian debian sles 2y ago In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.
CVE-2024-30203 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:6987: emacs security update (Moderate)
CVE-2024-29039 low 2.5 FIX rhel sles rocky 2y ago Low: tpm2-tools security update
CVE-2024-29038 low 2.5 FIX rhel sles rocky 2y ago Low: tpm2-tools security update
CVE-2024-27437 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices …
CVE-2024-27436 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of …
CVE-2024-27431 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdp_rxq_info struct before running XDP program When running an XDP program that is attached to a cpumap e…
CVE-2024-27414 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back In the commit d73ef2d69c0d ("rtnetlink: let rtnl_bridge_setlink chec…
CVE-2024-27404 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE an…
CVE-2024-27389 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput()…
CVE-2024-27079 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info…
CVE-2024-27062 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix rac…