VIR Vulnerability Intelligence Relay

Search

Found 5,162 results in 686ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2023-52528 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg syzbot reported the following uninit-value access issue: ====…
CVE-2023-52520 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix reference leak If a duplicate attribute is found using kset_find_obj(), a reference to that attribut…
CVE-2023-52513 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the …
CVE-2023-52501 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not attempt to read past "commit" When iterating over the ring buffer while the ring buffer is active, the writer…
CVE-2023-52498 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume…
CVE-2023-52492 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function __dma_async_device_channel_register() can fail. In case of failure…
CVE-2023-52482 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stack overflow vulnerability which e…
CVE-2023-52477 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/h…
CVE-2023-52475 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete syzbot has found a use-after-free bug [1] in the powermate dri…
CVE-2023-52473 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If device_register() in thermal_zone_device_register_…
CVE-2023-52467 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory w…
CVE-2023-52466 medium 5.5 rhel sles 2y ago RHSA-2024:9315: kernel security update (Moderate)
CVE-2023-52462 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: fix check for attempt to corrupt spilled pointer When register is spilled onto a stack as a 1/2/4-byte register, we set slot…
CVE-2023-52455 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are…
CVE-2023-52445 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thr…
CVE-2023-51764 medium 5.5 FIX rhel sles rocky 2y ago Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in re…
CVE-2023-51596 medium 5.5 rheldebian debian sles 2y ago Moderate: bluez security update
CVE-2023-51594 medium 5.5 rheldebian debian sles 2y ago Moderate: bluez security update
CVE-2023-51592 medium 5.5 rheldebian debian sles 2y ago Moderate: bluez security update
CVE-2023-51589 medium 5.5 rheldebian debian rocky 2y ago RHSA-2025:4043: bluez security update (Moderate)
CVE-2023-51580 medium 5.5 rheldebian debian sles 2y ago Moderate: bluez security update
CVE-2023-50967 medium 5.5 FIX rheldebian debian rocky 2y ago RHSA-2024:5294: jose security update (Moderate)
CVE-2023-50230 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: bluez security update
CVE-2023-50229 medium 5.5 FIX rheldebian debian sles 2y ago Moderate: bluez security update
CVE-2023-45866 medium 5.5 FIX rheldebian debian sles 2y ago RHSA-2024:11154: bluez security update (Moderate)
CVE-2023-44431 medium 5.5 rheldebian debian sles 2y ago Moderate: bluez security update
CVE-2023-41910 medium 5.5 FIX rhelalmalinux almalinux rocky 2y ago Moderate: lldpd security update
CVE-2023-38709 medium 5.5 FIX debian debian rhel rocky 2y ago Moderate: httpd security update
CVE-2023-27349 medium 5.5 FIX rheldebian debian rocky 2y ago RHSA-2025:4043: bluez security update (Moderate)
CVE-2022-50886 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: toshsd: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory …
CVE-2022-50858 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: alcor: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory t…
CVE-2022-50846 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will …
CVE-2022-50769 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory …
CVE-2022-50761 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bin…
CVE-2022-50748 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in init_mqueue_fs() commit db7cfc380900 ("ipc: Free mq_sysctls if ipc namespace creation fa…
CVE-2022-50720 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC (or xAPIC), and Extended APIC (or x2APIC). X2A…
CVE-2022-50670 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: omap_hsmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will…
CVE-2022-50663 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix possible memory leak in stmmac_dvr_probe() The bitmap_free() should be called to free priv->af_xdp_zc_qps when c…
CVE-2022-50653 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: atmel-mci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will …
CVE-2022-50640 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it…
CVE-2022-50625 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" [1…
CVE-2022-50541 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow UDMA_CHAN_RT_*BCNT_REG stores the real-time channel …
CVE-2022-50486 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: Fix return type of netcp_ndo_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),…
CVE-2022-50468 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() The following WARNING message was given when r…
CVE-2022-50353 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: wmt-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memo…
CVE-2022-50347 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the…
CVE-2022-50312 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just returning directly.
CVE-2022-50284 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ipc: fix memory leak in init_mqueue_fs() When setup_mq_sysctls() failed in init_mqueue_fs(), mqueue_inode_cachep is not released.…
CVE-2022-50268 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory …
CVE-2022-50251 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory …
CVE-2022-50177 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix ksoftirqd boosting timing and iteration The RCU priority boosting can fail in two situations: 1) If (nr_cpus= > …
CVE-2022-50141 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_node() returns a node pointer with refcoun…
CVE-2022-50096 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/kprobes: Update kcb status flag after singlestepping Fix kprobes to update kcb (kprobes control block) status flag to KPROBE_…
CVE-2022-50073 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null Fixes a NULL pointer derefence bug triggered …
CVE-2022-50019 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: serial: Fix refcount leak bug in ucc_uart.c In soc_info(), of_find_node_by_type() will return a node pointer with refcount i…
CVE-2022-49941 medium 5.5 rhel sles 2y ago RHSA-2024:9315: kernel security update (Moderate)
CVE-2022-49860 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: fix memory leak when register device fail If device_register() fails, it should call put_device() to…
CVE-2022-49787 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() pci_get_device() will increase the reference count for t…
CVE-2022-49549 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails In mce_threshold_create_device(), if threshold_create_bank() fail…
CVE-2022-49430 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - cancel delayed work only in case of GPIO gpio_keys module can either accept gpios or interrupts. The module in…
CVE-2022-49329 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference …
CVE-2022-49308 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: extcon: Modify extcon device to be created after driver data is set Currently, someone can invoke the sysfs such as state_show() …
CVE-2022-49267 medium 5.5 rhel sles 2y ago RHSA-2024:9315: kernel security update (Moderate)
CVE-2022-49197 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: af_netlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlink_recvmsg() fills in the …
CVE-2022-49124 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/mce: Work around an erratum on fast string copy instructions A rare kernel panic scenario can happen when the following condi…
CVE-2022-49078 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4_decompress_safe_partial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer o…
CVE-2022-48929 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to out of bounds access into reg2btf_ids. When commit e6ac2450d6de ("bpf: Support bpf program calling kernel f…
CVE-2022-48703 medium 5.5 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR In some case, the GDDV returns a package with a buffer…
CVE-2022-48672 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") …
CVE-2022-48669 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix potential memleak in papr_get_attr() `buf` is allocated in papr_get_attr(), and krealloc() of `buf` could fa…
CVE-2022-4122 medium 5.5 rhel slesdebian debian 2y ago Moderate: podman security update
CVE-2021-47505 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: aio: fix use-after-free due to missing POLLFREE handling signalfd_poll() and binder_poll() are special in that they use a waitque…
CVE-2021-47457 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible() Using wait_event_interruptible() to wait for complet…
CVE-2021-47454 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPT_COUNT=y, when a CPU is offlined and then online…
CVE-2021-47429 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unrecoverable MCE calling async handler from NMI The machine check handler is not considered NMI on 64s. The ear…
CVE-2021-47428 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: fix program check interrupt emergency stack path Emergency stack path was jumping into a 3: label inside the __GEN_C…
CVE-2021-47185 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm6…
CVE-2021-47098 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations Commit b50aa49638c7 ("hwmon: (lm90) Prevent integer u…
CVE-2021-43612 medium 5.5 FIX rhel rockydebian debian 2y ago Moderate: lldpd security update
CVE-2020-27827 medium 5.5 FIX rhelarch arch sles 2y ago Moderate: lldpd security update
CVE-2020-10135 medium 5.5 rhel sles 2y ago RHSA-2024:9315: kernel security update (Moderate)
CVE-2019-25162 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device…
CVE-2024-9676 medium 5.5 FIX almalinux almalinux rhel rocky 2y ago RHSA-2024:10289: container-tools:rhel8 security update (Moderate)
CVE-2024-7006 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:8833: libtiff security update (Moderate)
CVE-2024-43880 medium 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_erp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM (A-TCAM…
CVE-2024-41066 medium 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Add tx check to prevent skb leak Below is a summary of how the driver stores a reference to an skb during transmit: …
CVE-2022-48773 medium 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointe…
CVE-2020-26154 medium 5.5 FIX slesdebian debian rhel 2y ago RHEA-2024:8852: libproxy bug fix and enhancement update (Moderate)
CVE-2020-25219 medium 5.5 FIX arch arch slesdebian debian 2y ago RHEA-2024:8852: libproxy bug fix and enhancement update (Moderate)
CVE-2024-21510 medium 5.5 FIX rockydebian debianalmalinux almalinux 2y ago RHSA-2024:10987: pcs security update (Moderate)
CVE-2024-10467 medium 5.5 FIX rhel rockydebian debian 2y ago Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…
CVE-2024-10466 medium 5.5 FIX rhel rockydebian debian 2y ago By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 12…
CVE-2024-10465 medium 5.5 FIX rhel rockydebian debian 2y ago A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
CVE-2024-10464 medium 5.5 FIX rhel rockydebian debian 2y ago Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerabi…
CVE-2024-10463 medium 5.5 FIX rhel rockydebian debian 2y ago Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
CVE-2024-10462 medium 5.5 FIX rhel rockydebian debian 2y ago Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
CVE-2024-10461 medium 5.5 FIX rhel rockydebian debian 2y ago In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affe…
CVE-2024-10460 medium 5.5 FIX rhel rockydebian debian 2y ago The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, an…
CVE-2024-10459 medium 5.5 FIX rhel rockydebian debian 2y ago An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR <…
CVE-2024-10458 medium 5.5 FIX rhel rockydebian debian 2y ago A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, T…