VIR Vulnerability Intelligence Relay

Search

Found 12,560 results in 954ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2023-52737 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only l…
CVE-2021-47316 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: fix NULL dereference in nfs3svc_encode_getaclres In error cases the dentry may be NULL. Before 20798dfe249a, the encoder a…
CVE-2024-36008 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in ip_route_use_hint() syzbot was able to trigger a NULL deref in fib_validate_source() in an old tree …
CVE-2024-36007 medium 5.5 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one re…
CVE-2024-36004 medium 5.5 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e an…
CVE-2024-35997 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operatio…
CVE-2024-35996 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: cpu: Re-enable CPU mitigations by default for !X86 architectures Rename x86's to CPU_MITIGATIONS, define it in generic code, and …
CVE-2024-35990 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: dma: xilinx_dpdma: Fix locking There are several places where either chan->lock or chan->vchan.lock was not held. Add appropriate…
CVE-2024-35988 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: riscv: Fix TASK_SIZE on 64-bit NOMMU On NOMMU, userspace memory can come from anywhere in physical RAM. The current definition of…
CVE-2024-35984 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer dereference Baruch reported an OOPS when using the designware controller as target only. Ta…
CVE-2024-35982 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmi…
CVE-2024-35940 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Add a null pointer check to the psz_kmsg_read kasprintf() returns a pointer to dynamically allocated memory which ca…
CVE-2024-35936 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() The unhandled case in btrfs_relocate_sys_chunks() loop is a …
CVE-2024-35922 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value on overflow…
CVE-2024-35915 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet syzbot reported the following uninit-value access issue [1][2]: nci_…
CVE-2024-35910 medium 5.8 5.8 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding n…
CVE-2024-35902 medium 5.5 5.5 FIX debian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp->cp_conn would produce null dereference [Simon Horman add…
CVE-2024-35893 medium 5.5 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: prevent kernel-infoleak syzbot found that tcf_skbmod_dump() was copying four bytes from kernel stack to us…
CVE-2024-35884 medium 5.5 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx-udp-gro-forwarding is enabled UDP packets might be GROed when …
CVE-2024-35828 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() In the for statement of lbs_allocate_cmd_buffer(), if the allocati…
CVE-2024-35815 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion The first kiocb_set_cancel_fn() argument may point at a struct k…
CVE-2024-35813 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns prev_…
CVE-2024-35811 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.…
CVE-2024-27419 medium 4.7 4.7 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can b…
CVE-2024-4777 medium 5.5 FIX rhel rockydebian debian 2y ago Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these cou…
CVE-2024-4770 medium 5.5 FIX rhel rockydebian debian 2y ago When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
CVE-2024-4769 medium 5.5 FIX rhel rockydebian debian 2y ago When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn …
CVE-2024-4768 medium 5.5 FIX rhel rockydebian debian 2y ago A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and T…
CVE-2024-4767 medium 5.5 FIX rhel rockydebian debian 2y ago If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnera…
CVE-2024-28182 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:4252: nghttp2 security update (Moderate)
CVE-2024-25743 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2024-25742 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2023-6240 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2023-5090 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2024-25062 medium 5.5 FIX rhel rocky sles 2y ago An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can…
CVE-2024-27078 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling pa…
CVE-2024-27077 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity The entity->name (i.e. name) is allocated in v4l2_m2m_register_ent…
CVE-2024-27076 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak Free the memory allocated in v4l2_ctrl_handler_init on release.
CVE-2024-27072 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Remove useless locks in usbtv_video_free() Remove locks calls in usbtv_video_free() because are useless and may led…
CVE-2024-27059 medium 5.5 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS…
CVE-2024-27047 medium 5.5 5.5 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phy_get_internal_delay accessing an empty array The phy_get_internal_delay function could try to access to an empty…
CVE-2025-38053 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix null-ptr-deref in idpf_features_check idpf_features_check is used to validate the TX packet. skb header length is compa…
CVE-2024-28180 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:3968: container-tools:rhel8 bug fix and enhancement update (Moderate)
CVE-2024-28102 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:3267: idm:DL1 and idm:client security update (Moderate)
CVE-2024-26830 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently when PF administratively sets VF's MAC address and t…
CVE-2024-25580 medium 5.5 FIX rhel slesdebian debian 2y ago An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occu…
CVE-2024-2496 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: libvirt security update
CVE-2024-2494 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:3253: virt:rhel and virt-devel:rhel security update (Moderate)
CVE-2024-24786 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:4246: container-tools security update (Moderate)
CVE-2024-24784 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:6969: container-tools:rhel8 security update (Moderate)
CVE-2024-24783 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:6969: container-tools:rhel8 security update (Moderate)
CVE-2024-24259 medium 5.5 FIX rhel rockydebian debian 2y ago Moderate: freeglut security update
CVE-2024-24258 medium 5.5 FIX rhel rockydebian debian 2y ago Moderate: freeglut security update
CVE-2024-22365 medium 5.5 5.5 FIX rhel rocky sles linux-pam 2y ago Moderate: pam security update
CVE-2024-22195 medium 5.5 FIX rhel rocky sles 2y ago Moderate: fence-agents security and bug fix update
CVE-2024-1481 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:3044: idm:DL1 security update (Moderate)
CVE-2024-1441 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: libvirt security and bug fix update
CVE-2024-1048 medium 5.5 FIX rhel rocky sles 2y ago Moderate: grub2 security update
CVE-2024-0727 medium 5.5 5.5 FIX rhelalmalinux almalinux sles openssl 2y ago Low: openssl and openssl-fips-provider security update
CVE-2024-0690 medium 5.5 FIX debian debian rhel rocky 2y ago RHSA-2024:3043: ansible-core bug fix, enhancement, and security update (Moderate)
CVE-2024-0409 medium 5.5 FIX rhel slesdebian debian 2y ago A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiat…
CVE-2024-0408 medium 5.5 FIX rhel slesdebian debian 2y ago A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (…
CVE-2023-7008 medium 5.5 FIX rhel rocky sles 2y ago A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the u…
CVE-2023-6917 medium 5.5 FIX rhel slesdebian debian 2y ago A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operat…
CVE-2023-6683 medium 5.5 FIX rhel rocky sles 2y ago A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the…
CVE-2023-6237 medium 5.9 5.9 FIX rhel sles rocky 2y ago Low: openssl and openssl-fips-provider security update
CVE-2023-6228 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:5079: libtiff security update (Moderate)
CVE-2023-6129 medium 6.5 6.5 FIX rhel sles rocky openssl 2y ago Low: openssl and openssl-fips-provider security update
CVE-2023-6121 medium 4.3 4.3 FIX rhel rocky sles 2y ago Important: kernel security, bug fix, and enhancement update
CVE-2023-5871 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: libnbd security update
CVE-2023-5678 medium 5.3 5.3 FIX rocky rhel sles openssl 2y ago RHSA-2023:7877: openssl security update (Low)
CVE-2023-54324 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: dm: fix a race condition in retrieve_deps There's a race condition in the multipath target when retrieve_deps races with multipat…
CVE-2023-54289 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix NULL dereference in error handling Smatch reported: drivers/scsi/qedf/qedf_main.c:3056 qedf_alloc_global_queues(…
CVE-2023-54274 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Add a check for valid 'mad_agent' pointer When unregistering MAD agent, srpt module has a non-null check for 'mad_agen…
CVE-2023-54201 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially …
CVE-2023-54186 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pin_assignment_show This patch fixes negative indexing of buf array in pin_assignment_show …
CVE-2023-54184 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That …
CVE-2023-54179 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha->host_str' of size 16 may use index value(s) 16..19. …
CVE-2023-54169 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5e_ptp_open When kvzalloc_node or kvzalloc failed in mlx5e_ptp_open, the memory pointed by "c" o…
CVE-2023-54166 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndo_tx_timeout callback The Xeon validation group has been carrying out some loaded tests with vario…
CVE-2023-54148 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanup_tx For IP tunnel encapsulation in ECMP (Equal-Cost Multipath) mode, …
CVE-2023-54106 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the er…
CVE-2023-54100 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qedi_remove() In qedi_probe() we call __qedi_probe() which initializes &qedi->recovery_work…
CVE-2023-54096 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for sound…
CVE-2023-54090 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix panic during XDP_TX with > 64 CPUs Commit 4fe815850bdc ("ixgbe: let the xdpdrv work with more than 64 cpus") adds supp…
CVE-2023-54072 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against…
CVE-2023-54070 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 ("igb: Enable SR-IOV after reinit"), removing the…
CVE-2023-54064 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapte…
CVE-2023-54014 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be derefere…
CVE-2023-54003 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when create_ah fails If AH create request fails, release sgid_attr to avoid GID entry referrenc…
CVE-2023-53999 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix internal port memory leak The flow rule can be splited, and the extra post_act rules are added to post_act tab…
CVE-2023-53995 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in __inet_del_ifa() I got the below warning when do fuzzing test: unregister_netdevice: waiting for bo…
CVE-2023-53848 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") int…
CVE-2023-53843 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) re…
CVE-2023-53821 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ip6_vti: fix slab-use-after-free in decode_session6 When ipv6_vti device is set to the qdisc of the sfb type, the cb field of the…
CVE-2023-5380 medium 5.5 FIX rhel slesdebian debian 2y ago A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zap…
CVE-2023-53762 medium 5.5 FIX rocky rhel sles 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync Use-after-free can occur in hci_disconnect_all_sync if a connection is de…
CVE-2023-53761 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a use…
CVE-2023-53751 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times …
CVE-2023-53722 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-o…