CVEs from 2024
Total
6,592
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-35944 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() Syzkaller hit 'WARNING in dg_dispatch_as_host' bug. memcpy: detecte… | |||
| CVE-2024-40966 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tty: add the option to have a tty reject a new ldisc ... and use it to limit the virtual terminals to just N_TTY. They are kind … | |||
| CVE-2024-35843 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in iopf reporting path The existing I/O page fault handler currently locates the PCI device by call… | |||
| CVE-2024-35827 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() The "controllen" variable is type size_t (unsigned long). Casting it… | |||
| CVE-2024-35840 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac,… | |||
| CVE-2024-35817 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but a… | |||
| CVE-2024-35808 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call md_reap_sync_thread() directly Currently md_reap_sync_thread() is called from raid_message() directly with… | |||
| CVE-2024-35805 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fix lockup in dm_exception_table_exit There was reported lockup when we exit a snapshot with many exceptions. Fix th… | |||
| CVE-2024-35787 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sb_index Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap fi… | |||
| CVE-2024-35807 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16… | |||
| CVE-2024-35859 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdev_open_by_dev error path At the time bdev_may_open() is called, module reference is g… | |||
| CVE-2024-42271 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called from process context and from bh context. iucv->pat… | |||
| CVE-2024-27414 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back In the commit d73ef2d69c0d ("rtnetlink: let rtnl_bridge_setlink chec… | |||
| CVE-2024-27431 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdp_rxq_info struct before running XDP program When running an XDP program that is attached to a cpumap e… | |||
| CVE-2024-27079 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info… | |||
| CVE-2024-35861 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITI… | |||
| CVE-2024-26462 | medium | — | 5.5 | 2y ago | Moderate: krb5 security update | |||
| CVE-2024-42268 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions per… | |||
| CVE-2024-27437 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices … | |||
| CVE-2024-27023 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: Fix missing release of 'active_io' for flush submit_flushes atomic_set(&mddev->flush_pending, 1); rdev_for_each_rcu(rdev, m… | |||
| CVE-2024-27015 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pp… | |||
| CVE-2024-27017 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in pro… | |||
| CVE-2024-27004 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disable_unused Doug reported [1] the following hung task: INFO: task swapper/0:1… | |||
| CVE-2024-27013 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too… | |||
| CVE-2024-27014 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are c… | |||
| CVE-2024-27062 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix rac… | |||
| CVE-2024-35877 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VM_PAT handling in COW mappings PAT handling won't do the right thing in COW mappings: the first PTE (or, in fact… | |||
| CVE-2024-26984 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours y… | |||
| CVE-2024-27003 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree for clk_summary Similar to the previous commit, we should make sure that all devices are … | |||
| CVE-2024-26803 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIF_F_GRO automatically when XDP is enabled, because both featu… | |||
| CVE-2024-40967 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: serial: imx: Introduce timeout when waiting on transmitter empty By waiting at most 1 second for USR2_TXDC to be set, we avoid a … | |||
| CVE-2024-26976 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed Always flush the per-vCPU async #PF workqueue when a vCPU is c… | |||
| CVE-2024-26641 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() syzbot found __ip6_tnl_rcv() could access unitiliazed data [1]. Ca… | |||
| CVE-2024-26774 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt Determine if bb_fragments is 0 instead of de… | |||
| CVE-2024-26712 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasan_init_region, when k_start is not page aligned, at the begin of fo… | |||
| CVE-2024-26782 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. Howev… | |||
| CVE-2024-26707 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Syzkaller reported [1] hitting a warning after failing to allocate r… | |||
| CVE-2024-26785 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix protection fault in iommufd_test_syz_conv_iova Syzkaller reported the following bug: general protection fault, pr… | |||
| CVE-2024-26678 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the … | |||
| CVE-2024-26670 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD Currently the ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround isn'… | |||
| CVE-2024-26679 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: inet: read sk->sk_family once in inet_recv_error() inet_recv_error() is called without holding the socket lock. IPv6 socket coul… | |||
| CVE-2024-26680 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc() maps extra AQ_CFG_RXDS_DEF bytes for PTP HWTS r… | |||
| CVE-2024-26786 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix iopt_access_list_id overwrite bug Syzkaller reported the following WARN_ON: WARNING: CPU: 1 PID: 4738 at drivers/i… | |||
| CVE-2024-26646 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to t… | |||
| CVE-2024-26725 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dpll: fix possible deadlock during netlink dump operation Recently, I've been hitting following deadlock warning during dpll pin … | |||
| CVE-2024-26618 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit sme_alloc() early with existing storage When sme_alloc() is called with existing storage and we are not fl… | |||
| CVE-2024-26631 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work idev->mc_ifc_count can be written over without proper locking. Origina… | |||
| CVE-2024-26662 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()' 'panel_cntl' structure used to control the displ… | |||
| CVE-2024-0340 | medium | — | 5.5 | 2y ago | A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating sys… | |||
| CVE-2024-26601 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: regenerate buddy after block freeing failed if under fc replay This mostly reverts commit 6bd97bf273bd ("ext4: remove redun… | |||
| CVE-2024-7409 | medium | — | 5.5 | 2y ago | A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server … | |||
| CVE-2024-26922 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpu_vm_bo_(map/replace_map/… | |||
| CVE-2024-26611 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpf_xdp_adjust_tail() and memory type i… | |||
| CVE-2024-26663 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() syzbot reported the following general protection fault [1]: … | |||
| CVE-2024-36022 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-26746 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIG_HARDENED_USERCOPY is enabled, copying completion record fro… | |||
| CVE-2024-27057 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the so… | |||
| CVE-2024-22211 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-32041 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-26892 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to … | |||
| CVE-2024-35995 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit … | |||
| CVE-2024-27012 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort path, nft_mapelem_activate() needs to restore refcoun… | |||
| CVE-2024-26906 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() When trying to use copy_from_kernel_nofault() to read vsyscall… | |||
| CVE-2024-42258 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176… | |||
| CVE-2024-42301 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf fo… | |||
| CVE-2024-42070 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is co… | |||
| CVE-2024-32040 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-26903 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security During our fuzz testing of the connection and disconnection proces… | |||
| CVE-2024-40965 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: i2c: lpi2c: Avoid calling clk_get_rate during transfer Instead of repeatedly calling clk_get_rate for each transfer, lock the clo… | |||
| CVE-2024-40948 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/page_table_check: fix crash on ZONE_DEVICE Not all pages may apply to pgtable check. One example is ZONE_DEVICE pages: they m… | |||
| CVE-2024-26900 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev->serial If kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be alloc not be freed, and… | |||
| CVE-2024-26901 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys… | |||
| CVE-2024-35794 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dm-raid: really frozen sync_thread during suspend 1) commit f52f5c71f3d4 ("md: fix stopping sync thread") remove MD_RECOVERY_F… | |||
| CVE-2024-36885 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-27389 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput()… | |||
| CVE-2024-42125 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband We have some policy via BIOS to block uses of 6 GHz. I… | |||
| CVE-2024-26815 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check taprio_parse_tc_entry() is not correctly checking TCA_TAPRIO_TC_ENTRY_I… | |||
| CVE-2024-35863 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avo… | |||
| CVE-2024-41093 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer by ca… | |||
| CVE-2024-26708 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. In my first a… | |||
| CVE-2024-36944 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxl_fence_wait" This reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt reports… | |||
| CVE-2024-41063 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: cancel all works upon hci_unregister_dev() syzbot is reporting that calling hci_release_dev() from hci_error… | |||
| CVE-2024-30203 | medium | — | 5.5 | 2y ago | RHSA-2024:6987: emacs security update (Moderate) | |||
| CVE-2024-40930 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: validate HE operation element parsing Validate that the HE operation element has the correct length before parsin… | |||
| CVE-2024-41032 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: check if a hash-index is in cpu_possible_mask The problem is that there are systems where cpu_possible_mask has gaps… | |||
| CVE-2024-42276 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, … | |||
| CVE-2024-8235 | medium | — | 5.5 | 2y ago | Moderate: libvirt security update | |||
| CVE-2024-26960 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between free_swap_and_cache() and swapoff() There was previously a theoretical window where swapoff() could ru… | |||
| CVE-2024-6239 | medium | — | 5.5 | 2y ago | A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to c… | |||
| CVE-2024-26937 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queue_priority_hint on parking Originally, with strict in order execution, we could complete execution only wh… | |||
| CVE-2024-38605 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix NULL module pointer assignment at card init The commit 81033c6b584b ("ALSA: core: Warn on empty module") introduc… | |||
| CVE-2024-36936 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: efi/unaccepted: touch soft lockup during memory accept Commit 50e782a86c98 ("efi/unaccepted: Fix soft lockups caused by parallel … | |||
| CVE-2024-3446 | medium | — | 5.5 | 2y ago | A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues.… | |||
| CVE-2024-26327 | medium | — | 5.5 | 2y ago | An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF… | |||
| CVE-2024-41057 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() We got the following issue in our fault injection stress test… | |||
| CVE-2024-36472 | medium | — | 5.5 | 2y ago | In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local W… | |||
| CVE-2024-1298 | medium | — | 5.5 | 2y ago | RHSA-2024:5297: edk2 security update (Moderate) | |||
| CVE-2024-39497 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) Lack of check for copy-on-write (COW) mapping in drm_gem_shmem_mm… | |||
| CVE-2024-40903 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps There could be a potential use-after-free case in tcpm_reg… | |||
| CVE-2024-38598 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --synca… |