Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-56621

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Cancel RTC work during ufshcd_remove() Currently, RTC work is only cancelled during __ufshcd_wl_suspend(). When ufshcd is removed in ufshcd_remove(), RTC work is not ca... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Mar. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-56620

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled Otherwise, it will result in a NULL pointer dereference as below: Unable to handle kernel NULL pointer dereference at virtu... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Apr. 07, 2025

  • 7.8

    HIGH
    CVE-2024-56619

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() Syzbot reported that when searching for records in a directory where the inode's i_size is corrupted and has a la... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Mar. 24, 2025

  • 5.5

    MEDIUM
    CVE-2024-56618

    In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx: gpcv2: Adjust delay after power up handshake The udelay(5) is not enough, sometimes below kernel panic still be triggered: [ 4.012973] Kernel panic - not syncing: Asy... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 16, 2025

  • 5.5

    MEDIUM
    CVE-2024-56617

    In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU Commit 5944ce092b97 ("arch_topology: Build cacheinfo from primary CPU") adds functionality that archit... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 16, 2025

  • 0.0

    NA
    CVE-2024-56616

    In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Fix MST sideband message body length check Fix the MST sideband message body length check, which must be at least 1 byte accounting for the message body CRC (aka message dat... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 09, 2025

  • 7.8

    HIGH
    CVE-2024-56615

    In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used for accessing map entry, due to being a signed intege... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 16, 2025

  • 7.8

    HIGH
    CVE-2024-56614

    In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xsk_map_delete_elem function an unsigned integer (map->max_entries) is compared with a user-controlled signed intege... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 08, 2025

  • 5.5

    MEDIUM
    CVE-2024-56613

    In the Linux kernel, the following vulnerability has been resolved: sched/numa: fix memory leak due to the overwritten vma->numab_state [Problem Description] When running the hackbench program of LTP, the following memory leak is reported by kmemleak. ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 08, 2025

  • 5.5

    MEDIUM
    CVE-2024-56612

    In the Linux kernel, the following vulnerability has been resolved: mm/gup: handle NULL pages in unpin_user_pages() The recent addition of "pofs" (pages or folios) handling to gup has a flaw: it assumes that unpin_user_pages() handles NULL pages in the ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 08, 2025

  • 5.5

    MEDIUM
    CVE-2024-56611

    In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM We currently assume that there is at least one VMA in a MM, which isn't true. So we might end up having f... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 06, 2025

  • 0.0

    NA
    CVE-2024-56610

    In the Linux kernel, the following vulnerability has been resolved: kcsan: Turn report_filterlist_lock into a raw_spinlock Ran Xiaokai reports that with a KCSAN-enabled PREEMPT_RT kernel, we can see splats like: | BUG: sleeping function called from inv... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 0.0

    NA
    CVE-2024-56609

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb When removing kernel modules by: rmmod rtw88_8723cs rtw88_8703b rtw88_8723x rtw88_sdio rtw88_core Driver uses skb_queue_p... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-56608

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' An issue was identified in the dcn21_link_encoder_create function where an out-of-bounds access could occur when... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 02, 2025

  • 0.0

    NA
    CVE-2024-56607

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() When I try to manually set bitrates: iw wlan0 set bitrates legacy-2.4 1 I get sleeping from invalid context error, s... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 09, 2025

  • 7.8

    HIGH
    CVE-2024-56606

    In the Linux kernel, the following vulnerability has been resolved: af_packet: avoid erroring out after sock_init_data() in packet_create() After sock_init_data() the allocated sk object is attached to the provided sock object. On error, packet_create()... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 11, 2025

  • 7.8

    HIGH
    CVE-2024-56605

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_so... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 11, 2025

  • 7.8

    HIGH
    CVE-2024-56604

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the provided sock object. If rfcomm_dlc_alloc() fails, we rel... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 11, 2025

  • 7.8

    HIGH
    CVE-2024-56603

    In the Linux kernel, the following vulnerability has been resolved: net: af_can: do not leave a dangling sk pointer in can_create() On error can_create() frees the allocated sk object, but sock_init_data() has already attached it to the provided sock ob... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 11, 2025

  • 7.8

    HIGH
    CVE-2024-56602

    In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() sock_init_data() attaches the allocated sk object to the provided sock object. If ieee802154_create() fails la... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 11, 2025
Showing 20 of 293667 Results