Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2024-53228

    In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: Fix out-of-bounds array access In kvm_riscv_vcpu_sbi_init() the entry->ext_idx can contain an out-of-bound index. This is used as a special marker for the base extensions, t... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 16, 2025

  • 7.8

    HIGH
    CVE-2024-53227

    In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfad_im_module_exit() BUG: KASAN: slab-use-after-free in __lock_acquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Ca... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-53226

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() ib_map_mr_sg() allows ULPs to specify NULL as the sg_offset argument. The driver needs to check whether it is a NULL pointe... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 08, 2025

  • 0.0

    NA
    CVE-2024-53225

    In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift When configuring a kernel with PAGE_SIZE=4KB, depending on its setting of CONFIG_CMA_ALIGNMENT, VCMDQ_LOG2SIZE_MAX=19 could fa... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-53224

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup from device resources stage to notifier stage, since this i... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 03, 2025

  • 0.0

    NA
    CVE-2024-53223

    In the Linux kernel, the following vulnerability has been resolved: clk: ralink: mtmips: fix clocks probe order in oldest ralink SoCs Base clocks are the first in being probed and are real dependencies of the rest of fixed, factor and peripheral clocks.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-53222

    In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in comp_algorithm_show() LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Comm: cat Kdump: loaded Not tainted 6.12.0-rc6+ #3 Hardwa... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Mar. 24, 2025

  • 5.5

    MEDIUM
    CVE-2024-53221

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fs_submit_page_bio() There's issue as follows when concurrently installing the f2fs.ko module and mounting the f2fs file system: KASAN: null-ptr-deref in r... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 17, 2025

  • 0.0

    NA
    CVE-2024-53220

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to account dirty data in __get_secs_required() It will trigger system panic w/ testcase in [1]: ------------[ cut here ]------------ kernel BUG at fs/f2fs/segment.c:2752! RIP... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 0.0

    NA
    CVE-2024-53219

    In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: --... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 7.8

    HIGH
    CVE-2024-53218

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix race in concurrent f2fs_stop_gc_thread In my test case, concurrent calls to f2fs shutdown report the following stack trace: Oops: general protection fault, probably for non-... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Mar. 24, 2025

  • 5.5

    MEDIUM
    CVE-2024-53217

    In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update() @ses is initialized to NULL. If __nfsd4_find_backchannel() finds no available backchannel session, setup_callback_client() wi... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 31, 2025

  • 7.8

    HIGH
    CVE-2024-53216

    In the Linux kernel, the following vulnerability has been resolved: nfsd: release svc_expkey/svc_export with rcu_work The last reference for `cache_head` can be reduced to zero in `c_show` and `e_show`(using `rcu_read_lock` and `rcu_read_unlock`). Conse... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Mar. 24, 2025

  • 5.5

    MEDIUM
    CVE-2024-53215

    In the Linux kernel, the following vulnerability has been resolved: svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() There's issue as follows: RPC: Registered rdma transport module. RPC: Registered rdma backchannel transport module. RPC:... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 03, 2025

  • 0.0

    NA
    CVE-2024-53214

    In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability (i.e.,... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 7.8

    HIGH
    CVE-2024-53213

    In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xx_probe(), the buffer `buf` was being freed twice: once implicitly through `usb_free_urb(dev->urb_intr... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 10, 2025

  • 0.0

    NA
    CVE-2024-53212

    In the Linux kernel, the following vulnerability has been resolved: netlink: fix false positive warning in extack during dumps Commit under fixes extended extack reporting to dumps. It works under normal conditions, because extack errors are usually rep... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 0.0

    NA
    CVE-2024-53211

    In the Linux kernel, the following vulnerability has been resolved: net/l2tp: fix warning in l2tp_exit_net found by syzbot In l2tp's net exit handler, we check that an IDR is empty before destroying it: WARN_ON_ONCE(!idr_is_empty(&pn->l2tp_tunnel_idr)... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-53210

    In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() Passing MSG_PEEK flag to skb_recv_datagram() increments skb refcount (skb->users) and iucv_sock_recvmsg() does not decreme... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 14, 2025

  • 5.5

    MEDIUM
    CVE-2024-53209

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix receive ring space parameters when XDP is active The MTU setting at the time an XDP multi-buffer is attached determines whether the aggregation ring will be used and the rx... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 22, 2025
Showing 20 of 293604 Results