Latest CVE Feed
-
5.5
CVSS31CVE-2024-49857
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: set the cipher for secured NDP ranging The cipher pointer is not set, but is derefereced trying to set its content, which leads to a NULL pointer dereference. Fix it... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-49856
In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all other EPC sections are used up, CPU can get stuck inside t... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
7.0
CVSS31CVE-2024-49855
In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbd_requeue_cmd(), normal completion has to be stopped for avoiding to complete this requeued reque... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-49854
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing waker_bfqq after splitting After commit 42c306ed7233 ("block, bfq: don't break merge chain in bfq_split_bfqq()"), if the current procress is the last h... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
0.0
NONECVE-2024-49853
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix double free in OPTEE transport Channels can be shared between protocols, avoid freeing the same channel descriptors twice when unloading the stack.... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
0.0
NONECVE-2024-49852
In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() The kref_put() function will call nport->release if the refcount drops to zero. The nport->release release func... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
0.0
NONECVE-2024-49851
In the Linux kernel, the following vulnerability has been resolved: tpm: Clean up TPM space after command failure tpm_dev_transmit prepares the TPM space before attempting command transmission. However if the command fails no rollback of this preparatio... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
5.5
CVSS31CVE-2024-49850
In the Linux kernel, the following vulnerability has been resolved: bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos In case of malformed relocation record of kind BPF_CORE_TYPE_ID_LOCAL referencing a non-existing BTF type, function bpf_core... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
7.1
CVSS31CVE-2024-47757
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential oob read in nilfs_btree_check_delete() The function nilfs_btree_check_delete(), which checks whether degeneration to direct mapping occurs before deleting a b-tree... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
5.5
CVSS31CVE-2024-47756
In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix if-statement expression in ks_pcie_quirk() This code accidentally uses && where || was intended. It potentially results in a NULL dereference. Thus, fix the if-stat... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
5.5
CVSS31CVE-2024-47755
In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix devs leaks in scan_labels() scan_labels() leaks memory when label scanning fails and it falls back to just creating a default "seed" namespace for userspace to configure. Ro... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
5.5
CVSS31CVE-2024-47754
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning Fix a smatch static checker warning on vdec_h264_req_multi_if.c. Which leads to a kernel crash when fb is NULL.... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
5.5
CVSS31CVE-2024-47753
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning Fix a smatch static checker warning on vdec_vp8_req_if.c. Which leads to a kernel crash when fb is NULL.... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
5.5
CVSS31CVE-2024-47752
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning Fix a smatch static checker warning on vdec_h264_req_if.c. Which leads to a kernel crash when fb is NULL.... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-47751
In the Linux kernel, the following vulnerability has been resolved: PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() Within kirin_pcie_parse_port(), the pcie->num_slots is compared to pcie->gpio_id_reset size (MAX_PCI_SLOTS) which is correct a... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
0.0
NONECVE-2024-47750
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 Currently rsv_qp is freed before ib_unregister_device() is called on HIP08. During the time interval, users can still dereg MR and rsv_qp... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
5.5
CVSS31CVE-2024-47749
In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: Added NULL check for lookup_atid The lookup_atid() function can return NULL if the ATID is invalid or does not exist in the identifier table, which could lead to dereferenci... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-47748
In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: assign irq bypass producer token correctly We used to call irq_bypass_unregister_producer() in vhost_vdpa_setup_vq_irq() which is problematic as we don't know if the token p... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
7.0
CVSS31CVE-2024-47747
In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition In the ether3_probe function, a timer is initialized with a callback function ether3_ledoff, bound to ... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
5.5
CVSS31CVE-2024-47746
In the Linux kernel, the following vulnerability has been resolved: fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set This may be a typo. The comment has said shared locks are not allowed when this bit is set. If using shared lock, the wait in `... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024