U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.


The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2024-50047 - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o .... read CVE-2024-50047
    Published: October 21, 2024; 4:15:17 PM -0400

    V3.1: 7.8 HIGH

  • CVE-2024-47736 - In the Linux kernel, the following vulnerability has been resolved: erofs: handle overlapped pclusters out of crafted images properly syzbot reported a task hang issue due to a deadlock case where it is waiting for the folio lock of a cached fol... read CVE-2024-47736
    Published: October 21, 2024; 9:15:03 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-47741 - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race setting file private on concurrent lseek using same fd When doing concurrent lseek(2) system calls against the same file descriptor, using multiple threads belon... read CVE-2024-47741
    Published: October 21, 2024; 9:15:04 AM -0400

    V3.1: 7.0 HIGH

  • CVE-2024-47738 - In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask for scanning"), ignore incorrect settings to avoi... read CVE-2024-47738
    Published: October 21, 2024; 9:15:03 AM -0400

    V3.1: 3.3 LOW

  • CVE-2024-50064 - In the Linux kernel, the following vulnerability has been resolved: zram: free secondary algorithms names We need to kfree() secondary algorithms names when reset zram device that had multi-streams, otherwise we leak memory. [senozhatsky@chromi... read CVE-2024-50064
    Published: October 21, 2024; 4:15:18 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-50062 - In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment For RTRS path establishment, RTRS client initiates and completes con_num of connections. After establishing all... read CVE-2024-50062
    Published: October 21, 2024; 4:15:18 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-50061 - In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition In the cdns_i3c_master_probe function, &master->hj_work is bound with cdns_i3... read CVE-2024-50061
    Published: October 21, 2024; 4:15:18 PM -0400

    V3.1: 7.0 HIGH

  • CVE-2024-50048 - In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param { uint8_... read CVE-2024-50048
    Published: October 21, 2024; 4:15:17 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-50049 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before dereferencing se [WHAT & HOW] se is null checked previously in the same function, indicating it might be null; therefore, it must be c... read CVE-2024-50049
    Published: October 21, 2024; 4:15:17 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-50055 - In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() will cause that @priv are freed twice, fixed by ... read CVE-2024-50055
    Published: October 21, 2024; 4:15:17 PM -0400

    V3.1: 7.8 HIGH

  • CVE-2024-47724 - In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: use work queue to process beacon tx event Commit 3a415daa3e8b ("wifi: ath11k: add P2P IE in beacon template") from Feb 28, 2024 (linux-next), leads to the followin... read CVE-2024-47724
    Published: October 21, 2024; 9:15:02 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-47694 - In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix UMR pd cleanup on error flow of driver init The cited commit moves the pd allocation from function mlx5r_umr_resource_cleanup() to a new function mlx5r_umr_cleanup(... read CVE-2024-47694
    Published: October 21, 2024; 8:15:06 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-47695 - In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds In the function init_conns(), after the create_con() and create_cm() for loop if something fails. In the cleanup for lo... read CVE-2024-47695
    Published: October 21, 2024; 8:15:06 AM -0400

    V3.1: 7.8 HIGH

  • CVE-2024-47696 - In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency In the commit aee2424246f9 ("RDMA/iwcm: Fix a use-after-free related to destroying CM IDs"), the function fl... read CVE-2024-47696
    Published: October 21, 2024; 8:15:06 AM -0400

    V3.1: 7.8 HIGH

  • CVE-2024-47700 - In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of the cluster ratio however this check is missed wh... read CVE-2024-47700
    Published: October 21, 2024; 8:15:06 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-47690 - In the Linux kernel, the following vulnerability has been resolved: f2fs: get rid of online repaire on corrupted directory syzbot reports a f2fs bug as below: kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/i... read CVE-2024-47690
    Published: October 21, 2024; 8:15:05 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-47692 - In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdup_user() to return ... read CVE-2024-47692
    Published: October 21, 2024; 8:15:05 AM -0400

    V3.1: 6.5 MEDIUM

  • CVE-2024-47693 - In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix ib_cache_setup_one error flow cleanup When ib_cache_update return an error, we exit ib_cache_setup_one instantly with no proper cleanup, even though before this we ... read CVE-2024-47693
    Published: October 21, 2024; 8:15:06 AM -0400

    V3.1: 6.5 MEDIUM

  • CVE-2024-47742 - In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some ... read CVE-2024-47742
    Published: October 21, 2024; 9:15:04 AM -0400

    V3.1: 7.8 HIGH

  • CVE-2024-47735 - In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled Fix missuse of spin_lock_irq()/spin_unlock_irq() when spin_lock_irqsave()/spin_lock_irqrestore() was hold. This ... read CVE-2024-47735
    Published: October 21, 2024; 9:15:03 AM -0400

    V3.1: 5.5 MEDIUM

Created September 20, 2022 , Updated August 27, 2024