Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:3.4.9
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-26581 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active. Published: February 20, 2024; 8:15:09 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2024-25740 |
A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released. Published: February 11, 2024; 10:15:32 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2024-25739 |
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. Published: February 11, 2024; 10:15:32 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-52429 |
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. Published: February 11, 2024; 10:15:32 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2024-1312 |
A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. This issue could allow a local user to crash the system. Published: February 08, 2024; 8:15:09 AM -0500 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2024-24860 |
A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. Published: February 05, 2024; 3:15:45 AM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2024-24859 |
A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service. Published: February 05, 2024; 3:15:44 AM -0500 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2024-24858 |
A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service. Published: February 05, 2024; 3:15:44 AM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2024-24857 |
A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service. Published: February 05, 2024; 3:15:44 AM -0500 |
V3.1: 6.8 MEDIUM V2.0:(not available) |
CVE-2024-23196 |
A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. Published: February 05, 2024; 3:15:44 AM -0500 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2024-22386 |
A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. Published: February 05, 2024; 3:15:43 AM -0500 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2024-21803 |
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C. This issue affects Linux kernel: from v2.6.12-rc2 before v6.8-rc1. Published: January 30, 2024; 3:15:41 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-6200 |
A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution. Published: January 28, 2024; 8:15:07 AM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2024-22705 |
An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled. Published: January 23, 2024; 6:15:09 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-51043 |
In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload. Published: January 23, 2024; 6:15:08 AM -0500 |
V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2023-51042 |
In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free. Published: January 23, 2024; 6:15:08 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-46343 |
In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c. Published: January 23, 2024; 5:15:10 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2024-23851 |
copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl. Published: January 23, 2024; 4:15:36 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2024-23850 |
In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation. Published: January 23, 2024; 4:15:36 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2024-23849 |
In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access. Published: January 23, 2024; 4:15:36 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |