Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:x64:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-52429 |
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. Published: February 11, 2024; 10:15:32 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2024-1312 |
A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. This issue could allow a local user to crash the system. Published: February 08, 2024; 8:15:09 AM -0500 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2024-1149 |
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0; Inventory Agent: through 6.14.5; Inventory Agent: through 6.7.2. Published: February 08, 2024; 8:15:09 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-6536 |
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. Published: February 07, 2024; 4:15:08 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-6535 |
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. Published: February 07, 2024; 4:15:08 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-6356 |
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service. Published: February 07, 2024; 4:15:08 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2024-24864 |
A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write()Â function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. Published: February 05, 2024; 3:15:45 AM -0500 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2024-24861 |
A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue. Published: February 05, 2024; 3:15:45 AM -0500 |
V3.1: 6.3 MEDIUM V2.0:(not available) |
CVE-2024-24860 |
A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. Published: February 05, 2024; 3:15:45 AM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2024-24859 |
A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service. Published: February 05, 2024; 3:15:44 AM -0500 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2024-24858 |
A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service. Published: February 05, 2024; 3:15:44 AM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2024-24857 |
A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service. Published: February 05, 2024; 3:15:44 AM -0500 |
V3.1: 6.8 MEDIUM V2.0:(not available) |
CVE-2024-24855 |
A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. Published: February 05, 2024; 3:15:44 AM -0500 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2024-23196 |
A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. Published: February 05, 2024; 3:15:44 AM -0500 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2024-22386 |
A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. Published: February 05, 2024; 3:15:43 AM -0500 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2023-6240 |
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key. Published: February 04, 2024; 9:15:47 AM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-47148 |
IBM Storage Protect Plus Server 10.1.0 through 10.1.15.2 Admin Console could allow a remote attacker to obtain sensitive information due to improper validation of unsecured endpoints which could be used in further attacks against the system. IBM X-Force ID: 270599. Published: February 02, 2024; 8:15:08 AM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-4554 |
Improper Restriction of XML External Entity Reference vulnerability in OpenText AppBuilder on Windows, Linux allows Server Side Request Forgery, Probe System Files. AppBuilder's XML processor is vulnerable to XML External Entity Processing (XXE), allowing an authenticated user to upload specially crafted XML files to induce server-side request forgery, disclose files local to the server that processes them. This issue affects AppBuilder: from 21.2 before 23.2. Published: January 29, 2024; 4:15:09 PM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-4553 |
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. AppBuilder configuration files are viewable by unauthenticated users. This issue affects AppBuilder: from 21.2 before 23.2. Published: January 29, 2024; 4:15:09 PM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2023-4552 |
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An authenticated AppBuilder user with the ability to create or manage existing databases can leverage them to exploit the AppBuilder server - including access to its local file system. This issue affects AppBuilder: from 21.2 before 23.2. Published: January 29, 2024; 4:15:09 PM -0500 |
V3.1: 7.1 HIGH V2.0:(not available) |