CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-32268
https://notcve.org/view.php?id=CVE-2024-32268
An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network connection component. • https://github.com/kzLiu2017/Tuya_Cam_CVE_Doc/blob/main/U6N-CVE-Document.pdf •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-32269
https://notcve.org/view.php?id=CVE-2024-32269
An issue in Yonganda YAD-LOJ V3.0.561 allows a remote attacker to cause a denial of service via a crafted packet. • https://github.com/kzLiu2017/Tuya_Cam_CVE_Doc/blob/main/YAD-LOJ-Camera.pdf • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48666 – scsi: core: Fix a use-after-free
https://notcve.org/view.php?id=CVE-2022-48666
Make sure that these resources are still available when .exit_cmd_priv is called by waiting inside scsi_remove_host() until the tag set has been freed. This commit fixes the following use-after-free: ================================================================== BUG: KASAN: use-after-free in srp_exit_cmd_priv+0x27/0xd0 [ib_srp] Read of size 8 at addr ffff888100337000 by task multipathd/16727 Call Trace: <TASK> dump_stack_lvl+0x34/0x44 print_report.cold+0x5e/0x5db kasan_report+0xab/0x120 srp_exit_cmd_priv+0x27/0xd0 [ib_srp] scsi_mq_exit_request+0x4d/0x70 blk_mq_free_rqs+0x143/0x410 __blk_mq_free_map_and_rqs+0x6e/0x100 blk_mq_free_tag_set+0x2b/0x160 scsi_host_dev_release+0xf3/0x1a0 device_release+0x54/0xe0 kobject_put+0xa5/0x120 device_release+0x54/0xe0 kobject_put+0xa5/0x120 scsi_device_dev_release_usercontext+0x4c1/0x4e0 execute_in_process_context+0x23/0x90 device_release+0x54/0xe0 kobject_put+0xa5/0x120 scsi_disk_release+0x3f/0x50 device_release+0x54/0xe0 kobject_put+0xa5/0x120 disk_release+0x17f/0x1b0 device_release+0x54/0xe0 kobject_put+0xa5/0x120 dm_put_table_device+0xa3/0x160 [dm_mod] dm_put_device+0xd0/0x140 [dm_mod] free_priority_group+0xd8/0x110 [dm_multipath] free_multipath+0x94/0xe0 [dm_multipath] dm_table_destroy+0xa2/0x1e0 [dm_mod] __dm_destroy+0x196/0x350 [dm_mod] dev_remove+0x10c/0x160 [dm_mod] ctl_ioctl+0x2c2/0x590 [dm_mod] dm_ctl_ioctl+0x5/0x10 [dm_mod] __x64_sys_ioctl+0xb4/0xf0 dm_ctl_ioctl+0x5/0x10 [dm_mod] __x64_sys_ioctl+0xb4/0xf0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x46/0xb0 En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: core: corrige un use-after-free Hay dos implementaciones de .exit_cmd_priv. • https://git.kernel.org/stable/c/65ca846a53149a1a72cd8d02e7b2e73dd545b834 https://git.kernel.org/stable/c/5ce8fad941233e81f2afb5b52a3fcddd3ba8732f https://git.kernel.org/stable/c/f818708eeeae793e12dc39f8984ed7732048a7d9 https://git.kernel.org/stable/c/2e7eb4c1e8af8385de22775bd0be552f59b28c9a https://git.kernel.org/stable/c/8fe4ce5836e932f5766317cb651c1ff2a4cd0506 • CWE-416: Use After Free •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48653 – ice: Don't double unplug aux on peer initiated reset
https://notcve.org/view.php?id=CVE-2022-48653
bitmap_find_next_zero_area_off+0x45/0xa0 [ 662.815719] ice_send_event_to_aux+0x54/0x70 [ice] [ 662.815741] ice_misc_intr+0x21d/0x2d0 [ice] [ 662.815756] __handle_irq_event_percpu+0x4c/0x180 [ 662.815762] handle_irq_event_percpu+0xf/0x40 [ 662.815764] handle_irq_event+0x34/0x60 [ 662.815766] handle_edge_irq+0x9a/0x1c0 [ 662.815770] __common_interrupt+0x62/0x100 [ 662.815774] common_interrupt+0xb4/0xd0 [ 662.815779] </IRQ> [ 662.815780] <TASK> [ 662.815780] asm_common_interrupt+0x1e/0x40 [ 662.815785] RIP: 0010:cpuidle_enter_state+0xd6/0x380 [ 662.815789] Code: 49 89 c4 0f 1f 44 00 00 31 ff e8 65 d7 95 ff 45 84 ff 74 12 9c 58 f6 c4 02 0f 85 64 02 00 00 31 ff e8 ae c5 9c ff fb 45 85 f6 <0f> 88 12 01 00 00 49 63 d6 4c 2b 24 24 48 8d 04 52 48 8d 04 82 49 [ 662.815791] RSP: 0018:ff2c2c4f18edbe80 EFLAGS: 00000202 [ 662.815793] RAX: ff280805df140000 RBX: 0000000000000002 RCX: 000000000000001f [ 662.815795] RDX: 0000009a52da2d08 R ---truncated--- En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ice: no desconectar dos veces el auxiliar en el reinicio iniciado por el par. • https://git.kernel.org/stable/c/f9f5301e7e2d4fa2445aab3ec889dac6b34ea63e https://git.kernel.org/stable/c/34447d64b8d28e4d6a73d73f07c879959d68fbfe https://git.kernel.org/stable/c/149979e87eb7a365d3d0b259bed79d84ff585a93 https://git.kernel.org/stable/c/23c619190318376769ad7b61504c2ea0703fb783 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48638 – cgroup: cgroup_get_from_id() must check the looked-up kn is a directory
https://notcve.org/view.php?id=CVE-2022-48638
A flaw was found in the Linux kernel in which certain cgroup configurations could cause a kernel panic, resulting in a Denial of Service. • https://git.kernel.org/stable/c/6b658c4863c15936872a93c9ee879043bf6393c9 https://git.kernel.org/stable/c/8484a356cee8ce3d6a8e6266ff99be326e9273ad https://git.kernel.org/stable/c/1e9571887f97b17cf3ffe9aa4da89090ea60988b https://git.kernel.org/stable/c/df02452f3df069a59bc9e69c84435bf115cb6e37 https://access.redhat.com/security/cve/CVE-2022-48638 https://bugzilla.redhat.com/show_bug.cgi?id=2277829 • CWE-588: Attempt to Access Child of a Non-structure Pointer •