CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50289 – media: av7110: fix a spectre vulnerability
https://notcve.org/view.php?id=CVE-2024-50289
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: media: av7110: fix a spectre vulnerability As warned by smatch: drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue 'av7110->ci_slot' [w] (local cap) There is a spectre-related vulnerability at the code. ... An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50287 – media: v4l2-tpg: prevent the risk of a division by zero
https://notcve.org/view.php?id=CVE-2024-50287
19 Nov 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/63881df94d3ecbb0deafa0b77da62ff2f32961c4 •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50285 – ksmbd: check outstanding simultaneous SMB operations
https://notcve.org/view.php?id=CVE-2024-50285
19 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50284 – ksmbd: Fix the missing xa_store error check
https://notcve.org/view.php?id=CVE-2024-50284
19 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/052b41ef2abe274f068e892aee81406f11bd1f3a •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50283 – ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp
https://notcve.org/view.php?id=CVE-2024-50283
19 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf •
CVSS: 9.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50282 – drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()
https://notcve.org/view.php?id=CVE-2024-50282
19 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/673bdb4200c092692f83b5f7ba3df57021d52d29 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50281 – KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation
https://notcve.org/view.php?id=CVE-2024-50281
19 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/0e28bf61a5f9ab30be3f3b4eafb8d097e39446bb •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-50280 – dm cache: fix flushing uninitialized delayed_work on cache_ctr error
https://notcve.org/view.php?id=CVE-2024-50280
19 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/6a3e412c2ab131c54945327a7676b006f000a209 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50279 – dm cache: fix out-of-bounds access to the dirty bitset when resizing
https://notcve.org/view.php?id=CVE-2024-50279
19 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/f494a9c6b1b6dd9a9f21bbb75d9210d478eeb498 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50278 – dm cache: fix potential out-of-bounds access on the first resume
https://notcve.org/view.php?id=CVE-2024-50278
19 Nov 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/f494a9c6b1b6dd9a9f21bbb75d9210d478eeb498 •