CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50099 – arm64: probes: Remove broken LDR (literal) uprobe support
https://notcve.org/view.php?id=CVE-2024-50099
05 Nov 2024 — Given there have been no reports of problems since the broken code was introduced, it appears that no-one is relying on probing these instructions with uprobes. Given there have been no reports of problems since the broken code was introduced, it appears that no-one is relying on probing these instructions with uprobes. ... Given there have been no reports of problems since the broken code was introduced, it appears that no-one is relying on probing these instructions with uprobes. ... ... • https://git.kernel.org/stable/c/9842ceae9fa8deae141533d52a6ead7666962c09 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50096 – nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error
https://notcve.org/view.php?id=CVE-2024-50096
05 Nov 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/5be73b690875f7eb2d2defb54ccd7f2f12074984 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50095 – RDMA/mad: Improve handling of timed out WRs of mad agent
https://notcve.org/view.php?id=CVE-2024-50095
05 Nov 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/713adaf0ecfc49405f6e5d9e409d984f628de818 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50094 – sfc: Don't invoke xdp_do_flush() from netpoll.
https://notcve.org/view.php?id=CVE-2024-50094
05 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/401cb7dae8130fd34eb84648e02ab4c506df7d5e •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50093 – thermal: intel: int340x: processor: Fix warning during module unload
https://notcve.org/view.php?id=CVE-2024-50093
05 Nov 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/acd65d5d1cf4a3324c8970ba74632abe069fe23e •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50092 – net: netconsole: fix wrong warning
https://notcve.org/view.php?id=CVE-2024-50092
05 Nov 2024 — write_ext_msg+0x3b6/0x3d0 console_flush_all+0x1e9/0x330 The code incorrectly issues a warning when this_chunk is zero, which is a valid scenario. ... write_ext_msg+0x3b6/0x3d0 console_flush_all+0x1e9/0x330 The code incorrectly issues a warning when this_chunk is zero, which is a valid scenario. ... An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/1ec9daf950936c2a1c591596e83c09ce2eb12ade •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50091 – dm vdo: don't refer to dedupe_context after releasing it
https://notcve.org/view.php?id=CVE-2024-50091
05 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/cfaf07fae7a262865a67b6010eef3bc0a1ae50b2 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50090 – drm/xe/oa: Fix overflow in oa batch buffer
https://notcve.org/view.php?id=CVE-2024-50090
05 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/dd08ebf6c3525a7ea2186e636df064ea47281987 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49522 – Substance3D - Painter | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-49522
05 Nov 2024 — Substance3D - Painter versions 10.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/substance3d_painter/apsb24-52.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9579 – Certain Poly Video Conference Devices – Potential Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-9579
05 Nov 2024 — A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware flaw does not properly sanitize user input. The exploitation of this vulnerability is dependent on a layered attack and cannot be exploited by itself. Se descubrió una vulnerabilidad potencial en ciertos dispositivos de videoconferencia de Poly. El fallo del firmware no desinfecta adecuadamente la entrada del usuario. • https://support.hp.com/us-en/document/ish_11536495-11536533-16/hpsbpy03900 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •