CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52429 – Debian Security Advisory 5658-1txt
https://notcve.org/view.php?id=CVE-2023-52429
12 Feb 2024 — dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. dm_table_create en drivers/md/dm-table.c en el kernel de Linux hasta 6.7.4 puede intentar (en alloc_targets) asignar más de INT_MAX bytes y fallar debido a que falta una verificación de la estructura dm_ioctl.target_count. Several vulnerabilities have been discovered in the Linux kernel that may ... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bd504bcfec41a503b32054da5472904b404341a4 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25739 – kernel: crash due to a missing check for leb_size
https://notcve.org/view.php?id=CVE-2024-25739
12 Feb 2024 — create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. create_empty_lvol en drivers/mtd/ubi/vtbl.c en el kernel de Linux hasta 6.7.4 puede intentar asignar cero bytes y fallar debido a que falta una verificación de ubi->leb_size. A flaw was found in the Linux kernel. The create_empty_lvol function in the drivers/mtd/ubi/vtbl.c file can attempt to allocate zero bytes of memory when the LEB s... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=68a24aba7c593eafa8fd00f2f76407b9b32b47a9 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25740
https://notcve.org/view.php?id=CVE-2024-25740
12 Feb 2024 — A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released. Se encontró una falla de pérdida de memoria en el controlador UBI en drivers/mtd/ubi/attach.c en el kernel de Linux hasta 6.7.4 para UBI_IOCATT, porque kobj->name no está publicado. • https://lore.kernel.org/lkml/0171b6cc-95ee-3538-913b-65a391a446b3%40huawei.com/T • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-24864 – Race condition vulnerability in Linux kernel media/dvb-core in dvbdmx_write()
https://notcve.org/view.php?id=CVE-2024-24864
05 Feb 2024 — A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. Se encontró una condición de ejecución en media/dvb-core del kernel de Linux en la función dvbdmx_write(). Esto puede provocar un problema de desreferencia de puntero nulo, lo que posiblemente provoque un pánico en el kernel o un problema de denegación de servicio. A race condition was found in the Linu... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8178 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-24857 – Race condition vulnerability in Linux kernel bluetooth in conn_info_{min,max}_age_set()
https://notcve.org/view.php?id=CVE-2024-24857
05 Feb 2024 — A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service. Se encontró una condición de ejecución en el controlador de dispositivo net/bluetooth del kernel de Linux en la función conn_info_{min,max}_age_set(). Esto puede provocar un problema de desbordamiento de enteros, lo que posiblemente provoque una anomalía en la conexión Bl... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8155 • CWE-190: Integer Overflow or Wraparound CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-24858 – Race condition vulnerability in Linux kernel net/bluetooth in {conn,adv}_{min,max}_interval_set()
https://notcve.org/view.php?id=CVE-2024-24858
05 Feb 2024 — A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service. Se encontró una condición de ejecución en la red/bluetooth del kernel de Linux en la función {conn,adv}_{min,max}_interval_set(). Esto puede provocar una conexión I2cap o un problema de anomalía en la transmisión, lo que posiblemente provoque una denegación de servicio. A race condition flaw ... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8154 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-24859 – Race condition vulnerability in Linux kernel bluetooth sniff_{min,max}_interval_set()
https://notcve.org/view.php?id=CVE-2024-24859
05 Feb 2024 — A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service. Se encontró una condición de ejecución en la red/bluetooth del kernel de Linux en la función sniff_{min,max}_interval_set(). Esto puede provocar un problema de excepción de rastreo de Bluetooth, lo que posiblemente provoque una denegación de servicio. A race condition vulnerability was found in the Linux kernel... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8153 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-24861 – Race condition vulnerability in Linux kernel media/xc4000 xc4000_get_frequency()
https://notcve.org/view.php?id=CVE-2024-24861
05 Feb 2024 — A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue. Se encontró una condición de ejecución en el controlador de dispositivo media/xc4000 del kernel de Linux en la función xc4000 xc4000_get_frequency(). Esto puede provocar un problema de desbordamiento del valor de retorno, lo que posiblemente provoque un mal funcionamiento o un problem... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8150 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 13CVE-2024-1086 – Linux Kernel Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-1086
31 Jan 2024 — A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. Una vulnerabilidad de use after free en el componente net... • https://packetstorm.news/files/id/177862 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-21803 – Possible UAF in bt_accept_poll in Linux kernel
https://notcve.org/view.php?id=CVE-2024-21803
30 Jan 2024 — Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C. This issue affects Linux kernel: from v2.6.12-rc2 before v6.8-rc1. Vulnerabilidad de Use After Free en El kernel de Linux en Linux, x86, ARM (módulos bluetooth) permite la ejecución local de código. Esta vulnerabilidad está asociada con archivos d... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8081 • CWE-416: Use After Free •