CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52438 – binder: fix use-after-free in shinker's callback
https://notcve.org/view.php?id=CVE-2023-52438
20 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the shrinker's callback, which means that using alloc->vma pointer isn't safe as it can race with munmap(). As of commit dd2283f2605e ("mm: mmap: zap pages with read mmap_sem in munmap") the mmap lock is downgraded after the vma has been isolated. I was able to reproduce this issue by manually adding some delays and triggering page reclaiming through the shri... • https://git.kernel.org/stable/c/dd2283f2605e3b3e9c61bcae844b34f2afa4813f • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52436 – f2fs: explicitly null-terminate the xattr list
https://notcve.org/view.php?id=CVE-2023-52436
20 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: explicitly null-terminate the xattr list When setting an xattr, explicitly null-terminate the xattr list. This eliminates the fragile assumption that the unused xattr space is always zeroed. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: termina explícitamente en nulo la lista xattr Al configurar un xattr, termina explícitamente en nulo la lista xattr. Esto elimina la frágil suposición de que el espacio xattr... • https://git.kernel.org/stable/c/16ae3132ff7746894894927c1892493693b89135 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2024-26581 – netfilter: nft_set_rbtree: skip end interval element from gc
https://notcve.org/view.php?id=CVE-2024-26581
20 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nft_set_rbtree: omitir elemento de intervalo final de gc rbtree lazy gc al insertar puede recopilar un elemento de intervalo final que se acaba... • https://github.com/madfxr/CVE-2024-26581-Checker • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-24864 – Race condition vulnerability in Linux kernel media/dvb-core in dvbdmx_write()
https://notcve.org/view.php?id=CVE-2024-24864
05 Feb 2024 — A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. Se encontró una condición de ejecución en media/dvb-core del kernel de Linux en la función dvbdmx_write(). Esto puede provocar un problema de desreferencia de puntero nulo, lo que posiblemente provoque un pánico en el kernel o un problema de denegación de servicio. A race condition was found in the Linu... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8178 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-24857 – Race condition vulnerability in Linux kernel bluetooth in conn_info_{min,max}_age_set()
https://notcve.org/view.php?id=CVE-2024-24857
05 Feb 2024 — A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service. Se encontró una condición de ejecución en el controlador de dispositivo net/bluetooth del kernel de Linux en la función conn_info_{min,max}_age_set(). Esto puede provocar un problema de desbordamiento de enteros, lo que posiblemente provoque una anomalía en la conexión Bl... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8155 • CWE-190: Integer Overflow or Wraparound CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-24858 – Race condition vulnerability in Linux kernel net/bluetooth in {conn,adv}_{min,max}_interval_set()
https://notcve.org/view.php?id=CVE-2024-24858
05 Feb 2024 — A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service. Se encontró una condición de ejecución en la red/bluetooth del kernel de Linux en la función {conn,adv}_{min,max}_interval_set(). Esto puede provocar una conexión I2cap o un problema de anomalía en la transmisión, lo que posiblemente provoque una denegación de servicio. A race condition flaw ... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8154 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-24859 – Race condition vulnerability in Linux kernel bluetooth sniff_{min,max}_interval_set()
https://notcve.org/view.php?id=CVE-2024-24859
05 Feb 2024 — A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service. Se encontró una condición de ejecución en la red/bluetooth del kernel de Linux en la función sniff_{min,max}_interval_set(). Esto puede provocar un problema de excepción de rastreo de Bluetooth, lo que posiblemente provoque una denegación de servicio. A race condition vulnerability was found in the Linux kernel... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8153 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-24861 – Race condition vulnerability in Linux kernel media/xc4000 xc4000_get_frequency()
https://notcve.org/view.php?id=CVE-2024-24861
05 Feb 2024 — A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue. Se encontró una condición de ejecución en el controlador de dispositivo media/xc4000 del kernel de Linux en la función xc4000 xc4000_get_frequency(). Esto puede provocar un problema de desbordamiento del valor de retorno, lo que posiblemente provoque un mal funcionamiento o un problem... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8150 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 13CVE-2024-1086 – Linux Kernel Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-1086
31 Jan 2024 — A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. Una vulnerabilidad de use after free en el componente net... • https://packetstorm.news/files/id/177862 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-21803 – Possible UAF in bt_accept_poll in Linux kernel
https://notcve.org/view.php?id=CVE-2024-21803
30 Jan 2024 — Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C. This issue affects Linux kernel: from v2.6.12-rc2 before v6.8-rc1. Vulnerabilidad de Use After Free en El kernel de Linux en Linux, x86, ARM (módulos bluetooth) permite la ejecución local de código. Esta vulnerabilidad está asociada con archivos d... • https://bugzilla.openanolis.cn/show_bug.cgi?id=8081 • CWE-416: Use After Free •