CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53110 – vp_vdpa: fix id_table array not null terminated error
https://notcve.org/view.php?id=CVE-2024-53110
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmtdev_get_classes() may iterate multiple times and visit undefined memory. In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmtdev_get_classes() may iterate m... • https://git.kernel.org/stable/c/ffbda8e9df10d1784d5427ec199e7d8308e3763f •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53109 – nommu: pass NULL argument to vma_iter_prealloc()
https://notcve.org/view.php?id=CVE-2024-53109
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vma_iter_prealloc() When deleting a vma entry from a maple tree, it has to pass NULL to vma_iter_prealloc() in order to calculate internal state of the tree, but it passed a wrong argument. In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vma_iter_prealloc() When deleting a vma entry from a maple tree, it has to pass NULL to vma_iter_prealloc() in ord... • https://git.kernel.org/stable/c/b5df09226450165c434084d346fcb6d4858b0d52 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53108 – drm/amd/display: Adjust VSDB parser for replay feature
https://notcve.org/view.php?id=CVE-2024-53108
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust VSDB parser for replay feature At some point, the IEEE ID identification for the replay check in the AMD EDID was added. ... (cherry picked from commit b7e381b1ccd5e778e3d9c44c669ad38439a861d8) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Ajustar el analizador VSDB para la función de reproducción En algún momento, se agregó la identificación IEEE ID para la comprob... • https://git.kernel.org/stable/c/0a326fbc8f72a320051f27328d4d4e7abdfe68d7 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53107 – fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args()
https://notcve.org/view.php?id=CVE-2024-53107
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args() The "arg->vec_len" variable is a u64 that comes from the user at the start of the function. In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args() The "arg->vec_len" variable is a u64 that comes from the user at the start of the function. ... En el kernel de Linux, se h... • https://git.kernel.org/stable/c/52526ca7fdb905a768a93f8faa418e9b988fc34b •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53106 – ima: fix buffer overrun in ima_eventdigest_init_common
https://notcve.org/view.php?id=CVE-2024-53106
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in ima_eventdigest_init_common Function ima_eventdigest_init() calls ima_eventdigest_init_common() with HASH_ALGO__LAST which is then used to access the array hash_digest_size[] leading to buffer overrun. In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in ima_eventdigest_init_common Function ima_eventdigest_init() calls ima_eventdigest_init_common() with HASH_... • https://git.kernel.org/stable/c/9fab303a2cb3d323ca3a32a8b4ab60b451141901 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53105 – mm: page_alloc: move mlocked flag clearance into free_pages_prepare()
https://notcve.org/view.php?id=CVE-2024-53105
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page being freed using free_page() still having a mlocked flag at free_pages_prepare() stage: BUG: Bad page state in process syz.5.504 pfn:61f45 page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61f45 flags: 0xfff00000080204(referenced|workingset|mlocked|node=0|zone=1|lastcpupid=0x7ff) raw: 00f... • https://git.kernel.org/stable/c/b109b87050df5438ee745b2bddfa3587970025bb •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-53104 – media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
https://notcve.org/view.php?id=CVE-2024-53104
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming. In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writ... • https://git.kernel.org/stable/c/c0efd232929c2cd87238de2cccdaf4e845be5b0c • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-53103 – hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer
https://notcve.org/view.php?id=CVE-2024-53103
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to ... • https://git.kernel.org/stable/c/ae0078fcf0a5eb3a8623bfb5f988262e0911fdb9 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52922 – can: bcm: Fix UAF in bcm_proc_show()
https://notcve.org/view.php?id=CVE-2023-52922
28 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153-gc8746099c197 #230 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Call Trace:
CVSS: 10.0EPSS: 46%CPEs: 1EXPL: 5CVE-2024-11680 – ProjectSend Improper Authentication Vulnerability
https://notcve.org/view.php?id=CVE-2024-11680
26 Nov 2024 — ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application's configuration. Successful exploitation allows attackers to create accounts, upload webshells, and embed malicious JavaScript. Las versiones de ProjectSend anteriores a r1720 se ven afectadas por una vulnerabilidad de autenticación incorrecta. Los atacantes ... • https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/projectsend_unauth_rce.rb • CWE-287: Improper Authentication •