CVE-2024-26907 – RDMA/mlx5: Fix fortify source warning while accessing Eth segment
https://notcve.org/view.php?id=CVE-2024-26907
Certain scenarios could lead to a use-after-free issue, potentially allowing an attacker to escalate their privileges or affect system integrity or stability. • https://git.kernel.org/stable/c/d27c48dc309da72c3b46351a1205d89687272baa https://git.kernel.org/stable/c/60ba938a8bc8c90e724c75f98e932f9fb7ae1b9d https://git.kernel.org/stable/c/cad82f1671e41094acd3b9a60cd27d67a3c64a21 https://git.kernel.org/stable/c/9a624a5f95733bac4648ecadb320ca83aa9c08fd https://git.kernel.org/stable/c/185fa07000e0a81d54cf8c05414cebff14469a5c https://git.kernel.org/stable/c/4d5e86a56615cc387d21c629f9af8fb0e958d350 https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://access.redhat.com/security/cve/CVE-2024 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') CWE-416: Use After Free •
CVE-2024-21121 – Oracle VirtualBox OHCI USB Controller Use-After-Free Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-21121
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://www.oracle.com/security-alerts/cpuapr2024.html •
CVE-2024-21116 – Oracle VirtualBox vboxdrv Improper Privilege Management Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-21116
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://www.oracle.com/security-alerts/cpuapr2024.html •
CVE-2024-21115 – Oracle VirtualBox DevVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-21115
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://www.oracle.com/security-alerts/cpuapr2024.html •
CVE-2024-21114 – Oracle VirtualBox VirtIOCore Buffer Overflow Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-21114
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-284: Improper Access Control •