Skip to main content
CVE-2024-26758 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26757 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in md_check_recovery() Usually if the array is not read-write, md_check_recovery() won't register. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26756 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: md: Don't register sync_thread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26752 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: l2tp: pass correct message length to ip6_append_data l2tp_ip6_sendmsg needs to avoid accounting for the transport header twice when. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-26751 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ARM: ep93xx: Add terminator to gpiod_lookup_table Without the terminator, if a con_id is passed to gpio_find() that does not exist. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26744 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Support specifying the srpt_service_guid parameter Make loading ib_srpt with this parameter set work. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-26743 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedr_create_user_qp error flow Avoid the following warning by making sure to free the allocated resources in case. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Dell Denial Of Service Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26741 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished(). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-26740 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26738 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: DLPAR add doesn't completely initialize pci_controller When a PCI device is dynamically added, the kernel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

IBM Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26737 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel The following race is possible between. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26735 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel +9
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-26733 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Debian Memory Corruption Linux Kernel +28
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-26732 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: implement lockless setsockopt(SO_PEEK_OFF) syzbot reported a lockdep violation [1] involving af_unix support of SO_PEEK_OFF. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Google Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26729 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv Fixes potential null pointer dereference warnings in the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Amd Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26728 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix null-pointer dereference on edid reading Use i2c adapter when there isn't aux_mode in dc_link to fix a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Linux HP Denial Of Service Amd Null Pointer Dereference +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-20332 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Cisco Identity Services Engine
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-26727 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT() if the newly created subvolume already got read [BUG] There is a syzbot crash, triggered by the ASSERT(). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26726 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't drop extent_map for free space inode on write error While running the CI for an unrelated change I hit the following. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-26725 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: dpll: fix possible deadlock during netlink dump operation Recently, I've been hitting following deadlock warning during dpll pin. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-26722 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() There is a path in rt5645_jack_detect_work(), where rt5645->jd_mutex is. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26721 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsc: Fix the macro that calculates DSCC_/DSCA_ PPS reg address Commit bd077259d0a9 ("drm/i915/vdsc: Add function to read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26719 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: nouveau: offload fence uevents work to workqueue This should break the deadlock between the fctx lock and the irq lock. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26718 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26717 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid-of: fix NULL-deref on failed power up A while back the I2C HID implementation was split in an ACPI and OF part, but. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26716 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: usb: core: Prevent null pointer dereference in update_port_device_state Currently, the function update_port_device_state gets the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26715 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend In current scenario if Plug-out and Plug-In performed. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-26714 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive The CO0 BCM needs to be up at all times, otherwise some hardware (like the UFS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26711 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clk_init_data struct does not have all its members initialized, causing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26710 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26709 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix the missing iommu_group_put() during platform domain attach The function spapr_tce_platform_iommu_attach_dev(). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26708 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26707 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Syzkaller reported [1] hitting a warning after failing to allocate. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26706 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix random data corruption from exception handler The current exception handler implementation, which assists when. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-26705 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: parisc: BTLB: Fix crash when setting up BTLB at CPU bringup When using hotplug and bringing up a 32-bit CPU, ask the firmware about. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26703 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimer_init to timerlat_fd open() Currently, the timerlat's hrtimer is initialized at the first read of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26702 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC Recently, we encounter kernel crash in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26700 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix MST Null Ptr for RV The change try to fix below error specific to RV platform: BUG: kernel NULL pointer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Linux Lenovo Denial Of Service Amd Null Pointer Dereference +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26697 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix data corruption in dsync block recovery for small block sizes The helper function nilfs_recovery_copy_block() of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26696 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() Syzbot reported a hang issue in migrate_pages_batch() called by mbind() and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26695 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked The SEV platform device can be shutdown with a null. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Canonical Denial Of Service Linux Linux Kernel +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26693 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix a crash when we run out of stations A DoS tool that injects loads of authentication frames made our AP. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26692 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: smb: Fix regression in writes when non-standard maximum write size negotiated The conversion to netfs in the 6.3 kernel caused a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26691 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu->mutex is taken *inside* kvm->lock. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26688 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super When configuring a hugetlb filesystem via the fsconfig() syscall,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Intel Denial Of Service Linux Linux Kernel +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26687 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: xen/events: close evtchn after mapping cleanup shutdown_pirq and startup_pirq are not taking the irq_mapping_update_lock because. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26686 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats lock_task_sighand() can trigger a hard lockup. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26685 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential bug in end_buffer_async_write According to a syzbot report, end_buffer_async_write(), which handles the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-25030 MEDIUM This Month

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially sensitive information in log files that could be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Microsoft Db2
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-28836 MEDIUM This Month

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mbed Tls
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.3%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy