VYPR

Vendor CVEs

Linux

All CVEs

15,998 total · sorted by risk
  • CVE-2024-40964MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind() The cs35l41_hda_unbind() function clears the hda_component entry matching it's index and then dereferences the codec pointer held…

  • CVE-2024-40963MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358: make sure CBR is correctly set It was discovered that some device have CBR address set to 0 causing kernel panic when arch_sync_dma_for_cpu_all is called. This was notice in situation…

  • CVE-2024-40962MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: allocate dummy checksums for zoned NODATASUM writes Shin'ichiro reported that when he's running fstests' test-case btrfs/167 on emulated zoned devices, he's seeing the following NULL pointer…

  • CVE-2024-40961MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL deref in fib6_nh_init() syzbot reminds us that in6_dev_get() can return NULL. fib6_nh_init() ip6_validate_gw( &idev ) ip6_route_check_nh( idev ) *idev =…

  • CVE-2024-40960MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL dereference in rt6_probe() syzbot caught a NULL dereference in rt6_probe() [1] Bail out if __in6_dev_get() returns NULL. [1] Oops: general protection fault, probably for…

  • CVE-2024-40959MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() ip6_dst_idev() can return NULL, xfrm6_get_saddr() must act accordingly. syzbot reported: Oops: general protection fault, probably for…

  • CVE-2024-40957MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors input_action_end_dx4() and input_action_end_dx6() are called NF_HOOK() for PREROUTING hook, in PREROUTING hook, we should…

  • CVE-2024-40955MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-out-of-bounds in ext4_mb_find_good_group_avg_frag_lists() We can trigger a slab-out-of-bounds with the following commands: mkfs.ext4 -F /dev/$disk 10G mount /dev/$disk /tmp/test …

  • CVE-2024-40952MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in ocfs2_journal_dirty() bdev->bd_super has been removed and commit 8887b94d9322 change the usage from bdev->bd_super to b_assoc_map->host->i_sb. This introduces the…

  • CVE-2024-40951MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in ocfs2_abort_trigger() bdev->bd_super has been removed and commit 8887b94d9322 change the usage from bdev->bd_super to b_assoc_map->host->i_sb. Since ocfs2 hasn't set…

  • CVE-2024-40950MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: fix misused mapping_large_folio_support() for anon folios When I did a large folios split test, a WARNING "[ 5059.122759][ T166] Cannot split file folio to non-0 order" was triggered. But the…

  • CVE-2024-40949MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mm: shmem: fix getting incorrect lruvec when replacing a shmem folio When testing shmem swapin, I encountered the warning below on my machine. The reason is that replacing an old shmem folio with a new one…

  • CVE-2024-40948MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mm/page_table_check: fix crash on ZONE_DEVICE Not all pages may apply to pgtable check. One example is ZONE_DEVICE pages: they map PFNs directly, and they don't allocate page_ext at all even if there's struct…

  • CVE-2024-40947MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ima: Avoid blocking in RCU read-side critical section A panic happens in ima_match_policy: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 PGD 42f873067 P4D 0 Oops: 0000 [#1] SMP…

  • CVE-2024-40945MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommu_sva_bind_device() iommu_sva_bind_device() should return either a sva bond handle or an ERR_PTR value in error cases. Existing drivers (idxd and uacce) only check the return…

  • CVE-2024-40944MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to cc_platform_has() triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by load_segments() and GS_BASE…

  • CVE-2024-40942MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects The hwmp code use objects of type mesh_preq_queue, added to a list in ieee80211_if_mesh, to keep track of mpath we need to resolve. If the mpath gets…

  • CVE-2024-40941MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't read past the mfuart notifcation In case the firmware sends a notification that claims it has more data than it has, we will read past that was allocated for the notification. Remove…

  • CVE-2024-40938MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: landlock: Fix d_parent walk The WARN_ON_ONCE() in collect_domain_accesses() can be triggered when trying to link a root mount point. This cannot work in practice because this directory is mounted, but the VFS…

  • CVE-2024-40937MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). This can result in a subsequent call to…

  • CVE-2024-40936MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix memregion leaks in devm_cxl_add_region() Move the mode verification to __create_region() before allocating the memregion to avoid the memregion leaks.

  • CVE-2024-40934MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Fix a memory leak on logi_dj_recv_send_report() error path.

  • CVE-2024-40933MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: temperature: mlx90635: Fix ERR_PTR dereference in mlx90635_probe() When devm_regmap_init_i2c() fails, regmap_ee could be error pointer, instead of checking for IS_ERR(regmap_ee), regmap is checked which…

  • CVE-2024-40932MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/exynos/vidi: fix memory leak in .get_modes() The duplicated EDID is never freed. Fix it.

  • CVE-2024-40931MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_una is properly initialized on connect This is strictly related to commit fb7a0d334894 ("mptcp: ensure snd_nxt is properly initialized on connect"). It turns out that syzkaller can trigger…

  • CVE-2024-40930MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: validate HE operation element parsing Validate that the HE operation element has the correct length before parsing it.

  • CVE-2024-40928MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() Clang static checker (scan-build) warning: net/ethtool/ioctl.c:line 2233, column 2 Called function pointer is null (null dereference). …

  • CVE-2024-40926MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: don't attempt to schedule hpd_work on headless cards If the card doesn't have display hardware, hpd_work and hpd_lock are left uninitialized which causes BUG when attempting to schedule hpd_work…

  • CVE-2024-40925MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: block: fix request.queuelist usage in flush Friedrich Weber reported a kernel crash problem and bisected to commit 81ada09cc25e ("blk-flush: reuse rq queuelist in flush state machine"). The root cause is that…

  • CVE-2024-40924MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm->bound_list. Then it tries to rewrite the…

  • CVE-2024-40923MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3_rq_create() fails to allocate memory for rq->data_ring.base, the subsequent call to vmxnet3_rq_destroy_all_rxdataring does not reset…

  • CVE-2024-40922MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: don't lock while !TASK_RUNNING There is a report of io_rsrc_ref_quiesce() locking a mutex while not TASK_RUNNING, which is due to forgetting restoring the state back after io_run_task_work_sig()…

  • CVE-2024-40921MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state Pass the already obtained vlan group pointer to br_mst_vlan_set_state() instead of dereferencing it again. Each caller has already correctly…

  • CVE-2024-40919MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() In case of token is released due to token->state == BNXT_HWRM_DEFERRED, released token (set to NULL) is used in log…

  • CVE-2024-40917MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: memblock: make memblock_set_node() also warn about use of MAX_NUMNODES On an (old) x86 system with SRAT just covering space above 4Gb: ACPI: SRAT: Node 0 PXM 0 [mem 0x100000000-0xfffffffff] hotplug the…

  • CVE-2024-40916MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector.…

  • CVE-2024-40915MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context __kernel_map_pages() is a debug function which clears the valid bit in page table entry for deallocated pages to detect illegal memory…

  • CVE-2024-40914MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: don't unpoison huge_zero_folio When I did memory failure tests recently, below panic occurs: kernel BUG at include/linux/mm.h:1135! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 9 PID:…

  • CVE-2024-40912MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() The ieee80211_sta_ps_deliver_wakeup() function takes sta->ps_lock to synchronizes with ieee80211_tx_h_unicast_ps_buf() which is called from…

  • CVE-2024-40911MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Lock wiphy in cfg80211_get_station Wiphy should be locked before calling rdev_get_station() (see lockdep assert in ieee80211_get_station()). This fixes the following kernel NULL dereference: …

  • CVE-2024-40910MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in ax25_release(), we call netdev_put() to decrease the refcount on the associated ax.25 device. However, the execution path for…

  • CVE-2024-40908MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bpf: Set run context for rawtp test_run callback syzbot reported crash when rawtp program executed through the test_run interface calls bpf_get_attach_cookie helper or any other helper that touches…

  • CVE-2024-40907MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic in XDP_TX action In the XDP_TX path, ionic driver sends a packet to the TX path with rx page and corresponding dma address. After tx is done, ionic_tx_clean() frees that page. But RX…

  • CVE-2024-40904MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that the interrupt-URB completion callback in the cdc-wdm driver was taking too long, and the driver's immediate…

  • CVE-2024-39509MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARN_ON() in implement() Syzkaller hit a warning [1] in a call to implement() when trying to write a value into a field of smaller size in an output report. Since implement()…

  • CVE-2024-39507MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash problem in concurrent scenario When link status change, the nic driver need to notify the roce driver to handle this event, but at this time, the roce driver may uninit, then cause…

  • CVE-2024-39506MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet In lio_vf_rep_copy_packet() pg_info->page is compared to a NULL value, but then it is unconditionally passed to skb_add_rx_frag() which…

  • CVE-2024-39505MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/komeda: check for error-valued pointer komeda_pipeline_get_state() may return an error-valued pointer, thus check the pointer for negative or null value before dereferencing.

  • CVE-2024-39504MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: validate mandatory meta and payload Check for mandatory netlink attributes in payload and meta expression when used embedded from the inner expression, otherwise NULL pointer dereference…

  • CVE-2024-39498MedJul 12, 2024
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2 [Why] Commit: - commit 5aa1dfcdf0a4 ("drm/mst: Refactor the flow for payload allocation/removement") accidently overwrite the commit - commit…

Page 228 of 320