VIR Vulnerability Intelligence Relay

CVEs from 2024

7,377 normalized CVEs published or assigned in this year.

Total
7,377
critical
critical 114
high
high 1,043
medium
medium 1,991
low
low 40
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • checkmk 10
  • office 8
  • profilegrid 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5
  • propertyhive 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-42084 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ftruncate: pass a signed offset The old ftruncate() syscall, using the 32-bit off_t misses a sign extension when called in compat… redhatrockylinuxsusedebian+1
CVE-2024-27042 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusealmalinux
CVE-2024-41012 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntl_setlk() races with close(), it removes the created l… redhatrockylinuxsusedebian+1
CVE-2024-41060 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check bo_va->bo is non-NULL before using it The call to radeon_vm_clear_freed might clear bo_va->bo, so we have to ch… redhatrockylinuxsusedebian+1
CVE-2024-26614 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the following is… redhatrockylinuxsusedebian+1
CVE-2024-26656 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver… redhatrockylinuxsusedebian+1
CVE-2024-35924 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 … redhatrockylinuxsusedebian+1
CVE-2024-26846 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'le… redhatrockylinuxsusedebian+1
CVE-2024-40988 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix UBSAN warning in kv_dpm.c Adds bounds check for sumo_vid_mapping_entry. redhatrockylinuxsusedebian+1
CVE-2024-26772 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Places the logic for checking if the group's block b… redhatrockylinuxsusedebian+1
CVE-2024-40989 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing down a redistributor region, make sure we don't… redhatrockylinuxsusedebian+1
CVE-2024-26717 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid-of: fix NULL-deref on failed power up A while back the I2C HID implementation was split in an ACPI and OF part, but … redhatrockylinuxsusedebian+1
CVE-2024-26837 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events t… redhatrockylinuxsusedebian+1
CVE-2024-26843 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size md_size will have been narrowed if we have >= 4GB worth of page… redhatrockylinuxsusedebian+1
CVE-2024-26638 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg->msg_get_inq value can be uninitialized [1] struct msg… redhatrockylinuxsusedebian+1
CVE-2024-40901 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory There is a potential out-of-bounds access when using test_b… redhatrockylinuxsusedebian+1
CVE-2024-36917 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blk_ioctl_discard() There is no check for overflow of 'start + len' in blk_ioctl_discard(). Hung task occu… redhatrockylinuxsusedebian+1
CVE-2024-26733 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issu… redhatrockylinuxsusedebian+1
CVE-2024-42226 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusealmalinux
CVE-2024-41039 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw he… redhatrockylinuxsusedebian+1
CVE-2024-42240 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in #DB handler due to BHI mitigation When BHI mitigation is enabled, if SYSENTER is invoked with the TF fl… redhatrockylinuxsusedebian+1
CVE-2024-26704 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves a… redhatrockylinuxsusedebian+1
CVE-2024-41065 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc… redhatrockylinuxsusedebian+1
CVE-2024-26740 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the back… redhatrockylinuxsusedebian+1
CVE-2024-41007 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero… redhatrockylinuxsusedebian+1
CVE-2024-26759 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same … redhatrockylinuxsusedebian+1
CVE-2024-35876 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusealmalinux
CVE-2024-26675 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ppp_async: limit MRU to 64K syzbot triggered a warning [1] in __alloc_pages(): WARN_ON_ONCE_GFP(order > MAX_PAGE_ORDER, gfp) Wi… redhatrockylinuxsusedebian+1
CVE-2024-26669 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver… redhatrockylinuxsusedebian+1
CVE-2024-26645 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-p… redhatrockylinuxsusedebian+1
CVE-2024-42237 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Validate payload length before processing block Move the payload length check in cs_dsp_load() and cs_dsp_coeff… redhatrockylinuxsusedebian+1
CVE-2024-42238 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Return error if block header overflows file Return an error from cs_dsp_power_up() if a block header is longer … redhatrockylinuxsusedebian+1
CVE-2024-42228 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Initialize the size before calling amdgpu_vce_cs_rel… redhatrockylinuxsusedebian+1
CVE-2024-42154 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long,… redhatrockylinuxsusedebian+1
CVE-2024-42124 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedf_execute_tmf() non-preemptible Stop calling smp_processor_id() from preemptible code in qedf_execute_tmf90. … redhatrockylinuxsusedebian+1
CVE-2024-27410 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't ye… redhatrockylinuxsusedebian+1
CVE-2024-36933 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). syzbot triggered various splats (see [0] and … redhatrockylinuxsusedebian+1
CVE-2024-35959 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix mlx5e_priv_init() cleanup flow When mlx5e_priv_init() fails, the cleanup flow calls mlx5e_selq_cleanup which calls… redhatrockylinuxsusedebian+1
CVE-2024-35835 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfs_create_groups When `in` allocated by kvzalloc fails, arfs_create_groups will free ft->g and … redhatrockylinuxsusedebian+1
CVE-2024-35824 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume When not configured for wakeup lis3lv02d_i2c_su… redhatrockylinuxsusedebian+1
CVE-2024-35838 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential sta-link leak When a station is allocated, links are added but not set to valid yet (e.g. during co… redhatrockylinuxsusedebian+1
CVE-2024-36901 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a chance that ip6_dst_idev() returns NULL in ip6_out… redhatrockylinuxsusedebian+1
CVE-2024-35814 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling Commit bbb73a103fbb ("swiotlb: fix a braino in the align… redhatrockylinuxsusedebian+1
CVE-2024-35809 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the .runtime_idle() callback and the .remove(… redhatrockylinuxsusedebian+1
CVE-2024-35801 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD Commit 672365477ae8 ("x86/fpu: Update XFD state where required") and commit 8bf… redhatrockylinuxsusedebian+1
CVE-2024-36920 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING When the "storcli2 show" command is executed for eHBA-9600, mpi3mr driver… redhatrockylinuxsusedebian+1
CVE-2024-31076 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline The absence of IRQD_MOVE_PCNTXT prevents immediate effectiv… redhatrockylinuxsusedebian+1
CVE-2024-35853 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This… redhatrockylinuxsusedebian+1
CVE-2024-35847 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The error handling path in its_vpe_irq_domain_alloc() causes a double free when … redhatrockylinuxsusedebian+1
CVE-2024-27011 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak in map from abort path The delete set command does not rely on the transaction object for eleme… redhatrockylinuxsusedebian+1
CVE-2024-38627 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stm_register_device() The put_device(&stm->dev) call will trigger stm_device_release() which free… redhatrockylinuxsusedebian+1
CVE-2024-27010 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirr… redhatrockylinuxsusedebian+1
CVE-2024-35854 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to a… redhatrockylinuxsusedebian+1
CVE-2024-36010 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: igb: Fix string truncation warnings in igb_set_fw_version Commit 1978d3ead82c ("intel: fix string truncation warnings") fixes '-W… redhatrockylinuxsusedebian+1
CVE-2024-39276 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() Syzbot reports a warning as follows: =================… redhatrockylinuxsusedebian+1
CVE-2024-26940 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed The driver creates /sys/kernel/debug/dri/0/mob_ttm even when… redhatrockylinuxsusedebian+1
CVE-2024-26939 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free … redhatrockylinuxsusedebian+1
CVE-2024-35855 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update The rule activity update delayed work periodically t… redhatrockylinuxsusedebian+1
CVE-2024-40997 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc() in amd_pstate_epp_cpu_init() is not freed … redhatrockylinuxsusedebian+1
CVE-2024-26921 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and other functions can pass skb->sk as function argument… redhatrockylinuxsusedebian+1
CVE-2024-35912 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: rfi: fix potential response leaks If the rx payload length check fails, or if kmemdup() fails, we still need … redhatrockylinuxsusedebian+1
CVE-2024-35938 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buf_len field of ath11k_mhi_config_qca6390 is assigned with 0, … redhatrockylinuxsusedebian+1
CVE-2024-35946 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using… redhatrockylinuxsusedebian+1
CVE-2024-35947 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUG_ON in >control parser Fix a BUG_ON from 2009. Even if it looks "unreachable" (I didn't really look), lets ma… redhatrockylinuxsusedebian+1
CVE-2024-36945 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/smc: fix neighbour and rtable leak in smc_ib_find_route() In smc_ib_find_route(), the neighbour found by neigh_lookup() and r… redhatrockylinuxsusedebian+1
CVE-2024-9407 high 8.0 2y ago Important: buildah security update redhatrockylinuxdebiansuse+1
CVE-2024-9676 high 8.0 2y ago Important: buildah security update almalinuxredhatrockylinuxdebian+1
CVE-2024-10461 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebiansuse
CVE-2024-10459 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebiansuse
CVE-2024-10463 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-10462 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebiansuse
CVE-2024-10464 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebiansuse
CVE-2024-10460 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebiansuse
CVE-2024-10467 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebiansuse
CVE-2024-10465 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebiansuse
CVE-2024-40931 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_una is properly initialized on connect This is strictly related to commit fb7a0d334894 ("mptcp: ensure snd_nxt … redhatrockylinuxsusedebian+1
CVE-2024-40998 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() In the following concurrency we will access the unini… redhatrockylinuxsusedebian+1
CVE-2024-26826 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow When the MPTCP PM detects that a subflow is stale, all the packet scheduler must … redhatrockylinuxsusedebian+1
CVE-2024-26640 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owne… redhatrockylinuxsusedebian+1
CVE-2024-41013 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: xfs: don't walk off the end of a directory data block This adds sanity checks for xfs_dir2_data_unused and xfs_dir2_data_entry to… redhatrockylinuxsusedebian+1
CVE-2024-2201 high 8.0 2y ago A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems. redhatrockylinuxsusedebian+1
CVE-2024-40977 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery During chip recovery (e.g. chip reset), there is a possible si… redhatrockylinuxsusedebian+1
CVE-2024-40972 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: do not create EA inode under buffer lock ext4_xattr_set_entry() creates new EA inodes while holding buffer lock on the exte… redhatrockylinuxsusedebian+1
CVE-2024-47875 high 8.0 2y ago Important: grafana security update redhatdebianrockylinuxsuse+1
CVE-2024-39472 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy h_size fixup Commit a70f9fe52daa ("xfs: detect and handle invalid iclog si… redhatrockylinuxsusedebian+1
CVE-2024-41014 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlog_recover_process_data There is a lack of verification of the space occupied by fixed members of x… redhatrockylinuxsusedebian+1
CVE-2024-40904 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that the interrupt-URB completion ca… redhatrockylinuxsusedebian+1
CVE-2024-9675 high 8.0 2y ago Important: buildah security update redhatrockylinuxdebiansuse+1
CVE-2024-49761 high 8.0 2y ago Important: ruby:3.1 security update redhatrockylinuxsusedebian+1
CVE-2024-27851 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-23284 high 8.0 2y ago A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, wat… redhatsusedebian
CVE-2024-40782 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-40789 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-27856 high 8.0 2y ago The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Pro… redhatsusedebian
CVE-2024-23254 high 8.0 2y ago The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfi… redhatsusedebian
CVE-2024-27838 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-44185 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-23263 high 8.0 2y ago A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 1… redhatsusedebian
CVE-2024-27820 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2024-35989 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms During the removal of the idxd driver, registered offline callback… redhatrockylinuxsusedebian+1