VIR Vulnerability Intelligence Relay

CVEs from 2024

7,195 normalized CVEs published or assigned in this year.

Total
7,195
critical
critical 114
high
high 1,020
medium
medium 2,013
low
low 42
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%

Top vendors

Top products

  • surveillance_station 12
  • checkmk 10
  • profilegrid 8
  • office 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-36919 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload The session resources are used by FW and driver when ses… rockylinuxsusedebianalmalinux
CVE-2024-42246 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket When using a BPF program on kernel_connect(), the c… redhatrockylinuxsusedebian+1
CVE-2024-26947 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Since commit a4d5613c4dc6 ("arm: extend pfn_valid to … redhatsusedebianalmalinux
CVE-2024-36953 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU tha… rockylinuxsusedebianalmalinux
CVE-2024-26931 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back to SCSI layer. BUG: unable to h… redhatsusedebianalmalinux
CVE-2024-36016 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mo… redhatrockylinuxsusedebian+1
CVE-2024-26739 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirr… redhatsusedebianalmalinux
CVE-2024-26991 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes Fix KVM_SET_MEMORY_ATTRIBUTES to not overflow lpage_info ar… redhatsusedebianalmalinux
CVE-2024-41064 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: avoid possible crash when edev->pdev changes If a PCI device is removed during eeh_pe_report_edev(), edev->pdev will… rockylinuxsusedebianalmalinux
CVE-2024-26929 high 8.0 2y ago Important: kernel security update redhatsusealmalinux
CVE-2024-38570 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is released and there ares still locks in that lockspace… redhatrockylinuxsusedebian+1
CVE-2024-41071 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusealmalinux
CVE-2024-26595 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an erro… rockylinuxsusedebianalmalinux
CVE-2024-26769 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try … rockylinuxsusedebianalmalinux
CVE-2024-38601 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into th… redhatsusedebianalmalinux
CVE-2024-41023 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix task_struct reference leak During the execution of the following stress test with linux-rt: stress-ng --cycl… rockylinuxsusedebianalmalinux
CVE-2024-42225 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data redhatrockylinuxsusedebian+1
CVE-2024-41097 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacru_bind() Syzbot is still reporting quite an old issue [1] that occurs due to inco… rockylinuxsusedebianalmalinux
CVE-2024-41035 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore (see the… rockylinuxsusedebianalmalinux
CVE-2024-27022 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING [1]. And the root cause is below race: … redhatsusedebianalmalinux
CVE-2024-26665 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the fol… rockylinuxsusedebianalmalinux
CVE-2024-38562 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array indexing Before request->channels[] can be used, request->n_cha… redhatsusedebianalmalinux
CVE-2024-39506 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet In lio_vf_rep_copy_packet() pg_info->page is compared to … rockylinuxsusedebianalmalinux
CVE-2024-26930 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan reported potential risk of double free of the pointer ha->… redhatsusedebianalmalinux
CVE-2024-38573 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: cppc_cpufreq: Fix possible null pointer dereference cppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() can be called from d… redhatrockylinuxsusedebian+1
CVE-2024-34155 high 8.0 2y ago Important: podman security update redhatrockylinuxdebiansuse+2
CVE-2024-34158 high 8.0 2y ago Important: osbuild and osbuild-composer security update redhatrockylinuxdebiansuse+2
CVE-2024-8394 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebian
CVE-2024-7652 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-8381 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-8386 high 8.0 2y ago Important: firefox security update almalinuxredhatrockylinuxdebian+1
CVE-2024-8385 high 8.0 2y ago Important: firefox security update redhatalmalinuxrockylinuxdebian+1
CVE-2024-8382 high 8.0 2y ago Important: thunderbird security update redhatalmalinuxrockylinuxdebian+1
CVE-2024-8383 high 8.0 2y ago Important: firefox security update almalinuxredhatrockylinuxdebian+1
CVE-2024-8387 high 8.0 2y ago Important: firefox security update redhatalmalinuxrockylinuxdebian+1
CVE-2024-8384 high 8.0 2y ago Important: firefox security update redhatalmalinuxrockylinuxdebian+1
CVE-2024-42472 high 8.0 2y ago Important: bubblewrap and flatpak security update redhatrockylinuxdebiansuse
CVE-2024-37298 high 8.0 2y ago Important: podman security update redhatrockylinuxdebianalmalinux+1
CVE-2024-6104 high 8.0 2y ago Important: podman security update almalinuxredhatrockylinuxdebian+2
CVE-2024-40983 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tipc: force a dst refcount before doing decryption As it says in commit 3bc07321ccc2 ("xfrm: Force a dst refcount before entering… redhatrockylinuxsusedebian+1
CVE-2024-41041 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). syzkaller triggered the warning [0] in udp_v4_early_demux(). In udp_v[46]_… redhatrockylinuxsusedebian+1
CVE-2024-27415 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skb… redhatsusedebianalmalinux
CVE-2024-42110 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() The following is emitted when using idxd (DSA)… redhatsusedebianalmalinux
CVE-2024-40939 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail In case of region creation fail in ipc_devlink_create… redhatsusedebianalmalinux
CVE-2024-26581 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that … redhatsusedebianalmalinux
CVE-2024-40957 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors input_action_end_dx4() and input_action_end_d… redhatsusedebianalmalinux
CVE-2024-38538 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value[1] error in bridge device's x… redhatrockylinuxsusedebian+1
CVE-2024-39476 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING Xiao reported that lvm2 test lvconvert-raid-ta… redhatrockylinuxsusedebian+1
CVE-2024-40914 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: don't unpoison huge_zero_folio When I did memory failure tests recently, below panic occurs: kernel BUG at incl… redhatsusedebianalmalinux
CVE-2024-38608 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix netif state handling mlx5e_suspend cleans resources only if netif_device_present() returns true. However, mlx5e_re… redhatrockylinuxsusedebian+1
CVE-2024-7348 high 8.0 2y ago Important: postgresql:15 security update redhatrockylinuxsusedebian+1
CVE-2024-4317 high 8.0 2y ago Important: postgresql:15 security update redhatrockylinuxsusedebian+1
CVE-2024-35839 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nf_bridge_info An skb can be added to a neigh->arp_queue while waiting for … redhatrockylinuxsusedebian+1
CVE-2024-41091 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tu… redhatrockylinuxsusedebian+1
CVE-2024-40929 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions of cfg80211, the ssids poinet might be a valid one … redhatrockylinuxsusedebian+1
CVE-2024-36025 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() The app_reply->elem[] array is allocated earlier in this function and it… redhatrockylinuxsusedebian+1
CVE-2024-40911 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Lock wiphy in cfg80211_get_station Wiphy should be locked before calling rdev_get_station() (see lockdep assert i… redhatrockylinuxsusedebian+1
CVE-2024-27019 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get… redhatrockylinuxsusedebian+1
CVE-2024-38544 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt In rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the resp_pkt… redhatsusedebianalmalinux
CVE-2024-38540 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq Undefined behavior is triggered when bnxt_qplib_alloc_init_h… redhatrockylinuxsusedebian+1
CVE-2024-42152 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmet_sq_destroy we capture sq->ctrl early and if it is… redhatrockylinuxsusedebian+1
CVE-2024-41090 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the ta… redhatrockylinuxsusedebian+1
CVE-2024-27016 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure there is sufficient room to access the protocol field of the PPPoe header. Val… redhatsusedebianalmalinux
CVE-2024-41076 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4_set_security_label We leak nfs_fattr and nfs4_label every time we set a security xattr. redhatrockylinuxsusedebian+1
CVE-2024-36003 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ice: fix LAG and VF lock dependency in ice_reset_vf() 9f74a3dfcf83 ("ice: Fix VF Reset paths when interface in a failed over aggr… redhatsusedebianalmalinux
CVE-2024-26668 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps a… redhatsusedebianalmalinux
CVE-2024-26908 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusealmalinux
CVE-2024-34750 high 8.0 2y ago Apache Tomcat - Denial of Service redhatrockylinuxsusedebian+1
CVE-2024-38286 high 8.0 2y ago Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability redhatsusedebianjava
CVE-2024-6221 high 8.0 2y ago A vulnerability in corydolphin/flask-cors up to version 4.0.1 allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default, without any configuration option. This behavi… debianpython
CVE-2024-7527 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebiansuse
CVE-2024-36941 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here. redhatrockylinuxsusedebian+1
CVE-2024-7525 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebiansuse
CVE-2024-40928 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() Clang static checker (scan-build) warning: net/ethtool/i… redhatsuserockylinuxdebian+1
CVE-2024-26868 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4_ff_layout_prepare_ds() fails We've been seeing the following panic in production BUG: kernel NULL point… redhatsuserockylinuxdebian+1
CVE-2024-6345 high 8.0 2y ago Important: python3.12-setuptools security update redhatrockylinuxsusedebian+2
CVE-2024-7526 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebiansuse
CVE-2024-27417 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() It seems that if userspace provides a correct IFA_TARGET_NETNSID val… redhatsuserockylinuxdebian+1
CVE-2024-39487 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() In function bond_option_arp_ip_targets_set(), if newval->stri… redhatrockylinuxsusedebian+1
CVE-2024-37353 high 8.0 2y ago Important: kernel security update redhatsuserockylinuxalmalinux
CVE-2024-7528 high 8.0 2y ago Important: firefox security update redhatrockylinuxdebiansuse
CVE-2024-27434 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK The firmware doesn't need the MFP flag for the GTK, it can even make the f… redhatrockylinuxsusedebian+1
CVE-2024-36921 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that wo… redhatrockylinuxsusedebian+1
CVE-2024-36017 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to b… redhatrockylinuxsusedebian+1
CVE-2024-38391 high 8.0 2y ago Important: kernel security update redhatsuserockylinuxalmalinux
CVE-2024-1975 high 8.0 2y ago Important: bind and bind-dyndb-ldap security update redhatdebianrockylinuxsuse+1
CVE-2024-36922 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq->read_ptr under lock If we read txq->read_ptr without lock, we can read the same value twice, then obtain… redhatrockylinuxsusedebian+1
CVE-2024-40954 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching … redhatrockylinuxsusedebian+1
CVE-2024-35911 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ice: fix memory corruption bug with suspend and rebuild The ice driver would previously panic after suspend. This is caused from … redhatsuserockylinuxdebian+1
CVE-2024-1737 high 8.0 2y ago Important: bind and bind-dyndb-ldap security update redhatdebianrockylinuxsuse+1
CVE-2024-21823 high 8.0 2y ago Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalati… redhatrockylinuxsusedebian+1
CVE-2024-26853 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: igc: avoid returning frame twice in XDP_REDIRECT When a frame can not be transmitted in XDP_REDIRECT (e.g. due to a full queue), … redhatrockylinuxsusedebian+1
CVE-2024-7520 high 8.0 2y ago Important: thunderbird security update redhatrockylinuxdebiansuse
CVE-2024-35937 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't f… redhatrockylinuxsusedebian+1
CVE-2024-26808 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in … redhatsuserockylinuxdebian+1
CVE-2024-27049 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to … redhatsuserockylinuxdebian+1
CVE-2024-26600 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not imp… redhatrockylinuxsusedebian+1
CVE-2024-4076 high 8.0 2y ago Important: bind and bind-dyndb-ldap security update redhatdebianrockylinuxsuse+1
CVE-2024-38575 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc() in brcmf_pcie_download_fw_nvram() will return null if the p… redhatrockylinuxsusedebian+1
CVE-2024-26828 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the siz… redhatsuserockylinuxdebian+1