VIR Vulnerability Intelligence Relay

CVEs from 2024

7,195 normalized CVEs published or assigned in this year.

Total
7,195
critical
critical 114
high
high 1,020
medium
medium 2,013
low
low 42
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%

Top vendors

Top products

  • checkmk 10
  • office 8
  • profilegrid 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5
  • propertyhive 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-50018 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-49994 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 bloc… redhatsusedebian
CVE-2024-47703 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to file_alloc_security hook makes ke… redhatsusedebian
CVE-2024-42312 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize i_uid/i_gid Always initialize i_uid/i_gid inside the sysfs core so set_ownership() can safely skip sett… redhatsusedebianlinux
CVE-2024-42304 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline,… redhatsusedebianlinux
CVE-2024-49886 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bo… redhatsusedebian
CVE-2024-49856 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all ot… redhatsusedebian
CVE-2024-49991 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer,… redhatsusedebian
CVE-2024-49999 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: afs: Fix the setting of the server responding flag In afs_wait_for_operation(), we set transcribe the call responded flag to the … redhatsusedebian
CVE-2024-42316 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/mglru: fix div-by-zero in vmpressure_calc_level() evict_folios() uses a second pass to reclaim folios that have gone through p… redhatsusedebian
CVE-2024-50186 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf->create fails We have recently noticed the exact same KASAN splat as in commit 6cd4… redhatsusedebian
CVE-2024-43884 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device() hci_conn_params_add() never checks for a NULL value and could lead to a NULL… redhatsusedebian
CVE-2024-47834 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-47678 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applie… redhatsusedebian
CVE-2024-31157 medium 5.5 1y ago Moderate: microcode_ctl security update rockylinuxredhatdebian
CVE-2024-49929 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference iwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() verify that the mvmvsta pointer is … redhatsusedebian
CVE-2024-50189 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() Using the device-managed version allows to simplify clean-up in prob… redhatsusedebian
CVE-2024-50109 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10_size() In raid10_run() if raid10_set_queue_limits() succeed, the return value is se… redhatsusedebian
CVE-2024-50191 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SB_RDONL… redhatsusedebian
CVE-2024-49977 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix zero-division error when disabling tc cbs The commit b8c43360f6e4 ("net: stmmac: No need to calculate speed divi… redhatsusedebianlinux
CVE-2024-47545 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-50009 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference chec… redhatsusedebian
CVE-2024-47778 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-42305 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dx_root before making dir indexed Syzbot reports a issue as follows: ==============================… redhatsusedebianlinux
CVE-2024-46761 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv The hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel c… redhatsusedebian
CVE-2024-46807 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL redhatsusedebian
CVE-2024-49927 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runti… redhatsusedebian
CVE-2024-46750 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock() One of the true positives that the cfg_access_lock lockdep effort identified is th… redhatsusedebianlinux
CVE-2024-49973 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: r8169: add tally counter fields added with RTL8125 RTL8125 added fields to the tally counter, what may result in the chip dma'ing… redhatsusedebianlinux
CVE-2024-49975 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "[uprobes]" vma xol_add_vma() maps the uninitialized page allocated by __create_xol_area() into… redhatsusedebian
CVE-2024-49983 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free When calling ext4_force_split_extent_at() in ext4_ext_repl… redhatsusedebian
CVE-2024-44931 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outsid… redhatsusedebian
CVE-2024-50074 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf() calls blind… redhatsusedebian
CVE-2024-43914 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape… redhatsusedebian
CVE-2024-44934 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free[1] which is caused because the bri… redhatsusedebian
CVE-2024-50107 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounm… redhatsusedebian
CVE-2024-41062 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, wher… redhatsusedebian
CVE-2024-42291 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ice: Add a per-VF limit on number of FDIR filters While the iavf driver adds a s/w limit (128) on the number of FDIR filters that… redhatsusedebian
CVE-2024-47777 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-43889 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padat… redhatrockylinuxsusedebian+2
CVE-2024-49861 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map (like in case of .r… redhatsusedebian
CVE-2024-43823 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() If IORESOURCE_MEM is not provided … redhatsusedebian
CVE-2024-49939 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to add interface to list twice when SER If SER L2 occurs during the WoWLAN resume flow, the add interface flow… redhatsusedebian
CVE-2024-47687 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr resources which n… redhatsusedebian
CVE-2024-42133 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Ignore too large handle values in BIG hci_le_big_sync_established_evt is necessary to filter out cases where the handl… redhatsusedebian
CVE-2024-49937 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it return a "WARNING: CPU: … redhatsusedebian
CVE-2024-56642 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). syzkaller reported a use-after-free of UDP kernel socket in cleanu… redhatsusedebian
CVE-2024-47543 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-44932 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes (very rarely, but possible) throwing WARNs f… redhatsusedebian
CVE-2024-56654 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating The usage of rcu_read_(un)lock while inside list_for_each_entry… redhatsusedebian
CVE-2024-50130 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read… redhatsusedebian
CVE-2024-53085 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according… redhatsusedebian
CVE-2024-49946 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in ppp_channel_bridge_input() Networking receive path is usually handled from BH handler. However, … redhatsusedebian
CVE-2024-47775 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-49974 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operation… redhatsusedebian
CVE-2024-46711 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'local_addr_used' and 'add_addr_accepted' are decremented for addresse… redhatsusedebian
CVE-2024-50093 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to en… redhatsusedebian
CVE-2024-10224 medium 5.5 1y ago Moderate: perl-Module-ScanDeps security update redhatdebianrockylinux
CVE-2024-44975 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: fix panic caused by partcmd_update We find a bug as below: BUG: unable to handle page fault for address: 00000003 … redhatsusedebian
CVE-2024-28047 medium 5.5 1y ago Moderate: microcode_ctl security update rockylinuxredhatdebian
CVE-2024-52949 medium 5.5 1y ago Moderate: iptraf-ng security update redhatdebianrockylinux
CVE-2024-50256 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() I got a syzbot report without a repro [1] crashing in nf_send_… redhatrockylinuxsusedebian+1
CVE-2024-43898 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-49885 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm, slub: avoid zeroing kmalloc redzone Since commit 946fa0dbf2d8 ("mm/slub: extend redzone check to extra allocated kmalloc spac… redhatsusedebian
CVE-2024-47713 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() Since '__dev_queue_xmit()' should be called with interrupts … redhatsusedebianlinux
CVE-2024-49954 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: static_call: Replace pointless WARN_ON() in static_call_module_notify() static_call_module_notify() triggers a WARN_ON(), when me… redhatsusedebian
CVE-2024-47739 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seq_nr overflow When submitting more than 2^32 padata objects to padata_do… redhatsusedebian
CVE-2024-50046 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() On the node of an NFS client, some files saved in the mountpoi… redhatsusedebianlinux
CVE-2024-49928 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid reading out of bounds when loading TX power FW elements Because the loop-expression will do one more time befo… redhatsusedebian
CVE-2024-49938 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit Syzbot points out that skb_trim() has a sanity check on… redhatsusedebianlinux
CVE-2024-39500 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sock_map: avoid race between sock_map_close and sk_psock_put sk_psock_get will return NULL if the refcount of psock has gone to 0… redhatsusedebian
CVE-2024-40956 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through t… redhatsusedebian
CVE-2024-47774 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-49948 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdisc_pkt_len_init() One path takes care of SKB_GSO_DODGY, assuming skb->len is bigger than hdr_le… redhatsusedebianlinux
CVE-2024-47544 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-58099 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service lo… redhatsusedebian
CVE-2024-53208 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync This fixes the following crash: ==============================… redhatsusedebian
CVE-2024-58064 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap() kunit_kzalloc() may return NULL, dere… redhatsusedebian
CVE-2024-53105 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page b… redhatsusedebian
CVE-2024-50199 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can… redhatsusedebian
CVE-2024-50272 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper… redhatsusedebian
CVE-2024-27008 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out … redhatsusedebian
CVE-2024-50143 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uni… redhatsusedebian
CVE-2024-46787 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmd_trans_huge() check", v2. The pmd_trans_hug… redhatsusedebian
CVE-2024-47603 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-49933 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: blk_iocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in the ioc_forgive_debts() functio… redhatsusedebian
CVE-2024-50081 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: blk-mq: setup queue ->tag_set before initializing hctx Commit 7b815817aa58 ("blk-mq: add helper for checking if one CPU is mapped… redhatsusedebian
CVE-2024-44952 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-50128 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global o… redhatsusedebian
CVE-2024-46745 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up … redhatsusedebianlinux
CVE-2024-27398 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is … redhatsusedebian
CVE-2024-42278 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdev_load_calibrated_data() This function has a reversed if statement so it's either a no-op or it leads to … redhatsusedebian
CVE-2024-50047 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in th… redhatsusedebian
CVE-2024-47738 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask f… redhatsusedebian
CVE-2024-47715 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915_band_config() sets band_idx = 1 on the main phy for mt7986 with MT7975_ONE… redhatsusedebian
CVE-2024-50024 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that f… redhatsusedebian
CVE-2024-49959 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error In __jbd2_log_wait_for_space(), we might call jbd2_cl… redhatsusedebian
CVE-2024-58005 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc() in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: [ 10.693310][ T1] tpm_… redhatsusedebianlinux+1
CVE-2024-47706 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3… redhatsusedebianlinux
CVE-2024-42253 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race Ensure that `i2c_lock' is held when setting interrupt latch and mask in pca95… redhatsusedebian