VIR Vulnerability Intelligence Relay

CVEs from 2024

7,377 normalized CVEs published or assigned in this year.

Total
7,377
critical
critical 114
high
high 1,043
medium
medium 1,991
low
low 40
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • checkmk 10
  • office 8
  • profilegrid 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5
  • propertyhive 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-53091 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx As the introduction of the support for vsock and unix sockets in so… redhatsusedebian
CVE-2024-46805 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix the waring dereferencing hive Check the amdgpu_hive_info *hive that maybe is NULL. redhatsusedebian
CVE-2024-53105 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page b… redhatsusedebian
CVE-2024-50216 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: xfs: fix finding a last resort AG in xfs_filestream_pick_ag When the main loop in xfs_filestream_pick_ag fails to find a suitable… redhatsusedebian
CVE-2024-50130 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read… redhatsusedebian
CVE-2024-50219 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-49967 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-46822 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In a review discussion of the changes to support vCPU hotplug… redhatsusedebian
CVE-2024-47544 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-45009 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only decrement add_addr_accepted for MPJ req Adding the following warning ... WARN_ON_ONCE(msk->pm.add_addr_accepte… redhatsusedebian
CVE-2024-45000 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: fs/netfs/fscache_cookie: add missing "n_accesses" check This fixes a NULL pointer dereference bug due to a data race which looks … redhatsusedebian
CVE-2024-58005 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc() in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: [ 10.693310][ T1] tpm_… redhatsusedebianlinux
CVE-2024-49927 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runti… redhatsusedebian
CVE-2024-39279 medium 5.5 1y ago Moderate: microcode_ctl security update rockylinuxredhatdebian
CVE-2024-28047 medium 5.5 1y ago Moderate: microcode_ctl security update rockylinuxredhatdebian
CVE-2024-4453 medium 5.5 1y ago Moderate: gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server security update redhatrockylinuxdebiansuse
CVE-2024-49904 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add list empty check to avoid null pointer issue Add list empty check to avoid null pointer issues in some corner cas… redhatsusedebian
CVE-2024-53072 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amd_pmc module as: amd_pmc enable_stb=1 ...can result in… redhatsusedebian
CVE-2024-50228 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-43871 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_per… redhatrockylinuxsusedebian+2
CVE-2024-50236 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during mana… redhatsusedebian
CVE-2024-50064 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: zram: free secondary algorithms names We need to kfree() secondary algorithms names when reset zram device that had multi-streams… redhatsusedebian
CVE-2024-50047 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in th… redhatsusedebian
CVE-2024-49938 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit Syzbot points out that skb_trim() has a sanity check on… redhatsusedebianlinux
CVE-2024-50120 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: Handle kstrdup failures for passwords In smb3_reconfigure(), after duplicating ctx->password and ctx->password2 with… redhatsusedebian
CVE-2024-46786 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF The fscache_cookie_lru_timer is initialized when the fsc… redhatsusedebian
CVE-2024-50128 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global o… redhatsusedebian
CVE-2024-53190 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures Syzkaller reported a hung task with uevent_show(… redhatsusedebian
CVE-2024-42278 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdev_load_calibrated_data() This function has a reversed if statement so it's either a no-op or it leads to … redhatsusedebian
CVE-2024-53194 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since … redhatsusedebian
CVE-2024-42133 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Ignore too large handle values in BIG hci_le_big_sync_established_evt is necessary to filter out cases where the handl… redhatsusedebian
CVE-2024-53074 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't leak a link on AP removal Release the link mapping resource in AP removal. This impacted devices that d… redhatsusedebian
CVE-2024-53160 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu KCSAN reports a data race when access the krcp->monitor_work.timer.exp… redhatsusedebian
CVE-2024-42294 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release Our test report the following hung task: [ 2538.459400] INFO: task "kworker/0… redhatsusedebian
CVE-2024-56605 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and at… redhatsusedebian
CVE-2024-57903 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: restrict SO_REUSEPORT to inet sockets After blamed commit, crypto sockets could accidentally be destroyed from RCU call back… redhatsusedebian
CVE-2024-43889 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padat… redhatrockylinuxsusedebian+2
CVE-2024-53173 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at th… redhatsusedebian
CVE-2024-47710 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sock_map: Add a cond_resched() in sock_hash_free() Several syzbot soft lockup reports all have in common sock_hash_free() If a m… redhatsusedebianlinux
CVE-2024-46756 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-43853 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be rep… redhatsusedebian
CVE-2024-50101 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices Previously, the domain_context_clear() function incorrectl… redhatsusedebian
CVE-2024-41062 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, wher… redhatsusedebian
CVE-2024-56779 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_ta… redhatsusedebian
CVE-2024-56663 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one Since the netlink attribute range validation provides inclusive checking, … redhatsusedebian
CVE-2024-42312 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize i_uid/i_gid Always initialize i_uid/i_gid inside the sysfs core so set_ownership() can safely skip sett… redhatsusedebianlinux
CVE-2024-47603 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-43873 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized… redhatsusedebian
CVE-2024-46806 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the warning division or modulo by zero Checks the partition mode and returns an error for an invalid mode. redhatsusedebian
CVE-2024-35933 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintel_read_version If hci_cmd_sync_complete() is triggered and skb is NULL, then hdev… redhatsusedebianlinux
CVE-2024-47703 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to file_alloc_security hook makes ke… redhatsusedebian
CVE-2024-36011 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref Fix potential null-ptr-deref in hci_le_big_sync_established_evt(). redhatsusedebian
CVE-2024-35934 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() Many syzbot reports show extreme rtnl pressure, and many of them … redhatsusedebianlinux
CVE-2024-46954 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebian
CVE-2024-50019 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already… redhatsusedebian
CVE-2024-47705 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blk_add_partition The blk_add_partition() function initially used a single if… redhatsusedebianlinux
CVE-2024-50299 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add siz… redhatsusedebianlinux
CVE-2024-50024 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that f… redhatsusedebian
CVE-2024-53060 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported acpi_evaluate_object() may return AE_NOT_FOUND (failure), w… redhatsusedebian
CVE-2024-49928 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid reading out of bounds when loading TX power FW elements Because the loop-expression will do one more time befo… redhatsusedebian
CVE-2024-49935 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exit_round_robin() The kernel occasionally crashes in cpumask_clear_cpu(), which is called within exit_ro… redhatsusedebian
CVE-2024-50039 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCA_STAB only for root qdisc Most qdiscs maintain their backlog using qdisc_pkt_len(skb) on the assumption it i… redhatsusedebianlinux
CVE-2024-36013 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also m… redhatsusedebian
CVE-2024-56623 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 sign… redhatsusedebian
CVE-2024-49886 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bo… redhatsusedebian
CVE-2024-56604 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the p… redhatsusedebian
CVE-2024-50237 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower Avoid potentially crashing in the driver because of unini… redhatsusedebian
CVE-2024-50199 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can… redhatsusedebian
CVE-2024-50022 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: device-dax: correct pgoff align in dax_set_mapping() pgoff should be aligned using ALIGN_DOWN() instead of ALIGN(). Otherwise, v… redhatsusedebian
CVE-2024-43910 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified… redhatsusedebian
CVE-2024-50093 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to en… redhatsusedebian
CVE-2024-45016 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: net… redhatsusedebianlinux
CVE-2024-45010 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only mark 'subflow' endp as available Adding the following warning ... WARN_ON_ONCE(msk->pm.local_addr_used == 0) … redhatsusedebian
CVE-2024-45022 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 The __vmap_pages_range_noflush() assume… redhatsusedebian
CVE-2024-50057 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ only if it was requested before In polling mode, if no IRQ was requested there is no need to free it. … redhatsusedebian
CVE-2024-49939 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to add interface to list twice when SER If SER L2 occurs during the WoWLAN resume flow, the add interface flow… redhatsusedebian
CVE-2024-53174 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: SUNRPC: make sure cache entry active before cache_show The function `c_show` was called with protection from RCU. This only ensur… redhatsusedebian
CVE-2024-46783 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg() When we cork messages in psock->cork, the last message triggers the flushing will … redhatsusedebianlinux
CVE-2024-46800 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues packet to inner qdisc and that qdisc returns __NET_XMI… redhatsusedebian
CVE-2024-50077 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix multiple init when debugfs is disabled If bt_debugfs is not created successfully, which happens if either CON… redhatsusedebian
CVE-2024-49929 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference iwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() verify that the mvmvsta pointer is … redhatsusedebian
CVE-2024-50304 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL… redhatsusedebian
CVE-2024-53042 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() There are code paths from which the function is called… redhatsusedebianlinux
CVE-2024-53176 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: During unmount, ensure all cached dir instances drop their dentry The unmount process (cifs_kill_sb() calling close_all_cach… redhatsusedebian
CVE-2024-46956 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebiansuse
CVE-2024-57885 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "slee… redhatsusedebian
CVE-2024-56664 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race… redhatsusedebian
CVE-2024-53152 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert() Currently, the endpoint cleanup function dw_pcie_ep_cl… redhatsusedebian
CVE-2024-45776 medium 5.5 1y ago Moderate: grub2 security update redhatdebiansuserockylinux
CVE-2024-56729 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cache… redhatsusedebian
CVE-2024-50201 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix encoder->possible_clones Include the encoder itself in its possible_clones bitmask. In the past nothing validated… redhatsusedebian
CVE-2024-46828 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sched: sch_cake: fix bulk flow accounting logic for host fairness In sch_cake, we keep track of the count of active bulk flows pe… redhatsusedebian
CVE-2024-47602 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-57931 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling … redhatsusedebian
CVE-2024-56562 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() if (dev->boardinfo && dev->boardinfo->init_dyn_addr) … redhatsusedebian
CVE-2024-44932 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes (very rarely, but possible) throwing WARNs f… redhatsusedebian
CVE-2024-50191 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SB_RDONL… redhatsusedebian
CVE-2024-53232 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because du… redhatsusedebian
CVE-2024-43821 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix a possible null pointer dereference In function lpfc_xcvr_data_show, the memory allocation with kmalloc might fai… redhatsusedebian
CVE-2024-47700 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of t… redhatsusedebian