VIR Vulnerability Intelligence Relay

CVEs from 2024

7,195 normalized CVEs published or assigned in this year.

Total
7,195
critical
critical 114
high
high 1,044
medium
medium 1,991
low
low 40
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%

Top vendors

Top products

  • checkmk 10
  • office 8
  • profilegrid 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5
  • propertyhive 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-56570 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing … redhatsusedebian
CVE-2024-53074 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't leak a link on AP removal Release the link mapping resource in AP removal. This impacted devices that d… redhatsusedebian
CVE-2024-56663 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one Since the netlink attribute range validation provides inclusive checking, … redhatsusedebian
CVE-2024-50272 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper… redhatsusedebian
CVE-2024-47703 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to file_alloc_security hook makes ke… redhatsusedebian
CVE-2024-50002 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() t… redhatsusedebian
CVE-2024-57894 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-50081 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: blk-mq: setup queue ->tag_set before initializing hctx Commit 7b815817aa58 ("blk-mq: add helper for checking if one CPU is mapped… redhatsusedebian
CVE-2024-50152 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: … redhatsusedebian
CVE-2024-46956 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebiansuse
CVE-2024-50075 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: xhci: tegra: fix checked USB2 port number If USB virtualizatoin is enabled, USB2 ports are shared between all Virtual Functions. … redhatsusedebian
CVE-2024-45009 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only decrement add_addr_accepted for MPJ req Adding the following warning ... WARN_ON_ONCE(msk->pm.add_addr_accepte… redhatsusedebian
CVE-2024-57903 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: restrict SO_REUSEPORT to inet sockets After blamed commit, crypto sockets could accidentally be destroyed from RCU call back… redhatsusedebian
CVE-2024-47601 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-46787 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmd_trans_huge() check", v2. The pmd_trans_hug… redhatsusedebian
CVE-2024-49939 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to add interface to list twice when SER If SER L2 occurs during the WoWLAN resume flow, the add interface flow… redhatsusedebian
CVE-2024-49983 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free When calling ext4_force_split_extent_at() in ext4_ext_repl… redhatsusedebian
CVE-2024-57884 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() The task sometimes continues looping in … redhatsusedebian
CVE-2024-47737 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL If not enough buffer space available, but idmap_lookup has triggered looku… redhatsusedebianlinux
CVE-2024-46756 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-52005 medium 5.5 1y ago Moderate: git security update redhatdebiansuserockylinux
CVE-2024-50153 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in target_alloc_device() There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: n… redhatsusedebianlinux
CVE-2024-53136 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as s… redhatsusedebian
CVE-2024-53146 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an in… redhatsusedebian
CVE-2024-40956 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through t… redhatsusedebian
CVE-2024-46806 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the warning division or modulo by zero Checks the partition mode and returns an error for an invalid mode. redhatsusedebian
CVE-2024-53156 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-i… redhatsusedebian
CVE-2024-12747 medium 5.5 1y ago Moderate: rsync security update archredhatrockylinuxsuse+1
CVE-2024-49870 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefiles_open_file() A dentry leak may be caused when a lookup cookie and a cull are concurrent:… redhatsusedebian
CVE-2024-50078 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Call iso_exit() on module unload If iso_init() has been called, iso_exit() must be called on module unload. Without th… redhatsusedebian
CVE-2024-53095 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecti… redhatsusedebian
CVE-2024-50163 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Make sure internal and UAPI bpf_redirect flags don't overlap The bpf_redirect_info is shared between the SKB and XDP redirec… redhatsusedebian
CVE-2024-39279 medium 5.5 1y ago Moderate: microcode_ctl security update rockylinuxredhatdebian
CVE-2024-50200 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: maple_tree: correct tree corruption on spanning store Patch series "maple_tree: correct tree corruption on spanning store", v3. … redhatsusedebian
CVE-2024-45776 medium 5.5 1y ago Moderate: grub2 security update redhatdebiansuserockylinux
CVE-2024-50261 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadata_dst, which is used t… redhatsusedebian
CVE-2024-44964 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and crashes while performing a soft reset The second tagged commit introduced a UAF, as it removed restori… redhatsusedebian
CVE-2024-54680 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-47700 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of t… redhatsusedebian
CVE-2024-10224 medium 5.5 1y ago Moderate: perl-Module-ScanDeps security update redhatdebianrockylinux
CVE-2024-57888 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker After commit 746ae46c1113 ("drm/sched: Mar… redhatsusedebian
CVE-2024-57809 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI: imx6: Fix suspend/resume support on i.MX6QDL The suspend/resume functionality is currently broken on the i.MX6QDL platform, … redhatsusedebian
CVE-2024-50282 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Avoid a possible buffer overflow if size is larger than 4K. … redhatsusedebian
CVE-2024-56647 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering ip_rt_bug arp link failure may trigger ip_rt_bug while xfrm enabled, call trace is: WARNI… redhatsusedebianlinux
CVE-2024-50271 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: signal: restore the override_rlimit logic Prior to commit d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts") UCOUNT… redhatsusedebian
CVE-2024-49928 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid reading out of bounds when loading TX power FW elements Because the loop-expression will do one more time befo… redhatsusedebian
CVE-2024-56760 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platfo… redhatsusedebian
CVE-2024-50064 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: zram: free secondary algorithms names We need to kfree() secondary algorithms names when reset zram device that had multi-streams… redhatsusedebian
CVE-2024-46839 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-50228 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-42278 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdev_load_calibrated_data() This function has a reversed if statement so it's either a no-op or it leads to … redhatsusedebian
CVE-2024-50102 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Lite(tm)" issue with non-cano… redhatsusedebian
CVE-2024-53208 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync This fixes the following crash: ==============================… redhatsusedebian
CVE-2024-56614 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xsk_map_delete_elem function an unsigned integer (map->max_e… redhatsusedebian
CVE-2024-49856 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all ot… redhatsusedebian
CVE-2024-53681 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmet_root_discovery_nqn_store treats the subsysnqn string like a fixed size buffer, even though … redhatsusedebian
CVE-2024-50191 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SB_RDONL… redhatsusedebian
CVE-2024-54460 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Fix circular lock in iso_listen_bis This fixes the circular locking dependency warning below, by releasing the so… redhatsusedebian
CVE-2024-43889 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padat… redhatrockylinuxsusedebian+2
CVE-2024-50182 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfd_secret() if arch cannot set direct map Return -ENOSYS from memfd_secret() syscall if !can_set_direct_map… redhatsusedebian
CVE-2024-57852 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer dereference") m… redhatsusedebian
CVE-2024-47705 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blk_add_partition The blk_add_partition() function initially used a single if… redhatsusedebianlinux
CVE-2024-50186 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf->create fails We have recently noticed the exact same KASAN splat as in commit 6cd4… redhatsusedebian
CVE-2024-47596 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-56611 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM We currently assume that there is at least one VMA… redhatsusedebian
CVE-2024-42294 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release Our test report the following hung task: [ 2538.459400] INFO: task "kworker/0… redhatsusedebian
CVE-2024-50047 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in th… redhatsusedebian
CVE-2024-50109 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10_size() In raid10_run() if raid10_set_queue_limits() succeed, the return value is se… redhatsusedebian
CVE-2024-53164 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a c… redhatsusedebian
CVE-2024-56642 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). syzkaller reported a use-after-free of UDP kernel socket in cleanu… redhatsusedebian
CVE-2024-50189 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() Using the device-managed version allows to simplify clean-up in prob… redhatsusedebian
CVE-2024-50077 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix multiple init when debugfs is disabled If bt_debugfs is not created successfully, which happens if either CON… redhatsusedebian
CVE-2024-49946 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in ppp_channel_bridge_input() Networking receive path is usually handled from BH handler. However, … redhatsusedebian
CVE-2024-43873 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized… redhatsusedebian
CVE-2024-45010 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only mark 'subflow' endp as available Adding the following warning ... WARN_ON_ONCE(msk->pm.local_addr_used == 0) … redhatsusedebian
CVE-2024-57843 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix overflow inside virtnet_rq_alloc When the frag just got a page, then may lead to regression on VM. Specially if t… redhatsusedebian
CVE-2024-46954 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebian
CVE-2024-46673 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls hardware-specific init functions through the aac_driver_ide… redhatsusedebian
CVE-2024-50013 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: exfat: fix memory leak in exfat_load_bitmap() If the first directory entry in the root directory is not a bitmap directory entry,… redhatsusedebian
CVE-2024-50162 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect rxq contains a pointer to the device from where the redirect happened. Currently, the BPF… redhatsusedebian
CVE-2024-43853 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be rep… redhatsusedebian
CVE-2024-45016 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: net… redhatsusedebianlinux
CVE-2024-49991 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer,… redhatsusedebian
CVE-2024-56729 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cache… redhatsusedebian
CVE-2024-46675 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an issue where the USB core could acc… redhatsusedebian
CVE-2024-57898 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first… redhatsusedebian
CVE-2024-53222 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in comp_algorithm_show() LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Co… redhatsusedebian
CVE-2024-28047 medium 5.5 1y ago Moderate: microcode_ctl security update rockylinuxredhatdebian
CVE-2024-49881 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent() In ext4_find_extent(), if the path is not big enough, we free it and set *orig_path … redhatsusedebian
CVE-2024-53105 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page b… redhatsusedebian
CVE-2024-56664 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race… redhatsusedebian
CVE-2024-49977 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix zero-division error when disabling tc cbs The commit b8c43360f6e4 ("net: stmmac: No need to calculate speed divi… redhatsusedebianlinux
CVE-2024-42265 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; … redhatrockylinuxsusedebian+2
CVE-2024-49968 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: filesystems without casefold feature cannot be mounted with siphash When mounting the ext4 filesystem, if the default hash … redhatsusedebian
CVE-2024-49861 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map (like in case of .r… redhatsusedebian
CVE-2024-49973 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: r8169: add tally counter fields added with RTL8125 RTL8125 added fields to the tally counter, what may result in the chip dma'ing… redhatsusedebianlinux
CVE-2024-4453 medium 5.5 1y ago Moderate: gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server security update redhatrockylinuxdebiansuse
CVE-2024-50169 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vsock: Update rx_bytes on read_skb() Make sure virtio_transport_inc_rx_pkt() and virtio_transport_dec_rx_pkt() calls are balanced… redhatsusedebian
CVE-2024-49994 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 bloc… redhatsusedebian
CVE-2024-47739 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seq_nr overflow When submitting more than 2^32 padata objects to padata_do… redhatsusedebian