VIR Vulnerability Intelligence Relay

CVEs from 2024

7,195 normalized CVEs published or assigned in this year.

Total
7,195
critical
critical 114
high
high 1,020
medium
medium 2,013
low
low 42
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%

Top vendors

Top products

  • checkmk 10
  • office 8
  • profilegrid 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5
  • propertyhive 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-49929 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference iwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() verify that the mvmvsta pointer is … redhatsusedebian
CVE-2024-44952 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-56667 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in capture_engine When the intel_context structure contains NULL, it raises a NULL pointer… redhatsusedebian
CVE-2024-49927 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runti… redhatsusedebian
CVE-2024-47668 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() If we need to increase the tree depth, allocate a new node, and… redhatrockylinuxsusedebian+1
CVE-2024-46805 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix the waring dereferencing hive Check the amdgpu_hive_info *hive that maybe is NULL. redhatsusedebian
CVE-2024-38541 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st s… redhatrockylinuxsusedebian
CVE-2024-42294 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release Our test report the following hung task: [ 2538.459400] INFO: task "kworker/0… redhatsusedebian
CVE-2024-50019 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already… redhatsusedebian
CVE-2024-50015 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The dax_iomap_rw() does two things in each iteration:… redhatsusedebianlinux
CVE-2024-53123 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: error out earlier on disconnect Eric reported a division by zero splat in the MPTCP protocol: Oops: divide error: 0000 [#… redhatsusedebian
CVE-2024-54680 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-53190 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures Syzkaller reported a hung task with uevent_show(… redhatsusedebian
CVE-2024-53208 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync This fixes the following crash: ==============================… redhatsusedebian
CVE-2024-53117 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSG_ZEROCOPY error handling Add a missing kfree_skb() to prevent memory leaks. redhatsusedebian
CVE-2024-49937 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it return a "WARNING: CPU: … redhatsusedebian
CVE-2024-49934 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name It's observed that a crash occurs during hot-remove a memor… redhatsusedebian
CVE-2024-43853 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be rep… redhatsusedebian
CVE-2024-47778 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-44989 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm real_dev null pointer dereference We shouldn't set real_dev to NULL because packets can be in transit and xfrm … redhatrockylinuxsusedebian+2
CVE-2024-45776 medium 5.5 1y ago Moderate: grub2 security update redhatdebiansuserockylinux
CVE-2024-53096 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmap_region() error path behaviour The mmap_region() function is somewhat terrifying, with spaghetti-like cont… redhatsusedebian
CVE-2024-49933 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: blk_iocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in the ioc_forgive_debts() functio… redhatsusedebian
CVE-2024-46711 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'local_addr_used' and 'add_addr_accepted' are decremented for addresse… redhatsusedebian
CVE-2024-35978 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state b… redhatsusedebianlinux
CVE-2024-50271 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: signal: restore the override_rlimit logic Prior to commit d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts") UCOUNT… redhatsusedebian
CVE-2024-56693 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: brd: defer automatic disk creation until module initialization succeeds My colleague Wupeng found the following problems during f… redhatsusedebian
CVE-2024-50152 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: … redhatsusedebian
CVE-2024-47774 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-50082 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like … redhatrockylinuxsusedebian+1
CVE-2024-49948 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdisc_pkt_len_init() One path takes care of SKB_GSO_DODGY, assuming skb->len is bigger than hdr_le… redhatsusedebianlinux
CVE-2024-49935 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exit_round_robin() The kernel occasionally crashes in cpumask_clear_cpu(), which is called within exit_ro… redhatsusedebian
CVE-2024-46807 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL redhatsusedebian
CVE-2024-50162 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect rxq contains a pointer to the device from where the redirect happened. Currently, the BPF… redhatsusedebian
CVE-2024-47705 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blk_add_partition The blk_add_partition() function initially used a single if… redhatsusedebianlinux
CVE-2024-50153 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in target_alloc_device() There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: n… redhatsusedebianlinux
CVE-2024-50272 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper… redhatsusedebian
CVE-2024-47700 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of t… redhatsusedebian
CVE-2024-53237 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child() Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-aft… redhatsusedebian
CVE-2024-42304 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline,… redhatsusedebianlinux
CVE-2024-54460 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Fix circular lock in iso_listen_bis This fixes the circular locking dependency warning below, by releasing the so… redhatsusedebian
CVE-2024-50002 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() t… redhatsusedebian
CVE-2024-31157 medium 5.5 1y ago Moderate: microcode_ctl security update rockylinuxredhatdebian
CVE-2024-56644 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is ex… redhatrockylinuxsusedebian
CVE-2024-56558 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures th… redhatsusedebian
CVE-2024-53110 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmt… redhatsusedebian
CVE-2024-46750 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock() One of the true positives that the cfg_access_lock lockdep effort identified is th… redhatsusedebianlinux
CVE-2024-56688 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport Since transport->sock has been set to NULL during reset transport, XPRT_… redhatsusedebian
CVE-2024-53085 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according… redhatsusedebian
CVE-2024-43834 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of page_pool_destroy() If the driver uses a page pool, it creates a page pool with page_pool_create… redhatsusedebianlinux
CVE-2024-56654 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating The usage of rcu_read_(un)lock while inside list_for_each_entry… redhatsusedebian
CVE-2024-56653 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: avoid UAF in btmtk_process_coredump hci_devcd_append may lead to the release of the skb, so it cannot be access… redhatsusedebian
CVE-2024-57903 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: restrict SO_REUSEPORT to inet sockets After blamed commit, crypto sockets could accidentally be destroyed from RCU call back… redhatsusedebian
CVE-2024-50046 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() On the node of an NFS client, some files saved in the mountpoi… redhatsusedebianlinux
CVE-2024-57888 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker After commit 746ae46c1113 ("drm/sched: Mar… redhatsusedebian
CVE-2024-57890 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqe_size * cmd.wr_count", both variables are u32 values that c… redhatsusedebian
CVE-2024-53118 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vsock: Fix sk_error_queue memory leak Kernel queues MSG_ZEROCOPY completion notifications on the error queue. Where they remain, … redhatsusedebian
CVE-2024-46819 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: the warning dereferencing obj for nbio_v7_4 if ras_manager obj null, don't print NBIO err data redhatsusedebian
CVE-2024-56535 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: coex: check NULL return of kmalloc in btc_fw_set_monreg() kmalloc may fail, return value might be NULL and will caus… redhatsusedebian
CVE-2024-53136 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as s… redhatsusedebian
CVE-2024-46806 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the warning division or modulo by zero Checks the partition mode and returns an error for an invalid mode. redhatsusedebian
CVE-2024-56663 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one Since the netlink attribute range validation provides inclusive checking, … redhatsusedebian
CVE-2024-53120 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5_tc_ct_entry_add_rule(), in case ct_rule_add() callba… redhatsusedebian
CVE-2024-49991 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer,… redhatsusedebian
CVE-2024-57852 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer dereference") m… redhatsusedebian
CVE-2024-50027 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: thermal: core: Free tzp copy along with the thermal zone The object pointed to by tz->tzp may still be accessed after being freed… redhatsusedebian
CVE-2024-49994 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 bloc… redhatsusedebian
CVE-2024-50163 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Make sure internal and UAPI bpf_redirect flags don't overlap The bpf_redirect_info is shared between the SKB and XDP redirec… redhatsusedebian
CVE-2024-50024 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that f… redhatsusedebian
CVE-2024-50009 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference chec… redhatsusedebian
CVE-2024-27398 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is … redhatsusedebian
CVE-2024-49939 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to add interface to list twice when SER If SER L2 occurs during the WoWLAN resume flow, the add interface flow… redhatsusedebian
CVE-2024-49999 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: afs: Fix the setting of the server responding flag In afs_wait_for_operation(), we set transcribe the call responded flag to the … redhatsusedebian
CVE-2024-49904 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add list empty check to avoid null pointer issue Add list empty check to avoid null pointer issues in some corner cas… redhatsusedebian
CVE-2024-53121 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock th… redhatsusedebian
CVE-2024-53146 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an in… redhatsusedebian
CVE-2024-47777 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-46724 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number Check the fb_channel_number range to avoid the array out-of-bounds r… redhatsusedebian
CVE-2024-57843 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix overflow inside virtnet_rq_alloc When the frag just got a page, then may lead to regression on VM. Specially if t… redhatsusedebian
CVE-2024-41010 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry Pedro Pinto and later independently also Hyunwoo Kim and Wongi Lee reported an issue that… redhatsusedebian
CVE-2024-39500 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sock_map: avoid race between sock_map_close and sk_psock_put sk_psock_get will return NULL if the refcount of psock has gone to 0… redhatsusedebian
CVE-2024-45775 medium 5.5 1y ago Moderate: grub2 security update redhatdebiansuserockylinux
CVE-2024-50013 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: exfat: fix memory leak in exfat_load_bitmap() If the first directory entry in the root directory is not a bitmap directory entry,… redhatsusedebian
CVE-2024-36013 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also m… redhatsusedebian
CVE-2024-35934 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() Many syzbot reports show extreme rtnl pressure, and many of them … redhatsusedebianlinux
CVE-2024-50109 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10_size() In raid10_run() if raid10_set_queue_limits() succeed, the return value is se… redhatsusedebian
CVE-2024-46828 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sched: sch_cake: fix bulk flow accounting logic for host fairness In sch_cake, we keep track of the count of active bulk flows pe… redhatsusedebian
CVE-2024-50093 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to en… redhatsusedebian
CVE-2024-57940 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the clus… redhatsusedebianlinux
CVE-2024-46956 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebiansuse+1
CVE-2024-57931 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling … redhatsusedebian
CVE-2024-45010 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only mark 'subflow' endp as available Adding the following warning ... WARN_ON_ONCE(msk->pm.local_addr_used == 0) … redhatsusedebian
CVE-2024-36012 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: fix slab-use-after-free in msft_do_close() Tying the msft->data lifetime to hdev by freeing it in hci_release_de… redhatsusedebian
CVE-2024-49954 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: static_call: Replace pointless WARN_ON() in static_call_module_notify() static_call_module_notify() triggers a WARN_ON(), when me… redhatsusedebian
CVE-2024-50120 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: Handle kstrdup failures for passwords In smb3_reconfigure(), after duplicating ctx->password and ctx->password2 with… redhatsusedebian
CVE-2024-52616 medium 5.5 1y ago Moderate: avahi security update debianredhatsuserockylinux+1
CVE-2024-53047 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcu_read_lock Enabling CONFIG_PROVE_RCU_LIST with its dependence CONFIG_RCU_EXPERT creates this s… redhatsusedebian
CVE-2024-49974 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operation… redhatsusedebian
CVE-2024-12747 medium 5.5 1y ago Moderate: rsync security update archredhatrockylinuxsuse+1
CVE-2024-47598 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux