VIR Vulnerability Intelligence Relay

CVEs from 2024

7,195 normalized CVEs published or assigned in this year.

Total
7,195
critical
critical 114
high
high 1,044
medium
medium 1,991
low
low 40
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%

Top vendors

Top products

  • checkmk 10
  • office 8
  • profilegrid 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5
  • propertyhive 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-50057 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ only if it was requested before In polling mode, if no IRQ was requested there is no need to free it. … redhatsusedebian
CVE-2024-56558 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures th… redhatsusedebian
CVE-2024-50189 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() Using the device-managed version allows to simplify clean-up in prob… redhatsusedebian
CVE-2024-43871 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_per… redhatrockylinuxsusedebian+2
CVE-2024-47834 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-42305 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dx_root before making dir indexed Syzbot reports a issue as follows: ==============================… redhatsusedebianlinux
CVE-2024-50186 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf->create fails We have recently noticed the exact same KASAN splat as in commit 6cd4… redhatsusedebian
CVE-2024-56757 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data t… redhatsusedebian
CVE-2024-49973 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: r8169: add tally counter fields added with RTL8125 RTL8125 added fields to the tally counter, what may result in the chip dma'ing… redhatsusedebianlinux
CVE-2024-49856 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all ot… redhatsusedebian
CVE-2024-50055 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() … redhatsusedebian
CVE-2024-46758 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-36013 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also m… redhatsusedebian
CVE-2024-36968 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer ov… redhatsusedebian
CVE-2024-36011 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref Fix potential null-ptr-deref in hci_le_big_sync_established_evt(). redhatsusedebian
CVE-2024-47715 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915_band_config() sets band_idx = 1 on the main phy for mt7986 with MT7975_ONE… redhatsusedebian
CVE-2024-46952 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebiansuse
CVE-2024-35963 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Fix not validating setsockopt user input Check user input length before copying data. redhatsusedebian
CVE-2024-53070 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then d… redhatsusedebian
CVE-2024-53072 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amd_pmc module as: amd_pmc enable_stb=1 ...can result in… redhatsusedebian
CVE-2024-47542 medium 5.5 1y ago Moderate: gstreamer1-plugins-base security update redhatdebiansuserockylinux
CVE-2024-35964 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data. redhatsusedebian
CVE-2024-46711 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'local_addr_used' and 'add_addr_accepted' are decremented for addresse… redhatsusedebian
CVE-2024-53060 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported acpi_evaluate_object() may return AE_NOT_FOUND (failure), w… redhatsusedebian
CVE-2024-53097 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fix MTE false alarm in __do_krealloc This patch addresses an issue introduced by commit 1a83a716ec233 ("mm: kreallo… redhatsusedebian
CVE-2024-50018 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-46754 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. The syzbot reported that the lwt_seg6 related BPF ops can be invoked via bpf_tes… redhatsusedebian
CVE-2024-43914 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape… redhatsusedebian
CVE-2024-50002 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() t… redhatsusedebian
CVE-2024-49939 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to add interface to list twice when SER If SER L2 occurs during the WoWLAN resume flow, the add interface flow… redhatsusedebian
CVE-2024-47545 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-50107 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounm… redhatsusedebian
CVE-2024-50064 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: zram: free secondary algorithms names We need to kfree() secondary algorithms names when reset zram device that had multi-streams… redhatsusedebian
CVE-2024-50047 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in th… redhatsusedebian
CVE-2024-46675 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an issue where the USB core could acc… redhatsusedebian
CVE-2024-50152 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: … redhatsusedebian
CVE-2024-46864 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: fix kexec crash due to VP assist page corruption commit 9636be85cc5b ("x86/hyperv: Fix hyperv_pcpu_input_arg handling… redhatsusedebian
CVE-2024-41010 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry Pedro Pinto and later independently also Hyunwoo Kim and Wongi Lee reported an issue that… redhatsusedebian
CVE-2024-57898 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first… redhatsusedebian
CVE-2024-50282 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Avoid a possible buffer overflow if size is larger than 4K. … redhatsusedebian
CVE-2024-46787 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmd_trans_huge() check", v2. The pmd_trans_hug… redhatsusedebian
CVE-2024-50074 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf() calls blind… redhatsusedebian
CVE-2024-52949 medium 5.5 1y ago Moderate: iptraf-ng security update redhatdebianrockylinux
CVE-2024-57888 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker After commit 746ae46c1113 ("drm/sched: Mar… redhatsusedebian
CVE-2024-44931 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outsid… redhatsusedebian
CVE-2024-27008 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out … redhatsusedebian
CVE-2024-47141 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc->pinmux data When two client of the same gpio call pinctrl_select_state() for the sa… redhatsusedebian
CVE-2024-49934 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name It's observed that a crash occurs during hot-remove a memor… redhatsusedebian
CVE-2024-56779 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_ta… redhatsusedebian
CVE-2024-50153 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in target_alloc_device() There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: n… redhatsusedebianlinux
CVE-2024-56562 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() if (dev->boardinfo && dev->boardinfo->init_dyn_addr) … redhatsusedebian
CVE-2024-50014 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when… redhatsusedebian
CVE-2024-49993 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-49994 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 bloc… redhatsusedebian
CVE-2024-50272 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper… redhatsusedebian
CVE-2024-56551 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sc… redhatsusedebian
CVE-2024-46673 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls hardware-specific init functions through the aac_driver_ide… redhatsusedebian
CVE-2024-49995 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-45783 medium 5.5 1y ago Moderate: grub2 security update redhatdebiansuserockylinux
CVE-2024-49881 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent() In ext4_find_extent(), if the path is not big enough, we free it and set *orig_path … redhatsusedebian
CVE-2024-49974 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operation… redhatsusedebian
CVE-2024-43846 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault The library supports aggregation of objects into other objects only if the parent objec… redhatsusedebian
CVE-2024-50082 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like … redhatrockylinuxsusedebian
CVE-2024-50191 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SB_RDONL… redhatsusedebian
CVE-2024-42312 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize i_uid/i_gid Always initialize i_uid/i_gid inside the sysfs core so set_ownership() can safely skip sett… redhatsusedebianlinux
CVE-2024-50013 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: exfat: fix memory leak in exfat_load_bitmap() If the first directory entry in the root directory is not a bitmap directory entry,… redhatsusedebian
CVE-2024-52005 medium 5.5 1y ago Moderate: git security update redhatdebiansuserockylinux
CVE-2024-49983 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free When calling ext4_force_split_extent_at() in ext4_ext_repl… redhatsusedebian
CVE-2024-53051 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Sometimes during hotplug scenario or suspend/resume scenario encode… redhatsusedebian
CVE-2024-47544 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-50130 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read… redhatsusedebian
CVE-2024-49938 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit Syzbot points out that skb_trim() has a sanity check on… redhatsusedebianlinux
CVE-2024-50128 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global o… redhatsusedebian
CVE-2024-56623 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 sign… redhatsusedebian
CVE-2024-50236 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during mana… redhatsusedebian
CVE-2024-50029 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync This checks if the ACL connection remains valid as it could be destroyed … redhatsusedebian
CVE-2024-49933 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: blk_iocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in the ioc_forgive_debts() functio… redhatsusedebian
CVE-2024-44932 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes (very rarely, but possible) throwing WARNs f… redhatsusedebian
CVE-2024-46820 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend We do not directly enable/disable VCN IRQ in vcn 5.0.0. And we do not handl… redhatsusedebian
CVE-2024-53118 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vsock: Fix sk_error_queue memory leak Kernel queues MSG_ZEROCOPY completion notifications on the error queue. Where they remain, … redhatsusedebian
CVE-2024-47835 medium 5.5 1y ago Moderate: gstreamer1-plugins-base security update redhatdebiansuserockylinux
CVE-2024-56604 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the p… redhatsusedebian
CVE-2024-41062 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, wher… redhatsusedebian
CVE-2024-53213 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xx_probe(), the buffer `buf` was being freed tw… redhatsusedebian
CVE-2024-43820 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume rm-raid devices will occasionally trigger the following warning wh… redhatsusedebian
CVE-2024-49946 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in ppp_channel_bridge_input() Networking receive path is usually handled from BH handler. However, … redhatsusedebian
CVE-2024-50022 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: device-dax: correct pgoff align in dax_set_mapping() pgoff should be aligned using ALIGN_DOWN() instead of ALIGN(). Otherwise, v… redhatsusedebian
CVE-2024-47596 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansuse
CVE-2024-47738 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask f… redhatsusedebian
CVE-2024-50235 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear wdev->cqm_config pointer on free When we free wdev->cqm_config when unregistering, we also need to clear ou… redhatsusedebian
CVE-2024-53173 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at th… redhatsusedebian
CVE-2024-50073 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux BUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gs… redhatsusedebian
CVE-2024-53110 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmt… redhatsusedebian
CVE-2024-36880 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloadi… redhatsusedebian
CVE-2024-58099 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service lo… redhatsusedebian
CVE-2024-50024 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that f… redhatsusedebian
CVE-2024-50199 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can… redhatsusedebian
CVE-2024-53134 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i < bc->onecell_data.num_domains', not 'bc->onecell_… redhatsusedebian
CVE-2024-50019 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already… redhatsusedebian
CVE-2024-31157 medium 5.5 1y ago Moderate: microcode_ctl security update rockylinuxredhatdebian