VIR Vulnerability Intelligence Relay

CVEs from 2024

7,195 normalized CVEs published or assigned in this year.

Total
7,195
critical
critical 114
high
high 1,020
medium
medium 2,013
low
low 42
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%

Top vendors

Top products

  • surveillance_station 12
  • checkmk 10
  • profilegrid 8
  • office 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-46820 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend We do not directly enable/disable VCN IRQ in vcn 5.0.0. And we do not handl… redhatsusedebian
CVE-2024-49569 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: unquiesce admin_q before destroy it Kernel will hang on destroy admin_q while we create ctrl failed, such as following… redhatsusedebian
CVE-2024-47603 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-46828 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sched: sch_cake: fix bulk flow accounting logic for host fairness In sch_cake, we keep track of the count of active bulk flows pe… redhatsusedebian
CVE-2024-47774 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-48873 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: check return value of ieee80211_probereq_get() for RNR The return value of ieee80211_probereq_get() might be NULL, s… redhatsusedebian
CVE-2024-49995 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-47775 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-42321 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE The following splat is easy to reproduce upstream as well as in -stable kernels. … redhatsusedebian
CVE-2024-47678 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applie… redhatsusedebian
CVE-2024-35963 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Fix not validating setsockopt user input Check user input length before copying data. redhatsusedebian
CVE-2024-49878 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) rel… redhatsusedebian
CVE-2024-42294 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release Our test report the following hung task: [ 2538.459400] INFO: task "kworker/0… redhatsusedebian
CVE-2024-12087 medium 5.5 1y ago Moderate: rsync security update archredhatrockylinuxsuse+1
CVE-2024-56562 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() if (dev->boardinfo && dev->boardinfo->init_dyn_addr) … redhatsusedebian
CVE-2024-50228 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-53117 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSG_ZEROCOPY error handling Add a missing kfree_skb() to prevent memory leaks. redhatsusedebian
CVE-2024-53110 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmt… redhatsusedebian
CVE-2024-43889 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padat… redhatrockylinuxsusedebian+2
CVE-2024-47546 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-47776 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-38541 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st s… redhatrockylinuxsusedebian
CVE-2024-46800 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues packet to inner qdisc and that qdisc returns __NET_XMI… redhatsusedebian
CVE-2024-53190 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures Syzkaller reported a hung task with uevent_show(… redhatsusedebian
CVE-2024-36880 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloadi… redhatsusedebian
CVE-2024-53134 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i < bc->onecell_data.num_domains', not 'bc->onecell_… redhatsusedebian
CVE-2024-36013 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also m… redhatsusedebian
CVE-2024-57898 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first… redhatsusedebian
CVE-2024-39500 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sock_map: avoid race between sock_map_close and sk_psock_put sk_psock_get will return NULL if the refcount of psock has gone to 0… redhatsusedebian
CVE-2024-47544 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-50013 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: exfat: fix memory leak in exfat_load_bitmap() If the first directory entry in the root directory is not a bitmap directory entry,… redhatsusedebian
CVE-2024-44964 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and crashes while performing a soft reset The second tagged commit introduced a UAF, as it removed restori… redhatsusedebian
CVE-2024-47598 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-53118 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vsock: Fix sk_error_queue memory leak Kernel queues MSG_ZEROCOPY completion notifications on the error queue. Where they remain, … redhatsusedebian
CVE-2024-53208 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync This fixes the following crash: ==============================… redhatsusedebian
CVE-2024-50067 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring… redhatsusedebian
CVE-2024-42291 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ice: Add a per-VF limit on number of FDIR filters While the iavf driver adds a s/w limit (128) on the number of FDIR filters that… redhatsusedebian
CVE-2024-46711 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'local_addr_used' and 'add_addr_accepted' are decremented for addresse… redhatsusedebian
CVE-2024-56644 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is ex… redhatrockylinuxsusedebian
CVE-2024-56729 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cache… redhatsusedebian
CVE-2024-49994 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 bloc… redhatsusedebian
CVE-2024-49851 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tpm: Clean up TPM space after command failure tpm_dev_transmit prepares the TPM space before attempting command transmission. How… redhatsusedebianlinux
CVE-2024-56590 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet This fixes not checking if skb really contains an ACL head… redhatsusedebian
CVE-2024-56591 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Use disable_delayed_work_sync This makes use of disable_delayed_work_sync instead cancel_delayed_work_sync a… redhatsusedebian
CVE-2024-12088 medium 5.5 1y ago Moderate: rsync security update archredhatrockylinuxsuse+1
CVE-2024-57931 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling … redhatsusedebian
CVE-2024-53085 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according… redhatsusedebian
CVE-2024-4453 medium 5.5 1y ago Moderate: gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server security update redhatrockylinuxdebiansuse
CVE-2024-42265 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; … redhatrockylinuxsusedebian+2
CVE-2024-53121 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock th… redhatsusedebian
CVE-2024-47668 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() If we need to increase the tree depth, allocate a new node, and… redhatrockylinuxsusedebian+1
CVE-2024-53203 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() The "command" variable can be controlled by the user via deb… redhatsusedebian
CVE-2024-53120 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5_tc_ct_entry_add_rule(), in case ct_rule_add() callba… redhatsusedebian
CVE-2024-53097 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fix MTE false alarm in __do_krealloc This patch addresses an issue introduced by commit 1a83a716ec233 ("mm: kreallo… redhatsusedebian
CVE-2024-58099 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service lo… redhatsusedebian
CVE-2024-53222 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in comp_algorithm_show() LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Co… redhatsusedebian
CVE-2024-42253 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race Ensure that `i2c_lock' is held when setting interrupt latch and mask in pca95… redhatsusedebian
CVE-2024-50278 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexp… redhatsusedebian
CVE-2024-50261 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadata_dst, which is used t… redhatsusedebian
CVE-2024-43898 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-49881 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent() In ext4_find_extent(), if the path is not big enough, we free it and set *orig_path … redhatsusedebian
CVE-2024-50009 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference chec… redhatsusedebian
CVE-2024-57885 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "slee… redhatsusedebian
CVE-2024-47597 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-50152 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: … redhatsusedebian
CVE-2024-50126 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read… redhatsusedebian
CVE-2024-50130 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read… redhatsusedebian
CVE-2024-53136 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as s… redhatsusedebian
CVE-2024-53194 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since … redhatsusedebian
CVE-2024-46807 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL redhatsusedebian
CVE-2024-53123 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: error out earlier on disconnect Eric reported a division by zero splat in the MPTCP protocol: Oops: divide error: 0000 [#… redhatsusedebian
CVE-2024-53103 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->tra… redhatsusedebian
CVE-2024-52005 medium 5.5 1y ago Moderate: git security update redhatdebiansuserockylinux+1
CVE-2024-35964 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data. redhatsusedebian
CVE-2024-42278 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdev_load_calibrated_data() This function has a reversed if statement so it's either a no-op or it leads to … redhatsusedebian
CVE-2024-57940 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the clus… redhatsusedebianlinux
CVE-2024-50153 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in target_alloc_device() There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: n… redhatsusedebianlinux
CVE-2024-56826 medium 5.5 1y ago Moderate: openjpeg2 security update redhatsusedebian
CVE-2024-44958 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sched/smt: Fix unbalance sched_smt_present dec/inc I got the following warn report while doing stress test: jump label: negative… redhatsusedebian
CVE-2024-47596 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-50019 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already… redhatsusedebian
CVE-2024-47719 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN() during iova allocation Userspace can supply an iova and uptr such that the target io… redhatsusedebian
CVE-2024-50143 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uni… redhatsusedebian
CVE-2024-0444 medium 5.5 1y ago Moderate: gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server security update redhatsusedebian
CVE-2024-50271 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: signal: restore the override_rlimit logic Prior to commit d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts") UCOUNT… redhatsusedebian
CVE-2024-49999 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: afs: Fix the setting of the server responding flag In afs_wait_for_operation(), we set transcribe the call responded flag to the … redhatsusedebian
CVE-2024-50002 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() t… redhatsusedebian
CVE-2024-49886 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bo… redhatsusedebian
CVE-2024-50015 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The dax_iomap_rw() does two things in each iteration:… redhatsusedebianlinux
CVE-2024-49870 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefiles_open_file() A dentry leak may be caused when a lookup cookie and a cull are concurrent:… redhatsusedebian
CVE-2024-49861 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map (like in case of .r… redhatsusedebian
CVE-2024-47700 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of t… redhatsusedebian
CVE-2024-50014 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when… redhatsusedebian
CVE-2024-43871 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_per… redhatrockylinuxsusedebian+2
CVE-2024-53105 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page b… redhatsusedebian
CVE-2024-10224 medium 5.5 1y ago Moderate: perl-Module-ScanDeps security update redhatdebianrockylinux
CVE-2024-56693 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: brd: defer automatic disk creation until module initialization succeeds My colleague Wupeng found the following problems during f… redhatsusedebian
CVE-2024-47545 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-47705 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blk_add_partition The blk_add_partition() function initially used a single if… redhatsusedebianlinux
CVE-2024-50272 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper… redhatsusedebian