VIR Vulnerability Intelligence Relay

CVEs from 2024

7,195 normalized CVEs published or assigned in this year.

Total
7,195
critical
critical 114
high
high 1,020
medium
medium 2,013
low
low 42
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%

Top vendors

Top products

  • surveillance_station 12
  • checkmk 10
  • profilegrid 8
  • office 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-39500 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sock_map: avoid race between sock_map_close and sk_psock_put sk_psock_get will return NULL if the refcount of psock has gone to 0… redhatsusedebian
CVE-2024-50093 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to en… redhatsusedebian
CVE-2024-46954 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebianalmalinux
CVE-2024-40956 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through t… redhatsusedebian
CVE-2024-47601 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-43853 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be rep… redhatsusedebian
CVE-2024-53134 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i < bc->onecell_data.num_domains', not 'bc->onecell_… redhatsusedebian
CVE-2024-49928 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid reading out of bounds when loading TX power FW elements Because the loop-expression will do one more time befo… redhatsusedebian
CVE-2024-53120 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5_tc_ct_entry_add_rule(), in case ct_rule_add() callba… redhatsusedebian
CVE-2024-50126 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read… redhatsusedebian
CVE-2024-56600 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provid… redhatsusedebian
CVE-2024-50024 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that f… redhatsusedebian
CVE-2024-50143 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uni… redhatsusedebian
CVE-2024-50014 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when… redhatsusedebian
CVE-2024-56827 medium 5.5 1y ago Moderate: openjpeg2 security update redhatsusedebian
CVE-2024-49856 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all ot… redhatsusedebian
CVE-2024-46952 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebiansuse+1
CVE-2024-12087 medium 5.5 1y ago Moderate: rsync security update archredhatrockylinuxsuse+1
CVE-2024-49954 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: static_call: Replace pointless WARN_ON() in static_call_module_notify() static_call_module_notify() triggers a WARN_ON(), when me… redhatsusedebian
CVE-2024-53118 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vsock: Fix sk_error_queue memory leak Kernel queues MSG_ZEROCOPY completion notifications on the error queue. Where they remain, … redhatsusedebian
CVE-2024-49878 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) rel… redhatsusedebian
CVE-2024-49959 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error In __jbd2_log_wait_for_space(), we might call jbd2_cl… redhatsusedebian
CVE-2024-53160 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu KCSAN reports a data race when access the krcp->monitor_work.timer.exp… redhatsusedebian
CVE-2024-44931 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outsid… redhatsusedebian
CVE-2024-44932 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes (very rarely, but possible) throwing WARNs f… redhatsusedebian
CVE-2024-44934 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free[1] which is caused because the bri… redhatsusedebian
CVE-2024-57885 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "slee… redhatsusedebian
CVE-2024-49851 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tpm: Clean up TPM space after command failure tpm_dev_transmit prepares the TPM space before attempting command transmission. How… redhatsusedebianlinux
CVE-2024-49860 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method Only buffer objects are valid return values of _STR. If something else is retur… redhatsusedebian
CVE-2024-53110 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmt… redhatsusedebian
CVE-2024-50073 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux BUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gs… redhatsusedebian
CVE-2024-53091 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx As the introduction of the support for vsock and unix sockets in so… redhatsusedebian
CVE-2024-47598 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-8418 medium 5.5 1y ago Moderate: aardvark-dns security update debianredhatsuserust
CVE-2024-50130 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read… redhatsusedebian
CVE-2024-56590 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet This fixes not checking if skb really contains an ACL head… redhatsusedebian
CVE-2024-47687 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr resources which n… redhatsusedebian
CVE-2024-50008 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Replace one-element array with a flexib… redhatsusedebianlinux
CVE-2024-45000 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: fs/netfs/fscache_cookie: add missing "n_accesses" check This fixes a NULL pointer dereference bug due to a data race which looks … redhatsusedebian
CVE-2024-45009 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only decrement add_addr_accepted for MPJ req Adding the following warning ... WARN_ON_ONCE(msk->pm.add_addr_accepte… redhatsusedebian
CVE-2024-45010 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only mark 'subflow' endp as available Adding the following warning ... WARN_ON_ONCE(msk->pm.local_addr_used == 0) … redhatsusedebian
CVE-2024-45016 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: net… redhatsusedebianlinux
CVE-2024-53232 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because du… redhatsusedebian
CVE-2024-38541 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st s… redhatrockylinuxsusedebian
CVE-2024-46951 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebiansuse+1
CVE-2024-46675 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an issue where the USB core could acc… redhatsusedebian
CVE-2024-50256 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() I got a syzbot report without a repro [1] crashing in nf_send_… redhatrockylinuxsusedebian+1
CVE-2024-53224 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup fro… redhatsusedebian
CVE-2024-56551 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sc… redhatsusedebian
CVE-2024-49937 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it return a "WARNING: CPU: … redhatsusedebian
CVE-2024-39279 medium 5.5 1y ago Moderate: microcode_ctl security update rockylinuxredhatdebian
CVE-2024-50082 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like … redhatrockylinuxsusedebian+1
CVE-2024-49933 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: blk_iocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in the ioc_forgive_debts() functio… redhatsusedebian
CVE-2024-46725 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds write warning Check the ring type value to fix the out-of-bounds write warning redhatsusedebian
CVE-2024-49935 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exit_round_robin() The kernel occasionally crashes in cpumask_clear_cpu(), which is called within exit_ro… redhatsusedebian
CVE-2024-46747 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup report_fixup for the Cougar 500k Gaming Keyboard was not verifyin… redhatsusedebian
CVE-2024-46754 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. The syzbot reported that the lwt_seg6 related BPF ops can be invoked via bpf_tes… redhatsusedebian
CVE-2024-46761 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv The hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel c… redhatsusedebian
CVE-2024-53237 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child() Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-aft… redhatsusedebian
CVE-2024-53123 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: error out earlier on disconnect Eric reported a division by zero splat in the MPTCP protocol: Oops: divide error: 0000 [#… redhatsusedebian
CVE-2024-46800 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues packet to inner qdisc and that qdisc returns __NET_XMI… redhatsusedebian
CVE-2024-46807 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL redhatsusedebian
CVE-2024-56647 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering ip_rt_bug arp link failure may trigger ip_rt_bug while xfrm enabled, call trace is: WARNI… redhatsusedebianlinux
CVE-2024-46806 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the warning division or modulo by zero Checks the partition mode and returns an error for an invalid mode. redhatsusedebian
CVE-2024-56566 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid list corruption when removing a slab from the full list Boot with slub_debug=UFPZ. If allocated object failed in … redhatsusedebian
CVE-2024-46820 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend We do not directly enable/disable VCN IRQ in vcn 5.0.0. And we do not handl… redhatsusedebian
CVE-2024-54460 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Fix circular lock in iso_listen_bis This fixes the circular locking dependency warning below, by releasing the so… redhatsusedebian
CVE-2024-56664 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race… redhatsusedebian
CVE-2024-47700 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of t… redhatsusedebian
CVE-2024-46953 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebiansuse+1
CVE-2024-53095 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecti… redhatsusedebian
CVE-2024-46839 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-49861 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map (like in case of .r… redhatsusedebian
CVE-2024-47141 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc->pinmux data When two client of the same gpio call pinctrl_select_state() for the sa… redhatsusedebian
CVE-2024-53042 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() There are code paths from which the function is called… redhatsusedebianlinux
CVE-2024-56558 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures th… redhatsusedebian
CVE-2024-53044 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext() This command: $ tc qdisc replace dev eth0 ingress_block 1 … redhatsusedebian
CVE-2024-47705 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blk_add_partition The blk_add_partition() function initially used a single if… redhatsusedebianlinux
CVE-2024-47835 medium 5.5 1y ago Moderate: gstreamer1-plugins-base security update redhatdebiansuserockylinux
CVE-2024-53203 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() The "command" variable can be controlled by the user via deb… redhatsusedebian
CVE-2024-47748 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: assign irq bypass producer token correctly We used to call irq_bypass_unregister_producer() in vhost_vdpa_setup_vq_ir… redhatsusedebian
CVE-2024-56562 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() if (dev->boardinfo && dev->boardinfo->init_dyn_addr) … redhatsusedebian
CVE-2024-47596 medium 5.5 1y ago Moderate: gstreamer1-plugins-good security update redhatdebiansusealmalinux
CVE-2024-36880 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloadi… redhatsusedebian
CVE-2024-53060 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported acpi_evaluate_object() may return AE_NOT_FOUND (failure), w… redhatsusedebian
CVE-2024-53136 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as s… redhatsusedebian
CVE-2024-50018 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2024-53085 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according… redhatsusedebian
CVE-2024-47713 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() Since '__dev_queue_xmit()' should be called with interrupts … redhatsusedebianlinux
CVE-2024-53050 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in hdcp2_get_capability Add encoder check in intel_hdcp2_get_capability to avoid null pointer er… redhatsusedebian
CVE-2024-49870 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefiles_open_file() A dentry leak may be caused when a lookup cookie and a cull are concurrent:… redhatsusedebian
CVE-2024-52005 medium 5.5 1y ago Moderate: git security update redhatdebiansuserockylinux+1
CVE-2024-47738 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask f… redhatsusedebian
CVE-2024-47739 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seq_nr overflow When submitting more than 2^32 padata objects to padata_do… redhatsusedebian
CVE-2024-53121 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock th… redhatsusedebian
CVE-2024-57898 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first… redhatsusedebian
CVE-2024-42304 medium 5.5 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline,… redhatsusedebianlinux
CVE-2024-56779 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_ta… redhatsusedebian
CVE-2024-56611 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM We currently assume that there is at least one VMA… redhatsusedebian
CVE-2024-36013 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also m… redhatsusedebian