CVEs from 2024
Total
6,995
critical
critical 121
high
high 1,015
medium
medium 2,011
low
low 42
% Critical
1.7%
% with KEV
2.3%
% with exploit
2.8%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-31227 | medium | — | 5.5 | 2y ago | Moderate: redis:7 security update | |||
| CVE-2024-31228 | medium | — | 5.5 | 2y ago | Moderate: redis:7 security update | |||
| CVE-2024-50226 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In support of investigating an initialization failure report [… | |||
| CVE-2024-42244 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 ("USB: serial: use generic method if no alternative is provid… | |||
| CVE-2024-41009 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is implemented as a power-of-2 sized circular buffer,… | |||
| CVE-2024-53101 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in… | |||
| CVE-2024-45321 | medium | — | 5.5 | 2y ago | Moderate: perl-App-cpanminus security update | |||
| CVE-2024-9632 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server security update | |||
| CVE-2024-5197 | medium | — | 5.5 | 2y ago | Moderate: libvpx security update | |||
| CVE-2024-46858 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: Fix uaf in __timer_delete_sync There are two paths to access mptcp_pm_del_add_timer, result in a race condition: … | |||
| CVE-2024-42283 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized b… | |||
| CVE-2024-46824 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cache_invalidate_user ops If drivers don't do this then iommufd will oops invalidation ioc… | |||
| CVE-2024-50602 | medium | — | 5.5 | 2y ago | Moderate: expat security update | |||
| CVE-2024-42276 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, … | |||
| CVE-2024-26987 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled When I did hard offline test with hugetlb pages, below d… | |||
| CVE-2024-6655 | medium | — | 5.5 | 2y ago | Moderate: gtk3 security update | |||
| CVE-2024-36039 | medium | — | 5.5 | 2y ago | Moderate: python3.11-PyMySQL security update | |||
| CVE-2024-25739 | medium | 5.5 | 5.5 | 2y ago | create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. | |||
| CVE-2024-2236 | medium | — | 5.5 | 2y ago | Moderate: libgcrypt security update | |||
| CVE-2024-26989 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsusp_save() On arm64 machines, swsusp_save() faults if it attempts to access … | |||
| CVE-2024-35942 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is p… | |||
| CVE-2024-35928 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-36905 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn co… | |||
| CVE-2024-27389 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput()… | |||
| CVE-2024-35877 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VM_PAT handling in COW mappings PAT handling won't do the right thing in COW mappings: the first PTE (or, in fact… | |||
| CVE-2024-30205 | medium | — | 5.5 | 2y ago | Moderate: emacs security update | |||
| CVE-2024-35795 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix deadlock while reading mqd from debugfs An errant disk backup on my desktop got into debugfs and triggered the fo… | |||
| CVE-2024-35930 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() The call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an u… | |||
| CVE-2024-36928 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 devi… | |||
| CVE-2024-26306 | medium | — | 5.5 | 2y ago | Moderate: iperf3 security update | |||
| CVE-2024-36472 | medium | — | 5.5 | 2y ago | Moderate: gnome-shell and gnome-shell-extensions security update | |||
| CVE-2024-35812 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-32040 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2024-35931 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip do PCI error slot reset during RAS recovery Why: The PCI error slot reset maybe triggered after inject ue to… | |||
| CVE-2024-22099 | medium | 5.5 | 5.5 | 2y ago | NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluet… | |||
| CVE-2024-23848 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. | |||
| CVE-2024-42258 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176… | |||
| CVE-2024-26589 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check_flow_keys_access() only uses fixed off for valida… | |||
| CVE-2024-26661 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pi… | |||
| CVE-2024-26662 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()' 'panel_cntl' structure used to control the displ… | |||
| CVE-2024-26672 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()' Fixes the below: drivers… | |||
| CVE-2024-26674 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups During memory error injection test on kernels >= v6.4, the kerne… | |||
| CVE-2024-26744 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Support specifying the srpt_service_guid parameter Make loading ib_srpt with this parameter set work. The current beha… | |||
| CVE-2024-26757 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in md_check_recovery() Usually if the array is not read-write, md_check_recovery() won't registe… | |||
| CVE-2024-26758 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ig… | |||
| CVE-2024-26761 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption… | |||
| CVE-2024-26835 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the … | |||
| CVE-2024-26462 | medium | — | 5.5 | 2y ago | Moderate: krb5 security update | |||
| CVE-2024-26838 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following issue assocated with freeing an IRQ. [50006.466686… | |||
| CVE-2024-26915 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Allows us to detect subsequent IH ring buffer overflows as well. | |||
| CVE-2024-40923 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3_rq_create() fails to allocate memory for rq->data_ring.base,… | |||
| CVE-2024-26920 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tracing/trigger: Fix to return error if failed to alloc snapshot Fix register_snapshot_trigger() to return error code if it faile… | |||
| CVE-2024-26922 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpu_vm_bo_(map/replace_map/… | |||
| CVE-2024-26928 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show() Skip sessions that are being teared down (status == SES_EXITING) t… | |||
| CVE-2024-26927 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Add some bounds checking to firmware data Smatch complains about "head->full_size - head->header_size" can underflow. … | |||
| CVE-2024-40907 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic in XDP_TX action In the XDP_TX path, ionic driver sends a packet to the TX path with rx page and correspo… | |||
| CVE-2024-26933 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in port "disable" sysfs attribute The show and store callback routines for the "disable" sysfs attribute … | |||
| CVE-2024-26937 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queue_priority_hint on parking Originally, with strict in order execution, we could complete execution only wh… | |||
| CVE-2024-38618 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it … | |||
| CVE-2024-27003 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree for clk_summary Similar to the previous commit, we should make sure that all devices are … | |||
| CVE-2024-27004 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disable_unused Doug reported [1] the following hung task: INFO: task swapper/0:1… | |||
| CVE-2024-27013 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too… | |||
| CVE-2024-27014 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are c… | |||
| CVE-2024-27015 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pp… | |||
| CVE-2024-26650 | medium | — | 5.5 | 2y ago | RHSA-2024:9315: kernel security update (Moderate) | |||
| CVE-2024-40919 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() In case of token is released due to token… | |||
| CVE-2024-27079 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info… | |||
| CVE-2024-35794 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dm-raid: really frozen sync_thread during suspend 1) commit f52f5c71f3d4 ("md: fix stopping sync thread") remove MD_RECOVERY_F… | |||
| CVE-2024-35805 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fix lockup in dm_exception_table_exit There was reported lockup when we exit a snapshot with many exceptions. Fix th… | |||
| CVE-2024-35807 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16… | |||
| CVE-2024-35808 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call md_reap_sync_thread() directly Currently md_reap_sync_thread() is called from raid_message() directly with… | |||
| CVE-2024-35817 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but a… | |||
| CVE-2024-35867 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoi… | |||
| CVE-2024-35869 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: guarantee refcounted children from parent session Avoid potential use-after-free bugs when walking DFS referrals, mo… | |||
| CVE-2024-35872 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folio_is_secretmem() currently relies on secretmem folios being LRU fol… | |||
| CVE-2024-35878 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which … | |||
| CVE-2024-35880 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: hold io_buffer_list reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until afte… | |||
| CVE-2024-35888 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb->head syzbot reported a problem in ip6erspan_rcv() [1] Issue is that ip6ersp… | |||
| CVE-2024-35892 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() qdisc_tree_reduce_backlog() is called with the qdisc lock held, not R… | |||
| CVE-2024-35894 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: prevent BPF accessing lowat from a subflow socket. Alexei reported the following splat: WARNING: CPU: 32 PID: 3276 at ne… | |||
| CVE-2024-35954 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sg_remove_sfp_usercontext() must not use sg_device_destroy() after calling scsi_device_pu… | |||
| CVE-2024-35973 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : Whi… | |||
| CVE-2024-35979 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: raid1: fix use-after-free for original bio in raid1_write_request() r1_bio->bios[] is used to record new bios that will be issued… | |||
| CVE-2024-36477 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer The TPM SPI transfer mechanism uses MAX_SPI_FRAMESIZE for… | |||
| CVE-2024-36882 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: use memalloc_nofs_save() in page_cache_ra_order() See commit f2c817bed58d ("mm: use memalloc_nofs_save in readahead path"), e… | |||
| CVE-2024-36881 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: reset ptes when close() for wr-protected ones Userfaultfd unregister includes a step to remove wr-protect bits fr… | |||
| CVE-2024-38388 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup Use the control private_free callback to free the associated data bloc… | |||
| CVE-2024-38629 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Avoid unnecessary destruction of file_ida file_ida is allocated during cdev open and is freed accordingly during… | |||
| CVE-2024-39497 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) Lack of check for copy-on-write (COW) mapping in drm_gem_shmem_mm… | |||
| CVE-2024-39507 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash problem in concurrent scenario When link status change, the nic driver need to notify the roce driver… | |||
| CVE-2024-39508 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: Use set_bit() and test_bit() at worker->flags Utilize set_bit() and test_bit() on worker->flags within io_uring/i… | |||
| CVE-2024-40903 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps There could be a potential use-after-free case in tcpm_reg… | |||
| CVE-2024-40965 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: i2c: lpi2c: Avoid calling clk_get_rate during transfer Instead of repeatedly calling clk_get_rate for each transfer, lock the clo… | |||
| CVE-2024-40967 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: serial: imx: Introduce timeout when waiting on transmitter empty By waiting at most 1 second for USR2_TXDC to be set, we avoid a … | |||
| CVE-2024-41094 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Only set smem_start is enable per module option Only export struct fb_info.fix.smem_start if that is required by t… | |||
| CVE-2024-41095 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes In nv17_tv_get_ld_modes(), the return value of drm_mod… | |||
| CVE-2024-42078 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: initialise nfsd_info.mutex early. nfsd_info.mutex can be dereferenced by svc_pool_stats_start() immediately after the new n… | |||
| CVE-2024-42132 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX Syzbot hit warning in hci_conn_del() caused by freeing han… | |||
| CVE-2024-45005 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix validity interception issue when gisa is switched off We might run into a SIE validity if gisa has been disabled e… | |||
| CVE-2024-44984 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT Remove the dma_unmap_page_attrs() call in the driver's XDP_REDIRECT code path.… |