Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-49906 |
Description: In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check null pointer before try to access it
[why & how]
Change the order of the pipe_ctx->plane_state check to ensure that
plane_state is not null before accessing it.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-49899 |
Description: In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Initialize denominators' default to 1
[WHAT & HOW]
Variables used as denominators and maybe not assigned to other values,
should not be 0. Change their default to 1 so they are never 0.
This fixes 10 DIVIDE_BY_ZERO issues reported by Coverity.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-49898 |
Description: In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check null-initialized variables
[WHAT & HOW]
drr_timing and subvp_pipe are initialized to null and they are not
always assigned new values. It is necessary to check for null before
dereferencing.
This fixes 2 FORWARD_NULL issues reported by Coverity.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-49897 |
Description: In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check phantom_stream before it is used
dcn32_enable_phantom_stream can return null, so returned value
must be checked before used.
This fixes 1 NULL_RETURNS issue reported by Coverity.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-49891 |
Description: In the Linux kernel, the following vulnerability has been resolved:
scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths
When the HBA is undergoing a reset or is handling an errata event, NULL ptr
dereference crashes may occur in routines such as
lpfc_sli_flush_io_rings(), lpfc_dev_loss_tmo_callbk(), or
lpfc_abort_handler().
Add NULL ptr checks before dereferencing hdwq pointers that may have been
freed due to operations colliding with a reset or errata event handler.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-48956 |
Description: Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a specially crafted HTTP request to a service endpoint resulting in remote code execution.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-46901 |
Description: Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository.
All versions of Subversion up to and including Subversion 1.14.4 are affected if serving repositories via mod_dav_svn. Users are recommended to upgrade to version 1.14.5, which fixes this issue.
Repositories served via other access methods are not affected.
CVSS: LOW (3.1) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-46841 |
Description: In the Linux kernel, the following vulnerability has been resolved:
btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc()
We handle errors here properly, ENOMEM isn't fatal, return the error.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-46749 |
Description: In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush()
This adds a check before freeing the rx->skb in flush and close
functions to handle the kernel crash seen while removing driver after FW
download fails or before FW download completes.
dmesg log:
[ 54.634586] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000080
[ 54.643398] Mem abort info:
[ 54.646204] ESR = 0x0000000096000004
[ 54.649964] EC = 0x25: DABT (current EL), IL = 32 bits
[ 54.655286] SET = 0, FnV = 0
[ 54.658348] EA = 0, S1PTW = 0
[ 54.661498] FSC = 0x04: level 0 translation fault
[ 54.666391] Data abort info:
[ 54.669273] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000
[ 54.674768] CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[ 54.674771] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[ 54.674775] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000048860000
[ 54.674780] [0000000000000080] pgd=0000000000000000, p4d=0000000000000000
[ 54.703880] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
[ 54.710152] Modules linked in: btnxpuart(-) overlay fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce polyval_generic snd_soc_imx_spdif snd_soc_imx_card snd_soc_ak5558 snd_soc_ak4458 caam secvio error snd_soc_fsl_micfil snd_soc_fsl_spdif snd_soc_fsl_sai snd_soc_fsl_utils imx_pcm_dma gpio_ir_recv ...
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-46742 |
Description: In the Linux kernel, the following vulnerability has been resolved:
smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()
null-ptr-deref will occur when (req_op_level == SMB2_OPLOCK_LEVEL_LEASE)
and parse_lease_state() return NULL.
Fix this by check if 'lease_ctx_info' is NULL.
Additionally, remove the redundant parentheses in
parse_durable_handle_context().
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|