Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-26581	netfilter: nft_set_rbtree: skip end interval element from gc Description: In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active. EPSS Score: 0.04% Source: CVE December 20th, 2024 (4 months ago)
CVE-2024-25131	Openshift-dedicated: must-gather-operator: yaml template injection leads to privilege escalation Description: A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard developer user to escalate their privileges to a cluster administrator and pivot to the AWS environment. EPSS Score: 0.08% Source: CVE December 20th, 2024 (4 months ago)
CVE-2024-2201	CVE-2024-2201 Description: A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems. EPSS Score: 0.04% Source: CVE December 20th, 2024 (4 months ago)
CVE-2023-7005	CVE-2023-7005 Description: A specially crafted message can be sent to the TTLock App that downgrades the encryption protocol used for communication, and can be utilized to compromise the lock, such as through revealing the unlockKey field. EPSS Score: 0.04% Source: CVE December 20th, 2024 (4 months ago)
CVE-2023-52921	drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() Description: In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() Since the gang_size check is outside of chunk parsing loop, we need to reset i before we free the chunk data. Suggested by Ye Zhang (@VAR10CK) of Baidu Security. EPSS Score: 0.04% Source: CVE December 20th, 2024 (4 months ago)
CVE-2023-52919	nfc: nci: fix possible NULL pointer dereference in send_acknowledge() Description: In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fix possible NULL pointer dereference in send_acknowledge() Handle memory allocation failure from nci_skb_alloc() (calling alloc_skb()) to avoid possible NULL pointer dereference. EPSS Score: 0.04% Source: CVE December 20th, 2024 (4 months ago)
CVE-2023-52918	media: pci: cx23885: check cx23885_vdev_init() return Description: In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: check cx23885_vdev_init() return cx23885_vdev_init() can return a NULL pointer, but that pointer is used in the next line without a check. Add a NULL pointer check and go to the error unwind if it is NULL. EPSS Score: 0.04% Source: CVE December 20th, 2024 (4 months ago)
CVE-2023-52915	media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer Description: In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer In af9035_i2c_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach af9035_i2c_master_xfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash. Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()") EPSS Score: 0.04% Source: CVE December 20th, 2024 (4 months ago)
CVE-2023-52914	io_uring/poll: add hash if ready poll request can't complete inline Description: In the Linux kernel, the following vulnerability has been resolved: io_uring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well. EPSS Score: 0.04% Source: CVE December 20th, 2024 (4 months ago)
CVE-2023-52913	drm/i915: Fix potential context UAFs Description: In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential context UAFs gem_context_register() makes the context visible to userspace, and which point a separate thread can trigger the I915_GEM_CONTEXT_DESTROY ioctl. So we need to ensure that nothing uses the ctx ptr after this. And we need to ensure that adding the ctx to the xarray is the last thing that gem_context_register() does with the ctx pointer. [tursulin: Stable and fixes tags add/tidy.] (cherry picked from commit bed4b455cf5374e68879be56971c1da563bcd90c) EPSS Score: 0.04% Source: CVE December 20th, 2024 (4 months ago)