CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-46820	drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend Description: In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend We do not directly enable/disable VCN IRQ in vcn 5.0.0. And we do not handle the IRQ state as well. So the calls to disable IRQ and set state are removed. This effectively gets rid of the warining of "WARN_ON(!amdgpu_irq_enabled(adev, src, type))" in amdgpu_irq_put(). EPSS Score: 0.04% Source: CVE January 18th, 2025 (6 months ago)
CVE-2024-46746	HID: amd_sfh: free driver_data after destroying hid device Description: In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: free driver_data after destroying hid device HID driver callbacks aren't called anymore once hid_destroy_device() has been called. Hence, hid driver_data should be freed only after the hid_destroy_device() function returned as driver_data is used in several callbacks. I observed a crash with kernel 6.10.0 on my T14s Gen 3, after enabling KASAN to debug memory allocation, I got this output: [ 13.050438] ================================================================== [ 13.054060] BUG: KASAN: slab-use-after-free in amd_sfh_get_report+0x3ec/0x530 [amd_sfh] [ 13.054809] psmouse serio1: trackpoint: Synaptics TrackPoint firmware: 0x02, buttons: 3/3 [ 13.056432] Read of size 8 at addr ffff88813152f408 by task (udev-worker)/479 [ 13.060970] CPU: 5 PID: 479 Comm: (udev-worker) Not tainted 6.10.0-arch1-2 #1 893bb55d7f0073f25c46adbb49eb3785fefd74b0 [ 13.063978] Hardware name: LENOVO 21CQCTO1WW/21CQCTO1WW, BIOS R22ET70W (1.40 ) 03/21/2024 [ 13.067860] Call Trace: [ 13.069383] input: TPPS/2 Synaptics TrackPoint as /devices/platform/i8042/serio1/input/input8 [ 13.071486] [ 13.071492] dump_stack_lvl+0x5d/0x80 [ 13.074870] snd_hda_intel 0000:33:00.6: enabling device (0000 -> 0002) [ 13.078296] ? amd_sfh_get_report+0x3ec/0x530 [amd_sfh 05f43221435b5205f734cd9da29399130f398a38] [ 13.082199] print_report+0x174/0x505 [ 13.085776] ? __pfx__raw_s... EPSS Score: 0.04% Source: CVE January 18th, 2025 (6 months ago)
CVE-2024-44092	There is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of... Description: There is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. EPSS Score: 0.04% Source: CVE January 18th, 2025 (6 months ago)
CVE-2024-43906	drm/admgpu: fix dereferencing null pointer context Description: In the Linux kernel, the following vulnerability has been resolved: drm/admgpu: fix dereferencing null pointer context When user space sets an invalid ta type, the pointer context will be empty. So it need to check the pointer context before using it EPSS Score: 0.04% Source: CVE January 18th, 2025 (6 months ago)
CVE-2024-42225	wifi: mt76: replace skb_put with skb_put_zero Description: In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data EPSS Score: 0.05% Source: CVE January 18th, 2025 (6 months ago)
CVE-2024-42151	bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable Description: In the Linux kernel, the following vulnerability has been resolved: bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable Test case dummy_st_ops/dummy_init_ret_value passes NULL as the first parameter of the test_1() function. Mark this parameter as nullable to make verifier aware of such possibility. Otherwise, NULL check in the test_1() code: SEC("struct_ops/test_1") int BPF_PROG(test_1, struct bpf_dummy_ops_state *state) { if (!state) return ...; ... access state ... } Might be removed by verifier, thus triggering NULL pointer dereference under certain conditions. EPSS Score: 0.04% Source: CVE January 18th, 2025 (6 months ago)
CVE-2024-29415	The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and... Description: The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282. EPSS Score: 0.06% Source: CVE January 18th, 2025 (6 months ago)
CVE-2024-0690	Ansible-core: possible information leak in tasks that ignore ansible_no_log configuration Description: An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values. EPSS Score: 0.05% Source: CVE January 18th, 2025 (6 months ago)
	[zotregistry.dev/zot] Zot IdP group membership revocation ignored Description: Summary The group data stored for users in the boltdb database (meta.db) is an append-list so group revocations/removals are ignored in the API. Details SetUserGroups is alled on login, but instead of replacing the group memberships, they are appended. This may be due to some conflict with the group definitions in the config file, but that wasn't obvious to me if it were the case. PoC Login with group claims, logout, remove the user from a group from at IdP and log in again, the API still grants access and the new list of groups is appended creating meaningless duplicate entries and no longer mathing the expected groups from the IdP. The behavior can be verified by seeing the API or UI still presenting images it should not or by viewing the data directly: bbolt get meta.db UserData <user>, eg: Note this example also has duplicates due to group hierarchy changes that were left in the database. Impact Any Zot configuration that relies on group-based authorization will not respect group remove/revocation by an IdP. References https://github.com/project-zot/zot/security/advisories/GHSA-c9p4-xwr9-rfhx https://github.com/project-zot/zot/commit/002ac62d8a15bf0cba010b3ba7bde86f9837b613 https://github.com/advisories/GHSA-c9p4-xwr9-rfhx Source: Github Advisory Database (Go) January 17th, 2025 (6 months ago)
	FTC cracks down on Genshin Impact gacha loot box practices Description: Genshin Impact developer Cognosphere (aka Hoyoverse) has agreed to a $20 million settlement with the U.S. Federal Trade Commission (FTC) over its gacha loot box monetization and is now banned from selling them to teens under the age of sixteen without parental consent. [...] Source: BleepingComputer January 17th, 2025 (6 months ago)