CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-56679	octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c Description: In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c Add error pointer check after calling otx2_mbox_get_rsp(). EPSS Score: 0.04% Source: CVE December 29th, 2024 (6 months ago)
CVE-2024-56678	powerpc/mm/fault: Fix kfence page fault reporting Description: In the Linux kernel, the following vulnerability has been resolved: powerpc/mm/fault: Fix kfence page fault reporting copy_from_kernel_nofault() can be called when doing read of /proc/kcore. /proc/kcore can have some unmapped kfence objects which when read via copy_from_kernel_nofault() can cause page faults. Since *_nofault() functions define their own fixup table for handling fault, use that instead of asking kfence to handle such faults. Hence we search the exception tables for the nip which generated the fault. If there is an entry then we let the fixup table handler handle the page fault by returning an error from within ___do_page_fault(). This can be easily triggered if someone tries to do dd from /proc/kcore. eg. dd if=/proc/kcore of=/dev/null bs=1M Some example false negatives: =============================== BUG: KFENCE: invalid read in copy_from_kernel_nofault+0x9c/0x1a0 Invalid read at 0xc0000000fdff0000: copy_from_kernel_nofault+0x9c/0x1a0 0xc00000000665f950 read_kcore_iter+0x57c/0xa04 proc_reg_read_iter+0xe4/0x16c vfs_read+0x320/0x3ec ksys_read+0x90/0x154 system_call_exception+0x120/0x310 system_call_vectored_common+0x15c/0x2ec BUG: KFENCE: use-after-free read in copy_from_kernel_nofault+0x9c/0x1a0 Use-after-free read at 0xc0000000fe050000 (in kfence-#2): copy_from_kernel_nofault+0x9c/0x1a0 0xc00000000665f950 read_kcore_iter+0x57c/0xa04 proc_reg_read_iter+0xe4/0x16c vfs_read+0x320/0x3ec ksys_read+0x90... EPSS Score: 0.04% Source: CVE December 29th, 2024 (6 months ago)
CVE-2024-56677	powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() Description: In the Linux kernel, the following vulnerability has been resolved: powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() During early init CMA_MIN_ALIGNMENT_BYTES can be PAGE_SIZE, since pageblock_order is still zero and it gets initialized later during initmem_init() e.g. setup_arch() -> initmem_init() -> sparse_init() -> set_pageblock_order() One such use case where this causes issue is - early_setup() -> early_init_devtree() -> fadump_reserve_mem() -> fadump_cma_init() This causes CMA memory alignment check to be bypassed in cma_init_reserved_mem(). Then later cma_activate_area() can hit a VM_BUG_ON_PAGE(pfn & ((1 << order) - 1)) if the reserved memory area was not pageblock_order aligned. Fix it by moving the fadump_cma_init() after initmem_init(), where other such cma reservations also gets called. ============== page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10010 flags: 0x13ffff800000000(node=1\|zone=0\|lastcpupid=0x7ffff) CMA raw: 013ffff800000000 5deadbeef0000100 5deadbeef0000122 0000000000000000 raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: VM_BUG_ON_PAGE(pfn & ((1 << order) - 1)) ------------[ cut here ]------------ kernel BUG at mm/page_alloc.c:778! Call Trace: __free_one_page+0x57c/0x7b0 (unreliable) free_pcppages_bulk+0x1a8/0x2c8 free_unref_page_commit+0x3d4/0x4e4 free_unref_page+0x458/0x6d0 init_cma_reserved_pageblock+0x114/0x198 cma_init_reserved_areas+0x270/0x3... EPSS Score: 0.05% Source: CVE December 29th, 2024 (6 months ago)
CVE-2024-56676	thermal: testing: Initialize some variables annoteded with _free() Description: In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with _free() Variables annotated with __free() need to be initialized if the function can return before they get updated for the first time or the attempt to free the memory pointed to by them upon function return may crash the kernel. Fix this issue in some places in the thermal testing code. EPSS Score: 0.04% Source: CVE December 29th, 2024 (6 months ago)
CVE-2024-46973	Exploitable kernel use-after-free on psServerMMUContext due to reference count mismanagement Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. EPSS Score: 0.04% Source: CVE December 29th, 2024 (6 months ago)
CVE-2024-46972	GPU DDK - Security: Reference count overflow in pvr_sync_rollback_export_fence Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. EPSS Score: 0.04% Source: CVE December 29th, 2024 (6 months ago)
CVE-2024-43705	GPU DDK - Security: Exploitable PVRSRVBridgePhysmemWrapExtMem may lead to overwrite read-only file/memory (e.g. libc.so) Description: Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory. EPSS Score: 0.04% Source: CVE December 29th, 2024 (6 months ago)
	Hackers steal ZAGG customers' credit cards in third-party breach Description: ZAGG Inc. is informing customers that their credit card data has been exposed to unauthorized individuals after hackers compromised a third-party application provided by the company's e-commerce provider, BigCommerce. [...] Source: BleepingComputer December 28th, 2024 (6 months ago)
	DNI Claims to be Selling the Data from a Private Healthcare Provider in Spain Description: DNI Claims to be Selling the Data from a Private Healthcare Provider in Spain Source: DarkWebInformer December 28th, 2024 (6 months ago)
	Arikos is Allegedly Selling the Data of Affinity Description: Arikos is Allegedly Selling the Data of Affinity Source: DarkWebInformer December 28th, 2024 (6 months ago)