CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-40995	net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() Description: In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() syzbot found hanging tasks waiting on rtnl_lock [1] A reproducer is available in the syzbot bug. When a request to add multiple actions with the same index is sent, the second request will block forever on the first request. This holds rtnl_lock, and causes tasks to hang. Return -EAGAIN to prevent infinite looping, while keeping documented behavior. [1] INFO: task kworker/1:0:5088 blocked for more than 143 seconds. Not tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000 Workqueue: events_power_efficient reg_check_chans_work Call Trace: context_switch kernel/sched/core.c:5409 [inline] __schedule+0xf15/0x5d00 kernel/sched/core.c:6746 __schedule_loop kernel/sched/core.c:6823 [inline] schedule+0xe7/0x350 kernel/sched/core.c:6838 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752 wiphy_lock include/net/cfg80211.h:5953 [inline] reg_leave_invalid_chans net/wireless/reg.c:2466 [inline] reg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481 EPSS Score: 0.04% Source: CVE December 20th, 2024 (6 months ago)
CVE-2024-40994	ptp: fix integer overflow in max_vclocks_store Description: In the Linux kernel, the following vulnerability has been resolved: ptp: fix integer overflow in max_vclocks_store On 32bit systems, the "4 * max" multiply can overflow. Use kcalloc() to do the allocation to prevent this. EPSS Score: 0.04% Source: CVE December 20th, 2024 (6 months ago)
CVE-2024-40993	netfilter: ipset: Fix suspicious rcu_dereference_protected() Description: In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix suspicious rcu_dereference_protected() When destroying all sets, we are either in pernet exit phase or are executing a "destroy all sets command" from userspace. The latter was taken into account in ip_set_dereference() (nfnetlink mutex is held), but the former was not. The patch adds the required check to rcu_dereference_protected() in ip_set_dereference(). EPSS Score: 0.04% Source: CVE December 20th, 2024 (6 months ago)
CVE-2024-40992	RDMA/rxe: Fix responder length checking for UD request packets Description: In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently dropped by the responder. The responder then waits for a new request packet. commit 689c5421bfe0 ("RDMA/rxe: Fix incorrect responder length checking") defers responder length check for UD QPs in function `copy_data`. But it introduces a regression issue for UD QPs. When the packet size is too large to fit in the receive buffer. `copy_data` will return error code -EINVAL. Then `send_data_in` will return RESPST_ERR_MALFORMED_WQE. UD QP will transfer into ERROR state. EPSS Score: 0.05% Source: CVE December 20th, 2024 (6 months ago)
CVE-2024-40991	dmaengine: ti: k3-udma-glue: Fix of_k3_udma_glue_parse_chn_by_id() Description: In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: Fix of_k3_udma_glue_parse_chn_by_id() The of_k3_udma_glue_parse_chn_by_id() helper function erroneously invokes "of_node_put()" on the "udmax_np" device-node passed to it, without having incremented its reference count at any point. Fix it. EPSS Score: 0.04% Source: CVE December 20th, 2024 (6 months ago)
CVE-2024-40990	RDMA/mlx5: Add check for srq max_sge attribute Description: In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq max_sge attribute max_sge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it. EPSS Score: 0.04% Source: CVE December 20th, 2024 (6 months ago)
CVE-2024-40989	KVM: arm64: Disassociate vcpus from redistributor region on teardown Description: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing down a redistributor region, make sure we don't have any dangling pointer to that region stored in a vcpu. EPSS Score: 0.05% Source: CVE December 20th, 2024 (6 months ago)
CVE-2024-40988	drm/radeon: fix UBSAN warning in kv_dpm.c Description: In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix UBSAN warning in kv_dpm.c Adds bounds check for sumo_vid_mapping_entry. EPSS Score: 0.04% Source: CVE December 20th, 2024 (6 months ago)
CVE-2024-40987	drm/amdgpu: fix UBSAN warning in kv_dpm.c Description: In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix UBSAN warning in kv_dpm.c Adds bounds check for sumo_vid_mapping_entry. EPSS Score: 0.04% Source: CVE December 20th, 2024 (6 months ago)
CVE-2024-40986	dmaengine: xilinx: xdma: Fix data synchronisation in xdma_channel_isr() Description: In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix data synchronisation in xdma_channel_isr() Requests the vchan lock before using xdma->stop_request. EPSS Score: 0.04% Source: CVE December 20th, 2024 (6 months ago)