CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-9960 |
Description:
Nessus Plugin ID 230411 with High Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) (CVE-2024-9960)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/230411
March 6th, 2025 (4 months ago)
|
|
CVE-2024-53193 |
Description:
Nessus Plugin ID 230412 with High Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix memory corruption bug in struct loongson2_clk_provider Some heap space is allocated for the flexible structure `struct clk_hw_onecell_data` and its flexible-array member `hws` through the composite structure `struct loongson2_clk_provider` in function `loongson2_clk_probe()`, as shown below: 289 struct loongson2_clk_provider *clp; ... 296 for (p = data; p->name; p++) 297 clks_num++; 298 299 clp = devm_kzalloc(dev, struct_size(clp, clk_data.hws, clks_num), 300 GFP_KERNEL); Then some data is written into the flexible array: 350 clp->clk_data.hws[p->id] = hw; This corrupts `clk_lock`, which is the spinlock variable immediately following the `clk_data` member in `struct loongson2_clk_provider`: struct loongson2_clk_provider { void __iomem *base; struct device *dev; struct clk_hw_onecell_data clk_data; spinlock_t clk_lock; /* protect access to DIV registers */ }; The problem is that the flexible structure is currently placed in the middle of `struct loongson2_clk_provider` instead of at the end. Fix ...
March 6th, 2025 (4 months ago)
|
|
CVE-2024-57946 |
Description:
Nessus Plugin ID 230413 with Medium Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: virtio-blk: don't keep queue frozen during system suspend Commit 4ce6e2db00de (virtio-blk: Ensure no requests in virtqueues before deleting vqs.) replaces queue quiesce with queue freeze in virtio-blk's PM callbacks. And the motivation is to drain inflight IOs before suspending. block layer's queue freeze looks very handy, but it is also easy to cause deadlock, such as, any attempt to call into bio_queue_enter() may run into deadlock if the queue is frozen in current context. There are all kinds of ->suspend() called in suspend context, so keeping queue frozen in the whole suspend context isn't one good idea. And Marek reported lockdep warning[1] caused by virtio-blk's freeze queue in virtblk_freeze(). [1] https://lore.kernel.org/linux- block/[email protected]/ Given the motivation is to drain in-flight IOs, it can be done by calling freeze & unfreeze, meantime restore to previous behavior by keeping queue quiesced during suspend. (CVE-2024-57946)Note that Nessus relies on the presence...
March 6th, 2025 (4 months ago)
|
|
CVE-2025-21699 |
Description:
Nessus Plugin ID 230414 with Medium Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Truncate an inode's address space when flipping the GFS2_DIF_JDATA flag: depending on that flag, the pages in the address space will either use buffer heads or iomap_folio_state structs, and we cannot mix the two. (CVE-2025-21699)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/230414
EPSS Score: 0.04%
March 6th, 2025 (4 months ago)
|
|
CVE-2024-49959 |
Description:
Nessus Plugin ID 230415 with Medium Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error In __jbd2_log_wait_for_space(), we might call jbd2_cleanup_journal_tail() to recover some journal space. But if an error occurs while executing jbd2_cleanup_journal_tail() (e.g., an EIO), we don't stop waiting for free space right away, we try other branches, and if j_committing_transaction is NULL (i.e., the tid is 0), we will get the following complain: ============================================ JBD2: I/O error when updating journal superblock for sdd-8. __jbd2_log_wait_for_space: needed 256 blocks and only had 217 space available __jbd2_log_wait_for_space: no way to get more journal space in sdd-8 ------------[ cut here ]------------ WARNING: CPU: 2 PID: 139804 at fs/jbd2/checkpoint.c:109 __jbd2_log_wait_for_space+0x251/0x2e0 Modules linked in: CPU: 2 PID: 139804 Comm: kworker/u8:3 Not tainted 6.6.0+ #1 RIP: 0010:__jbd2_log_wait_for_space+0x251/0x2e0 Call Trace: add_transaction_credits+0x5d1/0x5e0 start_this_handle+0x1ef/0x6a0 jbd2__...
EPSS Score: 0.03%
March 6th, 2025 (4 months ago)
|
|
CVE-2024-53070 |
Description:
Nessus Plugin ID 230416 with Medium Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we cannot access the device registers else it will crash. Also we cannot access any registers after dwc3_core_exit() on some platforms so move the dwc3_enable_susphy() call to the top. (CVE-2024-53070)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/230416
EPSS Score: 0.03%
March 6th, 2025 (4 months ago)
|
|
CVE-2024-49967 |
Description:
Nessus Plugin ID 230417 with High Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: no need to continue when the number of entries is 1 (CVE-2024-49967)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/230417
March 6th, 2025 (4 months ago)
|
|
CVE-2024-49956 |
Description:
Nessus Plugin ID 230418 with Medium Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: gfs2: fix double destroy_workqueue error When gfs2_fill_super() fails, destroy_workqueue() is called within gfs2_gl_hash_clear(), and the subsequent code path calls destroy_workqueue() on the same work queue again. This issue can be fixed by setting the work queue pointer to NULL after the first destroy_workqueue() call and checking for a NULL pointer before attempting to destroy the work queue again. (CVE-2024-49956)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/230418
EPSS Score: 0.03%
March 6th, 2025 (4 months ago)
|
|
CVE-2024-50225 |
Description:
Nessus Plugin ID 230419 with Medium Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix error propagation of split bios The purpose of btrfs_bbio_propagate_error() shall be propagating an error of split bio to its original btrfs_bio, and tell the error to the upper layer. However, it's not working well on some cases. * Case 1. Immediate (or quick) end_bio with an error When btrfs sends btrfs_bio to mirrored devices, btrfs calls btrfs_bio_end_io() when all the mirroring bios are completed. If that btrfs_bio was split, it is from btrfs_clone_bioset and its end_io function is btrfs_orig_write_end_io. For this case, btrfs_bbio_propagate_error() accesses the orig_bbio's bio context to increase the error count. That works well in most cases. However, if the end_io is called enough fast, orig_bbio's (remaining part after split) bio context may not be properly set at that time. Since the bio context is set when the orig_bbio (the last btrfs_bio) is sent to devices, that might be too late for earlier split btrfs_bio's completion. That will result in NULL pointer dereference. That bug is easily reprod...
CVSS: MEDIUM (5.5) EPSS Score: 0.03%
March 6th, 2025 (4 months ago)
|
|
CVE-2025-21817 |
Description:
Nessus Plugin ID 230420 with Medium Severity
Synopsis
The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.
Description
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: block: mark GFP_NOIO around sysfs ->store() sysfs ->store is called with queue freezed, meantime we have several ->store() callbacks(update_nr_requests, wbt, scheduler) to allocate memory with GFP_KERNEL which may run into direct reclaim code path, then potential deadlock can be caused. Fix the issue by marking NOIO around sysfs ->store() (CVE-2025-21817)Note that Nessus relies on the presence of the package as reported by the vendor.
Solution
There is no known solution at this time.
Read more at https://www.tenable.com/plugins/nessus/230420
EPSS Score: 0.02%
March 6th, 2025 (4 months ago)
|