CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-48876
Linux Distros Unpatched Vulnerability : CVE-2024-48876
Description: Nessus Plugin ID 230612 with Medium Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: stackdepot: fix stack_depot_save_flags() in NMI context Per documentation, stack_depot_save_flags() was meant to be usable from NMI context if STACK_DEPOT_FLAG_CAN_ALLOC is unset. However, it still would try to take the pool_lock in an attempt to save a stack trace in the current pool (if space is available). This could result in deadlock if an NMI is handled while pool_lock is already held. To avoid deadlock, only try to take the lock in NMI context and give up if unsuccessful. The documentation is fixed to clearly convey this. (CVE-2024-48876)Note that Nessus relies on the presence of the package as reported by the vendor. Solution There is no known solution at this time. Read more at https://www.tenable.com/plugins/nessus/230612
Source: Tenable Plugins
March 6th, 2025 (4 months ago)

CVE-2025-0622
Linux Distros Unpatched Vulnerability : CVE-2025-0622
Description: Nessus Plugin ID 230613 with Medium Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections. (CVE-2025-0622)Note that Nessus relies on the presence of the package as reported by the vendor. Solution There is no known solution at this time. Read more at https://www.tenable.com/plugins/nessus/230613

EPSS Score: 0.04%

Source: Tenable Plugins
March 6th, 2025 (4 months ago)

CVE-2024-49957
Linux Distros Unpatched Vulnerability : CVE-2024-49957
Description: Nessus Plugin ID 230614 with Medium Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix null-ptr-deref when journal load failed. During the mounting process, if journal_reset() fails because of too short journal, then lead to jbd2_journal_load() fails with NULL j_sb_buffer. Subsequently, ocfs2_journal_shutdown() calls jbd2_journal_flush()->jbd2_cleanup_journal_tail()-> __jbd2_update_log_tail()->jbd2_journal_update_sb_log_tail() ->lock_buffer(journal->j_sb_buffer), resulting in a null-pointer dereference error. To resolve this issue, we should check the JBD2_LOADED flag to ensure the journal was properly loaded. Additionally, use journal instead of osb->journal directly to simplify the code. (CVE-2024-49957)Note that Nessus relies on the presence of the package as reported by the vendor. Solution There is no known solution at this time. Read more at https://www.tenable.com/plugins/nessus/230614

EPSS Score: 0.03%

Source: Tenable Plugins
March 6th, 2025 (4 months ago)

CVE-2025-21823
Linux Distros Unpatched Vulnerability : CVE-2025-21823
Description: Nessus Plugin ID 230615 with Medium Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors reachable over an interface. Some of the used metric sources require locks which might need to sleep. This sleep is incompatible with the RCU list iterator used for the recorded neighbors. The initial approach to work around of this problem was to queue another work item per neighbor and then run this in a new context. Even when this solved the RCU vs might_sleep() conflict, it has a major problems: Nothing was stopping the work item in case it is not needed anymore - for example because one of the related interfaces was removed or the batman-adv module was unloaded - resulting in potential invalid memory accesses. Directly canceling the metric worker also has various problems: * cancel_work_sync for a to-be-deactivated interface is called with rtnl_lock held. But the code in the ELP metric worker also tries to use rtnl_lock() - which will never return in this case. This also means that cancel_work_sync ...

EPSS Score: 0.05%

Source: Tenable Plugins
March 6th, 2025 (4 months ago)

CVE-2024-53144
Linux Distros Unpatched Vulnerability : CVE-2024-53144
Description: Nessus Plugin ID 230616 with Medium Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 (Bluetooth: Always request for user confirmation for Just Works) always request user confirmation with confirm_hint set since the likes of bluetoothd have dedicated policy around JUST_WORKS method (e.g. main.conf:JustWorksRepairing). CVE: CVE-2024-8805 (CVE-2024-53144)Note that Nessus relies on the presence of the package as reported by the vendor. Solution There is no known solution at this time. Read more at https://www.tenable.com/plugins/nessus/230616
Source: Tenable Plugins
March 6th, 2025 (4 months ago)

CVE-2025-21809
Linux Distros Unpatched Vulnerability : CVE-2025-21809
Description: Nessus Plugin ID 230617 with Medium Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix peer hash locking vs RCU callback In its address list, afs now retains pointers to and refs on one or more rxrpc_peer objects. The address list is freed under RCU and at this time, it puts the refs on those peers. Now, when an rxrpc_peer object runs out of refs, it gets removed from the peer hash table and, for that, rxrpc has to take a spinlock. However, it is now being called from afs's RCU cleanup, which takes place in BH context - but it is just taking an ordinary spinlock. The put may also be called from non-BH context, and so there exists the possibility of deadlock if the BH-based RCU cleanup happens whilst the hash spinlock is held. This led to the attached lockdep complaint. Fix this by changing spinlocks of rxnet->peer_hash_lock back to BH-disabling locks. ================================ WARNING: inconsistent lock state 6.13.0-rc5-build2+ #1223 Tainted: G E -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN- SOFTIRQ-W} usage. swapper/1/0 [HC0[0]:SC1[1]:HE1:SE0] takes: ffff88...

EPSS Score: 0.01%

Source: Tenable Plugins
March 6th, 2025 (4 months ago)

CVE-2024-57973
Linux Distros Unpatched Vulnerability : CVE-2024-57973
Description: Nessus Plugin ID 230618 with High Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rdma/cxgb4: Prevent potential integer overflow on 32bit The gl->tot_len variable is controlled by the user. It comes from process_responses(). On 32bit systems, the gl->tot_len + sizeof(struct cpl_pass_accept_req) + sizeof(struct rss_header) addition could have an integer wrapping bug. Use size_add() to prevent this. (CVE-2024-57973)Note that Nessus relies on the presence of the package as reported by the vendor. Solution There is no known solution at this time. Read more at https://www.tenable.com/plugins/nessus/230618

EPSS Score: 0.02%

Source: Tenable Plugins
March 6th, 2025 (4 months ago)

CVE-2024-49916
Linux Distros Unpatched Vulnerability : CVE-2024-49916
Description: Nessus Plugin ID 230619 with Medium Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hw This commit addresses a potential null pointer dereference issue in the `dcn401_init_hw` function. The issue could occur when `dc->clk_mgr` or `dc->clk_mgr->funcs` is null. The fix adds a check to ensure `dc->clk_mgr` and `dc->clk_mgr->funcs` is not null before accessing its functions. This prevents a potential null pointer dereference. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn401/dcn401_hwseq.c:416 dcn401_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 225) (CVE-2024-49916)Note that Nessus relies on the presence of the package as reported by the vendor. Solution There is no known solution at this time. Read more at https://www.tenable.com/plugins/nessus/230619

EPSS Score: 0.03%

Source: Tenable Plugins
March 6th, 2025 (4 months ago)

CVE-2024-50269
Linux Distros Unpatched Vulnerability : CVE-2024-50269
Description: Nessus Plugin ID 230620 with High Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: musb: sunxi: Fix accessing an released usb phy Commit 6ed05c68cbca (usb: musb: sunxi: Explicitly release USB PHY on exit) will cause that usb phy @glue->xceiv is accessed after released. 1) register platform driver @sunxi_musb_driver // get the usb phy @glue->xceiv sunxi_musb_probe() -> devm_usb_get_phy(). 2) register and unregister platform driver @musb_driver musb_probe() -> sunxi_musb_init() use the phy here //the phy is released here musb_remove() -> sunxi_musb_exit() -> devm_usb_put_phy() 3) register @musb_driver again musb_probe() -> sunxi_musb_init() use the phy here but the phy has been released at 2). ... Fixed by reverting the commit, namely, removing devm_usb_put_phy() from sunxi_musb_exit(). (CVE-2024-50269)Note that Nessus relies on the presence of the package as reported by the vendor. Solution There is no known solution at this time. Read more at https://www.tenable.com/plugins/nessus/230620

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: Tenable Plugins
March 6th, 2025 (4 months ago)

CVE-2024-50236
Linux Distros Unpatched Vulnerability : CVE-2024-50236
Description: Nessus Plugin ID 230621 with Medium Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during management packet TX but this memory is not being freed during management TX completion. Similar leaks are seen in the management TX cleanup logic. Kmemleak reports this problem as below, unreferenced object 0xffffff80b64ed250 (size 16): comm kworker/u16:7, pid 148, jiffies 4294687130 (age 714.199s) hex dump (first 16 bytes): 00 2b d8 d8 80 ff ff ff c4 74 e9 fd 07 00 00 00 .+.......t...... backtrace: [] __kmem_cache_alloc_node+0x1e4/0x2d8 [] kmalloc_trace+0x48/0x110 [] ath10k_wmi_tlv_op_gen_mgmt_tx_send+0xd4/0x1d8 [ath10k_core] [] ath10k_mgmt_over_wmi_tx_work+0x134/0x298 [ath10k_core] [] process_scheduled_works+0x1ac/0x400 [] worker_thread+0x208/0x328 [] kthread+0x100/0x1c0 [] ret_from_fork+0x10/0x20 Free the memory during completion and cleanup to fix the leak. Protect the mgmt_pending_tx idr_remove() operation in ath10k_wmi_tlv_op_cleanup_mgmt_tx_send() using ar->data_lock similar to ...

CVSS: MEDIUM (5.5)

EPSS Score: 0.06%

Source: Tenable Plugins
March 6th, 2025 (4 months ago)