Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-41014 |
Description: In the Linux kernel, the following vulnerability has been resolved:
xfs: add bounds checking to xlog_recover_process_data
There is a lack of verification of the space occupied by fixed members
of xlog_op_header in the xlog_recover_process_data.
We can create a crafted image to trigger an out of bounds read by
following these steps:
1) Mount an image of xfs, and do some file operations to leave records
2) Before umounting, copy the image for subsequent steps to simulate
abnormal exit. Because umount will ensure that tail_blk and
head_blk are the same, which will result in the inability to enter
xlog_recover_process_data
3) Write a tool to parse and modify the copied image in step 2
4) Make the end of the xlog_op_header entries only 1 byte away from
xlog_rec_header->h_size
5) xlog_rec_header->h_num_logops++
6) Modify xlog_rec_header->h_crc
Fix:
Add a check to make sure there is sufficient space to access fixed members
of xlog_op_header.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-40975 |
Description: In the Linux kernel, the following vulnerability has been resolved:
platform/x86: x86-android-tablets: Unregister devices in reverse order
Not all subsystems support a device getting removed while there are
still consumers of the device with a reference to the device.
One example of this is the regulator subsystem. If a regulator gets
unregistered while there are still drivers holding a reference
a WARN() at drivers/regulator/core.c:5829 triggers, e.g.:
WARNING: CPU: 1 PID: 1587 at drivers/regulator/core.c:5829 regulator_unregister
Hardware name: Intel Corp. VALLEYVIEW C0 PLATFORM/BYT-T FFD8, BIOS BLADE_21.X64.0005.R00.1504101516 FFD8_X64_R_2015_04_10_1516 04/10/2015
RIP: 0010:regulator_unregister
Call Trace:
regulator_unregister
devres_release_group
i2c_device_remove
device_release_driver_internal
bus_remove_device
device_del
device_unregister
x86_android_tablet_remove
On the Lenovo Yoga Tablet 2 series the bq24190 charger chip also provides
a 5V boost converter output for powering USB devices connected to the micro
USB port, the bq24190-charger driver exports this as a Vbus regulator.
On the 830 (8") and 1050 ("10") models this regulator is controlled by
a platform_device and x86_android_tablet_remove() removes platform_device-s
before i2c_clients so the consumer gets removed first.
But on the 1380 (13") model there is a lc824206xa micro-USB switch
connected over I2C and the extcon driver for that controls the regulator.
The bq24190 i2c-clie...
CVSS: LOW (0.0) EPSS Score: 0.05%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-40583 |
Description: Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credentials.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-40582 |
Description: Pentaminds CuroVMS v2.0.1 was discovered to contain exposed sensitive information.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-38485 |
Description: Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low-privileged attacker could potentially exploit this vulnerability to trigger redirections that leads to sensitive information leakage.
CVSS: MEDIUM (4.3) EPSS Score: 0.06%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-38296 |
Description: Dell Edge Gateway 3200, versions prior to 15.40.30.2879, and Edge Gateway 5200, versions prior to 12.0.94.2380, contain an Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure.
CVSS: MEDIUM (6.7) EPSS Score: 0.04%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-36948 |
Description: In the Linux kernel, the following vulnerability has been resolved:
drm/xe/xe_migrate: Cast to output precision before multiplying operands
Addressing potential overflow in result of multiplication of two lower
precision (u32) operands before widening it to higher precision
(u64).
-v2
Fix commit message and description. (Rodrigo)
(cherry picked from commit 34820967ae7b45411f8f4f737c2d63b0c608e0d7)
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-35946 |
Description: In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw89: fix null pointer access when abort scan
During cancel scan we might use vif that weren't scanning.
Fix this by using the actual scanning vif.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-33122 |
Description: Roothub v2.6 was discovered to contain a SQL injection vulnerability via the topic parameter in the list() function.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-27407 |
Description: In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fixed overflow check in mi_enum_attr()
CVSS: LOW (0.0) EPSS Score: 0.05%
December 10th, 2024 (5 months ago)
|