Aggregator

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.119/6.6.63/6.11.10/6.12.1. Affected is the function cppc_get_cpu_cost of the component cpufreq. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-53230. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.1. This issue affects the function bfad_im_module_exit of the component scsi. The manipulation leads to use after free. The identification of this vulnerability is CVE-2024-53227. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.1. This vulnerability affects the function hns_roce_map_mr_sg of the component RDMA. The manipulation of the argument sg_offset leads to null pointer dereference. This vulnerability was named CVE-2024-53226. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.1. This affects the function max_n_shift of the component tegra241-cmdqv. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2024-53225. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.63/6.11.10/6.12.1. It has been rated as critical. Affected by this issue is the function rt2880_xtal_recalc_rate of the file drivers/clk/ralink/clk-mtmips.c. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2024-53223. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.10/6.12.1. It has been declared as critical. Affected by this vulnerability is the function ivpu_send_receive_internal of the component accel. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-56540. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been classified as critical. Affected is an unknown function of the file drivers/net/wireless/marvell/mwifiex/scan.c of the component mwifiex. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-56539. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1 and classified as problematic. This issue affects the function snd_card_free_when_closed of the component ALSA. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2024-56533. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.12.1 and classified as problematic. This vulnerability affects the function snd_card_free_when_closed of the component ALSA. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-56531. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.1. This affects the function snd_card_free_when_closed of the component ALSA. The manipulation leads to infinite loop. This vulnerability is uniquely identified as CVE-2024-56532. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

In a recent security advisory

In a recent security advisory, Microsoft disclosed a high-severity vulnerability identified as CVE-2024-38063. This critical Remote Code Execution (RCE) flaw, rated with a CVSS score of 9.8, poses a significant...

The post CVE-2024-38063: An In-Depth Look at the Critical Remote Code Execution Vulnerability appeared first on Strobes Security.

The post Best of 2024: CVE-2024-38063: An In-Depth Look at the Critical Remote Code Execution Vulnerability appeared first on Security Boulevard.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.1. Affected by this issue is the function comp_algorithm_show of the component zram. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-53222. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.1. Affected by this vulnerability is the function nfsd4_process_cb_update of the component NFSD. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-53217. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.173/6.1.119/6.6.63/6.11.10/6.12.1. Affected is the function svc_rdma_proc_init. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-53215. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been rated as problematic. This issue affects the function vfio_config_do_rw. The manipulation leads to improper initialization. The identification of this vulnerability is CVE-2024-53214. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.119/6.6.63/6.11.10/6.12.1. It has been declared as problematic. This vulnerability affects the function lan78xx_probe. The manipulation leads to improper initialization. This vulnerability was named CVE-2024-53213. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been classified as problematic. This affects the function l2tp_exit_net. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2024-53211. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.10/6.12.1 and classified as critical. Affected by this issue is the function bnxt_set_rx_skb_mode. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-53209. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.