Aggregator

A vulnerability was found in Linux Kernel up to 6.12.4. It has been declared as problematic. This vulnerability affects the function hsr_init_skb of the file net/core/skbuff.c of the component net. The manipulation leads to allocation of resources. This vulnerability was named CVE-2024-56639. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.7 and classified as problematic. This issue affects the function btrfs_quota_enable of the file fs/btrfs/qgroup.c. The manipulation leads to reachable assertion. The identification of this vulnerability is CVE-2024-57806. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.8. Affected is the function damon_commit_targets. The manipulation leads to memory leak. This vulnerability is traded as CVE-2024-57886. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.69/6.12.8 and classified as problematic. Affected by this issue is the function in_atomic. The manipulation leads to insufficient verification of data authenticity. This vulnerability is handled as CVE-2024-57885. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.12.6. This affects the function getpagesize. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2024-56368. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

1 月 19 日，旧金山发生了首起涉及完全自主驾驶汽车的致命车祸。涉及的无人驾驶汽车来自 Waymo，但车祸不是 Waymo 的错。是人类司机高速追尾导致六车连环相撞，造成一人死亡五人受伤，一条狗也在事故中死亡。这是典型的 Waymo 车祸。绝大多数车祸中它都严格遵守交通规则，但人类司机却违反规则、超速、闯红灯、偏离车道诸如此类。自 2020 年以来，Waymo 报告了约 60 起严重到触发安全气囊或造成伤害的事故，而 Waymo 的行驶里程至今超过了 5000 万英里。根据 Waymo 的估计，如果是人类司机，那么相似的里程人类的车祸频率要高得多严重得多。

A vulnerability was found in IBM InfoSphere Information Server 11.7. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to information exposure through error message. The identification of this vulnerability is CVE-2024-55895. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in McAfee Virex 6.2/7.7. It has been rated as critical. Affected by this issue is some unknown functionality in the library library/application of the component crontab. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2007-1227. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.66/6.12.5 and classified as critical. This issue affects the function drm_info. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-56667. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.4. It has been declared as critical. This vulnerability affects the function modify_prefix_route of the component ipv6. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-56646. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.7. This vulnerability affects unknown code of the file /dev/zero. The manipulation leads to denial of service. This vulnerability was named CVE-2024-57805. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.