VulDB Recent Entries

A vulnerability has been found in Linux Kernel up to 6.1.112/6.6.53/6.10.12/6.11.1 and classified as critical. Affected by this vulnerability is the function find_asymmetric_key. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-47743. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.11.1. Affected is the function lpfc_sli4_request_firmware_update of the component firmware_loader. The manipulation leads to path traversal. This vulnerability is traded as CVE-2024-47742. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.11.1. This issue affects the function seq_nr of the component padata. The manipulation leads to integer overflow. The identification of this vulnerability is CVE-2024-47739. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.1.112/6.6.53/6.10.12/6.11.1. This vulnerability affects unknown code of the component mac80211. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-47738. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.15.167/6.1.112/6.6.53/6.10.12/6.11.1. This affects the function bond_xdp_get_xmit_slave of the component bonding. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2024-47734. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.12/6.11.1. It has been rated as critical. Affected by this issue is the function kvm_vcpu_write_guest of the component RISC-V. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-47717. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.53/6.7/6.10.12/6.11.1. It has been declared as problematic. Affected by this vulnerability is the function mt7915_band_config. The manipulation leads to race condition. This vulnerability is known as CVE-2024-47715. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.1. It has been classified as critical. Affected is the function flush_workqueue of the component RDMA. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-47696. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.1 and classified as critical. This issue affects the function mlx5r_umr_resource_cleanup. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-47694. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.54/6.10.13/6.11.1 and classified as critical. This vulnerability affects unknown code of the component AMD Display. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-47704. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.112/6.6.53/6.10.12/6.11.1. This affects the function scan_labels of the component nvdimm. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2024-47755. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.11.1. Affected by this issue is the function nilfs_btree_insert of the component nilfs2. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-47699. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.6.53/6.10.12/6.11.1. Affected by this vulnerability is the function security_mmap_file. The manipulation leads to insufficient verification of data authenticity. This vulnerability is known as CVE-2024-47745. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.11.1. Affected is the function inode_owner_or_capable of the component f2fs. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2024-47740. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.53/6.10.12/6.11.1. It has been rated as problematic. This issue affects the function ALIGN of the file drivers/iommu/iommufd/io_pagetable.c of the component iommufd. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2024-47719. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.1. It has been declared as problematic. This vulnerability affects the function remove_proc_entry of the file fs/proc/generic.c. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-47709. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.12/6.11.1. It has been classified as critical. This affects the function convert_ctx_accesses of the component bpf. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-47702. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.53/6.10.12/6.11.1 and classified as critical. Affected by this issue is the function __kvmclock_cpufreq_notifier. The manipulation leads to deadlock. This vulnerability is handled as CVE-2024-47744. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.11.1 and classified as critical. Affected by this vulnerability is the function manage_oob of the component af_unix. The manipulation leads to use after free. This vulnerability is known as CVE-2024-47711. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.112/6.6.53/6.10.12/6.11.1. Affected is the function rt6_uncached_list_flush_dev of the component ipv6. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-47707. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.