Aggregator

A vulnerability classified as problematic was found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. Affected by this vulnerability is the function get_page of the component Page Refcount Handler. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-53138. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.61/6.11.7. It has been declared as problematic. Affected by this vulnerability is the function folio_undo_large_rmappable of the component THP. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2024-53079. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.6.61/6.11.8. Affected is the function tcp_write_timer_handler of the component SMB Client. The manipulation leads to improper update of reference count. This vulnerability is traded as CVE-2024-53095. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. It has been rated as problematic. This issue affects the function fs_core in the library lib/refcount.c. The manipulation leads to race condition. The identification of this vulnerability is CVE-2024-53121. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. It has been classified as problematic. Affected is the function vdpa_mgmtdev_get_classes. The manipulation leads to allocation of resources. This vulnerability is traded as CVE-2024-53110. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.60/6.11.7 and classified as critical. This vulnerability affects the function net_device_ops::ndo_set_vf_mac. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-50298. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.6. It has been declared as critical. This vulnerability affects the function mtk_crtc_destroy of the component mediatek. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-53056. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.59/6.11.6. It has been rated as critical. Affected by this issue is the function mi_enum_attr of the component ntfs3. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2024-50248. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Sophos Web Appliance 3.7.8.1. Affected is an unknown function of the file rss.php. The manipulation of the argument xss with the input %3Cscript%3Ealert%28String.fromCharCode%28120,%20115,%20115%29%29%3C/script%3E leads to cross site scripting. This vulnerability is traded as CVE-2013-2643. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.11.6. This vulnerability affects the function btrfs_bbio_propagate_error. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-50225. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.11.2. Affected is the function cursor_width of the component AMD Display. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-50177. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.58/6.11.5 and classified as problematic. Affected by this vulnerability is the function mac_probe of the component fman. The manipulation leads to improper update of reference count. This vulnerability is known as CVE-2024-50166. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.58/6.11.5 and classified as problematic. Affected by this issue is the function read_skb of the file net/vmw_vsock/virtio_transport_common.c. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-50169. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.114/6.6.58/6.11.5. This affects the function __octep_oq_process_rx. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-50145. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.114/6.6.58/6.11.5. It has been rated as critical. This issue affects the function iso_sock_timeout of the component Bluetooth. The manipulation leads to use after free. The identification of this vulnerability is CVE-2024-50124. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.