|
111
|
7.0
-
|
HIGH
Local
|
A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.
|
-
|
CVE-2023-6531
|
cpe:2.3:o:redhat:enterprise_linux:9.0:*
|
|
|
|
|
2024-11-21 17:44
2024-01-21
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
112
|
6.6
-
|
MEDIUM
Local
|
A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each itera…
|
NVD-CWE-Other
|
CVE-2024-0607
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:46
2024-01-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
113
|
7.8
-
|
HIGH
Local
|
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiat…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-0409
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 17:46
2024-01-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
114
|
5.5
-
|
MEDIUM
Local
|
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (…
|
NVD-CWE-Other
|
CVE-2024-0408
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 17:46
2024-01-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
115
|
5.5
-
|
MEDIUM
Local
|
A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlo…
|
CWE-667
Improper Locking
|
CVE-2024-0641
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:47
2024-01-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
116
|
5.5
-
|
MEDIUM
Local
|
A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to…
|
CWE-667
Improper Locking
|
CVE-2024-0639
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:47
2024-01-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
117
|
7.8
-
|
HIGH
Local
|
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-0646
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-25 19:44
2024-01-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
118
|
5.5
-
|
MEDIUM
Local
|
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malici…
|
CWE-416
Use After Free
|
CVE-2024-0232
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:46
2024-01-16
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
119
|
7.5
-
|
HIGH
Network
|
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issu…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-0553
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:46
2024-01-16
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
120
|
7.8
-
|
HIGH
Local
|
A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_w…
|
CWE-416
Use After Free
|
CVE-2024-0562
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:46
2024-01-16
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|