|
41
|
7.1
-
|
HIGH
Local
|
In the Linux kernel, the following vulnerability has been resolved:
tunnels: fix out of bounds access when building IPv6 PMTU error
If the ICMPv6 error is built from a non-linear skb we get the fol…
|
-
|
CVE-2024-26665
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2025-03-4 02:33
2024-04-2
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
42
|
7.8
-
|
HIGH
Local
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: scomp - fix req->dst buffer overflow
The req->dst buffer size should be checked before copying from the
scomp_scratch->ds…
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-52612
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2025-02-27 12:20
2024-03-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
43
|
5.5
-
|
MEDIUM
Local
|
In the Linux kernel, the following vulnerability has been resolved:
tcp: add sanity checks to rx zerocopy
TCP rx zerocopy intent is to map pages initially allocated
from NIC drivers, not pages owne…
|
NVD-CWE-noinfo
|
CVE-2024-26640
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2025-03-11 01:58
2024-03-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
44
|
5.5
-
|
MEDIUM
Local
|
In the Linux kernel, the following vulnerability has been resolved:
llc: Drop support for ETH_P_TR_802_2.
syzbot reported an uninit-value bug below. [0]
llc supports ETH_P_802_2 (0x0004) and used …
|
CWE-909
Missing Initialization of Resource
|
CVE-2024-26635
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2025-03-11 01:58
2024-03-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
45
|
5.5
-
|
MEDIUM
Local
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
When the mpi_ec_ctx structure is initialized, some fields are not
…
|
NVD-CWE-noinfo
|
CVE-2023-52616
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2025-03-11 00:41
2024-03-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
46
|
5.5
-
|
MEDIUM
Local
|
In the Linux kernel, the following vulnerability has been resolved:
ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
syzbot found __ip6_tnl_rcv() could access unitiliazed data [1].
Ca…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-26641
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2025-03-11 01:58
2024-03-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
47
|
4.7
-
|
MEDIUM
Local
|
In the Linux kernel, the following vulnerability has been resolved:
binder: fix race between mmput() and do_exit()
Task A calls binder_update_page_range() to allocate and insert pages on
a remote a…
|
CWE-362
Race Condition
|
CVE-2023-52609
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2025-03-11 00:10
2024-03-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
48
|
5.5
-
|
MEDIUM
Local
|
In the Linux kernel, the following vulnerability has been resolved:
llc: make llc_ui_sendmsg() more robust against bonding changes
syzbot was able to trick llc_ui_sendmsg(), allocating an skb with …
|
NVD-CWE-noinfo
|
CVE-2024-26636
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2025-03-11 01:58
2024-03-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
49
|
7.5
-
|
HIGH
Network
|
A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code …
|
CWE-787
Out-of-bounds Write
|
CVE-2023-52159
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2025-02-27 12:34
2024-03-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
50
|
7.8
-
|
HIGH
Local
|
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache
There is a potential UAF scenario in the case of an LPI transl…
|
CWE-416
Use After Free
|
CVE-2024-26598
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 18:02
2024-02-24
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|