|
313981
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ipv6: avoid use-after-free in ip6_fragment()
Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.
It seems …
|
CWE-416
Use After Free
|
CVE-2022-48956
|
2024-10-25 04:59 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313982
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: thunderbolt: fix memory leak in tbnet_open()
When tb_ring_alloc_rx() failed in tbnet_open(), ida that allocated in
tb_xdomai…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48955
|
2024-10-25 04:58 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313983
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: fix UAF around queue destruction
We currently do stuff like queuing the final destruction step on a
random system wq, whi…
|
CWE-416
Use After Free
|
CVE-2024-49876
|
2024-10-25 04:57 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313984
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
s390/qeth: fix use-after-free in hsci
KASAN found that addr was dereferenced after br2dev_event_work was freed.
================…
|
CWE-416
Use After Free
|
CVE-2022-48954
|
2024-10-25 04:57 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313985
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC
Eric report a panic on IPPROTO_SMC, and give the facts
that when INET_PROTOSW…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50034
|
2024-10-25 04:56 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313986
|
8.6 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affecte…
|
NVD-CWE-noinfo
|
CVE-2024-20464
|
2024-10-25 04:47 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313987
|
8.6 |
HIGH
Network
|
cisco
|
ios_xe
ios_xe_sd-wan
|
A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote a…
|
NVD-CWE-noinfo
|
CVE-2024-20455
|
2024-10-25 04:47 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313988
|
5.8 |
MEDIUM
Network
|
cisco
|
ios
|
A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote att…
|
NVD-CWE-noinfo
|
CVE-2024-20465
|
2024-10-25 04:46 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313989
|
8.8 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack and execute comman…
|
CWE-352
Origin Validation Error
|
CVE-2024-20437
|
2024-10-25 04:45 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313990
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags
[WHAT & HOW]
"dcn20_validate_apply_pipe_split_flags" dere…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49923
|
2024-10-25 04:43 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
