cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2024-53054,https://securityvulnerability.io/vulnerability/CVE-2024-53054,Potential Vulnerability in Kernel Products from Vendor,"The CVE-2024-53054 identifier pertains to a vulnerability in kernel products that was ultimately rejected or withdrawn by the CVE Numbering Authority. Given the nature of vulnerabilities in kernel-level code, such issues may pose potential risks to system integrity and stability, but this particular entry does not warrant further action or concern due to its retraction.",Linux,Linux Kernel,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-19T18:15:00.000Z,0 CVE-2023-4134,https://securityvulnerability.io/vulnerability/CVE-2023-4134,Use-After-Free Vulnerability in Linux Kernel's cyttsp4_core Driver Could Lead to Denial of Service,"A use-after-free vulnerability has been identified within the cyttsp4_core driver in the Linux kernel. This vulnerability arises during the device cleanup routine, specifically linked to the potential rearming of the watchdog timer from the workqueue. Exploiting this flaw may allow a local user to trigger a system crash, resulting in a denial of service situation that can significantly affect system performance and availability.",Linux,Linux Kernel,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-14T11:15:00.000Z,0 CVE-2023-52340,https://securityvulnerability.io/vulnerability/CVE-2023-52340,Linux kernel IPv6 implementation vulnerable to denial of service attack via raw sockets,"A vulnerability exists within the IPv6 implementation of the Linux kernel prior to version 6.3, specifically related to the max_size threshold in net/ipv6/route.c. This issue can be exploited to induce a denial of service condition, resulting in persistent unreachable network errors when IPv6 packets are sent in a loop using a raw socket. Proper mitigation efforts are required to prevent potential service disruptions for affected systems.",Linux,Linux Kernel,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-07-05T00:00:00.000Z,0 CVE-2021-34981,https://securityvulnerability.io/vulnerability/CVE-2021-34981,Linux Kernel CMTP Module Double Free Privilege Escalation Vulnerability,A local privilege escalation vulnerability exists in the Bluetooth CMTP module of the Linux Kernel. This security flaw arises from inadequate validation of the existence of an object before performing free operations on it. Attackers with the ability to execute high-privileged code on the compromised system can exploit this vulnerability to escalate their privileges and execute malicious code in the context of the kernel. This flaw emphasizes the need for robust input validation and security practices to mitigate potential exploitation.,Linux,Kernel,7.5,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-05-07T22:54:49.205Z,0 CVE-2024-25741,https://securityvulnerability.io/vulnerability/CVE-2024-25741,Linux Kernel Vulnerability Affects Printer Functionality,"printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact.",Linux,Linux Kernel,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-12T03:15:00.000Z,0 CVE-2023-52429,https://securityvulnerability.io/vulnerability/CVE-2023-52429,Kernel Vulnerability in dm_table_create Could Lead to Memory Corruption and Crash,"dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.",Linux,Linux Kernel,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-12T03:15:00.000Z,0 CVE-2024-25740,https://securityvulnerability.io/vulnerability/CVE-2024-25740,Memory Leak Flaw Discovered in Linux Kernel's UBI Driver,"A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.",Linux,Linux Kernel,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-12T03:15:00.000Z,0 CVE-2024-25739,https://securityvulnerability.io/vulnerability/CVE-2024-25739,Zero-Byte Allocation Vulnerability in Linux Kernel Could Lead to Crash,"create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.",Linux,Linux Kernel,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-12T03:15:00.000Z,0 CVE-2024-25744,https://securityvulnerability.io/vulnerability/CVE-2024-25744,Untrusted VMM can trigger int80 syscall handling in Linux kernel before 6.6.7,"The identified vulnerability in the Linux kernel allows an untrusted Virtual Machine Monitor (VMM) to invoke int80 syscall handling at any moment, potentially leading to security breaches and exploitation of the affected system. The issue is related to specific components within the kernel, particularly in files arch/x86/coco/tdx/tdx.c and arch/x86/mm/mem_encrypt_amd.c, and affects versions prior to 6.6.7.",Linux,Linux Kernel,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-12T00:00:00.000Z,0 CVE-2024-24864,https://securityvulnerability.io/vulnerability/CVE-2024-24864,"Race Condition in Linux Kernel's media/dvb-core Could Lead to Null Pointer Dereference, Kernel Panic or Denial of Service","A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. ",Linux,Linux kernel,4.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-05T07:36:04.281Z,0 CVE-2024-24857,https://securityvulnerability.io/vulnerability/CVE-2024-24857,Integrity Overflow Issue in Linux Kernel's Net/Bluetooth Device Driver Could Lead to Bluetooth Connection Abnormality or Denial of Service,"A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service. ",Linux,Linux kernel,6.8,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-02-05T07:31:31.308Z,0 CVE-2024-24858,https://securityvulnerability.io/vulnerability/CVE-2024-24858,Race Condition in Linux Kernel's net/bluetooth Could Lead to Denial of Service,"A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service. ",Linux,Linux kernel,5.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-02-05T07:30:55.483Z,0 CVE-2024-24859,https://securityvulnerability.io/vulnerability/CVE-2024-24859,Race Condition in Linux Kernel's Net/Bluetooth Could Lead to Denial of Service,"A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service. ",Linux,Linux kernel,4.8,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-02-05T07:28:06.115Z,0 CVE-2024-24860,https://securityvulnerability.io/vulnerability/CVE-2024-24860,Race Condition in Linux Kernel's Bluetooth Device Driver Could Lead to Kernel Panic or Denial of Service,"A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. ",Linux,Linux kernel,5.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-02-05T07:27:31.042Z,0 CVE-2024-24861,https://securityvulnerability.io/vulnerability/CVE-2024-24861,Race Condition in Linux Kernel's media/xc4000 Device Driver Could Lead to Return Value Overflow and Malfunction/Denial of Service,"A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue. ",Linux,Linux kernel,6.3,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-05T07:26:43.824Z,0 CVE-2024-24855,https://securityvulnerability.io/vulnerability/CVE-2024-24855,Race Condition in Linux Kernel's SCSI Device Driver Could Lead to Kernel Panic or Denial of Service,"A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. ",Linux,Linux kernel,4.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-05T07:25:41.568Z,0 CVE-2024-23196,https://securityvulnerability.io/vulnerability/CVE-2024-23196,Race Condition in Linux Kernel's Sound/HDA Device Driver Could Lead to Null Pointer Dereference or Kernel Panic,"A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. ",Linux,Linux kernel,4.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-05T07:22:39.907Z,0 CVE-2024-22386,https://securityvulnerability.io/vulnerability/CVE-2024-22386,"Race Condition in Linux Kernel's drm/exynos Device Driver Could Lead to Null Pointer Dereference, Kernel Panic or Denial of Service","A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. ",Linux,Linux Kernel,5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-05T07:21:20.819Z,0 CVE-2024-1086,https://securityvulnerability.io/vulnerability/CVE-2024-1086,Linux kernel netfilter use-after-free vulnerability can lead to local privilege escalation,"A use-after-free vulnerability exists in the nf_tables component of the Linux kernel, specifically within the nft_verdict_init() function. This vulnerability can be exploited when a drop error is incorrectly handled, resulting in a potential double free situation during packet verdict processing. An attacker leveraging this vulnerability could escalate privileges within the affected system, highlighting the need for prompt remediation by upgrading to commits beyond the referenced patch.",Linux,Kernel,7.8,HIGH,0.003590000094845891,true,2024-05-30T00:00:00.000Z,true,false,true,2024-03-21T06:16:41.000Z,true,true,true,2024-03-27T23:52:03.733Z,2024-01-31T12:14:34.073Z,13655 CVE-2024-1085,https://securityvulnerability.io/vulnerability/CVE-2024-1085,Use-after-free in Linux kernel's netfilter: nf_tables component,"The vulnerability resides in the nf_tables component of the Linux kernel's netfilter subsystem, specifically linked to the nft_setelem_catchall_deactivate() function. This flaw occurs due to inadequate handling of the active state of catch-all set elements across different generations, allowing an attacker to exploit the fault through a double free scenario. Consequently, this poses a significant security risk as it could potentially allow local privilege escalation, enabling an attacker to gain elevated permissions within the system. To address this vulnerability, it is critical to apply the official patch provided beyond commit b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7.",Linux,Kernel,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-31T12:14:32.429Z,0 CVE-2024-21803,https://securityvulnerability.io/vulnerability/CVE-2024-21803,Possible UAF in bt_accept_poll in Linux kernel,"A Use After Free vulnerability resides within the Bluetooth modules of the Linux kernel, impacting both x86 and ARM architectures. This vulnerability permits an attacker to execute arbitrary code locally. The flaw exists in the handling of memory resources within the Bluetooth framework, specifically within the code found in the file related to Bluetooth address families. Affected versions range from v2.6.12-rc2 through to versions prior to v6.8-rc1, underscoring the necessity for users to remain vigilant and apply necessary updates or mitigations to protect their systems.",Linux,Linux kernel,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-30T07:15:33.276Z,0 CVE-2024-22099,https://securityvulnerability.io/vulnerability/CVE-2024-22099,NULL pointer deference in rfcomm_check_security in Linux kernel,"NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2. ",Linux,Linux Kernel,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-25T07:02:59.928Z,0 CVE-2024-23307,https://securityvulnerability.io/vulnerability/CVE-2024-23307,Integer overflow in raid5_cache_count in Linux kernel,"The vulnerability identified in the Linux kernel is categorized as an integer overflow or wraparound issue, specifically affecting the system's functionality in handling various operations. This flaw occurs in the md, raid, and raid5 modules, leading to forced integer overflow scenarios on systems operating with the Linux kernel on both x86 and ARM architectures. Exploitation of this vulnerability can lead to undesirable behavior in the affected systems, potentially compromising the integrity and reliability of the operations performed. System administrators and users are advised to review the security implications and apply necessary mitigations.",Linux,Linux kernel,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-25T06:59:37.190Z,0 CVE-2024-23850,https://securityvulnerability.io/vulnerability/CVE-2024-23850,Assertion Failure in Linux Kernel Affects Subvolume Creation,"A vulnerability in the Linux kernel's btrfs file system can lead to an assertion failure during disk operations. Specifically, when a subvolume is created, it may be read before its root item is fully established. This premature access can result in a system crash, posing risks to data integrity and availability. The issue affects all Linux kernel versions through 6.7.1, highlighting the need for timely updates and patches to mitigate the potential consequences.",Linux,Linux Kernel,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-23T00:00:00.000Z,0 CVE-2024-22705,https://securityvulnerability.io/vulnerability/CVE-2024-22705,Out-of-Bounds Access Vulnerability in Linux Kernel ksmbd Affecting Various Distributions,"A vulnerability in the ksmbd component of the Linux kernel, found in versions prior to 6.6.10, results in out-of-bounds access during the processing of SMB2 messages. Specifically, the handling of Name data and CreateContexts can lead to errors in memory allocation, potentially allowing malicious actors to exploit these weaknesses. The function smb2_get_data_area_len located in fs/smb/server/smb2misc.c is directly impacted, presenting risks to user data integrity and system stability. It is essential for system administrators and developers to be aware of this vulnerability and apply the necessary updates to safeguard against potential threats.",Linux,Linux Kernel,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-23T00:00:00.000Z,0