6.5
CVE-2024-0151 - hw: arm: out-of-range values to code executing in Secure state to cause incorrect operation in Secuβ¦
Insufficient argument checking in Secure state Entry functions in software using Cortex-M Security Extensions (CMSE), that has been compiled using toolchains that implement 'Arm v8-M Security Extensions Requirements on Development Tools' prior to version 1.4, allows an attacker to pass values to Seβ¦
5.9
CVE-2024-26924 - netfilter: nft_set_pipapo: do not free live element
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: add_elem("00000000") timeout 100 ms ... add_elem("0000000X") β¦
5.5
CVE-2024-26926 - binder: check offset alignment in binder_get_object()
In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("binder: avoid potential data leakage when copying txn") introduced changes to how binder objects are copied. In doing so, it unintentionally removed an oβ¦
8.1
CVE-2024-33531 -
cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by crafting a JWT with an enc header with the value A256GCM.
2.9
CVE-2024-4141 - Out-of-bounds array write in Xpdf 4.05 due to incorrect bounds check
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.
7.3
CVE-2024-33601 - nscd: netgroup cache may terminate daemon on memory allocation failure
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was intrβ¦
4.7
CVE-2024-26923 - af_unix: Fix garbage collector racing against connect()
In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM_RIGHTS, two consecβ¦
5.5
CVE-2024-26925 - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The commit mutex should not be released during the critical section between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC worker could collecβ¦
7.4
CVE-2024-33602 - nscd: netgroup cache assumes NSS callback uses in-buffer strings
nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerabiβ¦
5.9
CVE-2024-33600 - nscd: Null pointer crashes after notfound response
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vβ¦