4.3
CVE-2024-40090 -
Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Information Disclosure. An information leak in the Boa webserver allows remote, unauthenticated attackers to leak memory addresses of uClibc and the stack via sending a GET request to the index page.
5.5
CVE-2024-47746 - fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set
In the Linux kernel, the following vulnerability has been resolved: fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set This may be a typo. The comment has said shared locks are not allowed when this bit is set. If using shared lock, the wait in `fuse_file_cached_io_open` may be forever.
5.5
CVE-2024-47732 - crypto: iaa - Fix potential use after free bug
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug The free_device_compression_mode(iaa_device, device_mode) function frees "device_mode" but it iss passed to iaa_compression_modes[i]->free() a few lines later resulting in a use afteβ¦
5.5
CVE-2024-47705 - block: fix potential invalid pointer dereference in blk_add_partition
In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blk_add_partition The blk_add_partition() function initially used a single if-condition (IS_ERR(part)) to check for errors when adding a partition. This was modified to handle tβ¦
0.0
CVE-2022-48993 - kernel: fbcon: Use kzalloc() in fbcon_prepare_logo()
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-49879 - drm: omapdrm: Add missing check for alloc_ordered_workqueue
In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for alloc_ordered_workqueue As it may return NULL pointer and cause NULL pointer dereference. Add check for the return value of alloc_ordered_workqueue.
5.5
CVE-2024-50019 - kthread: unpark only parked kthread
In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASK_PARKED state. Howevβ¦
5.5
CVE-2024-47702 - bpf: Fail verification for sign-extension of packet data/data_end/data_meta
In the Linux kernel, the following vulnerability has been resolved: bpf: Fail verification for sign-extension of packet data/data_end/data_meta syzbot reported a kernel crash due to commit 1f1e864b6555 ("bpf: Handle sign-extenstin ctx member accesses"). The reason is due to sign-extension of 32β¦
7.8
CVE-2022-48980 - net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing()
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() The SJA1105 family has 45 L2 policing table entries (SJA1105_MAX_L2_POLICING_COUNT) and SJA1110 has 110 (SJA1110_MAX_L2_POLICING_COUNT). Keeping the tablβ¦
5.5
CVE-2024-50031 - drm/v3d: Stop the active perfmon before being destroyed
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running `kmscube` with one or more performance monitors enabled via `GALLIUM_HUD`, the following kernel panic can occur: [ 55.008324] Unable to handle kernel paging β¦