7.8
CVE-2022-48954 - s390/qeth: fix use-after-free in hsci
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix use-after-free in hsci KASAN found that addr was dereferenced after br2dev_event_work was freed. ================================================================== BUG: KASAN: use-after-free in qeth_l2_br2dev_workβ¦
5.5
CVE-2024-49945 - net/ncsi: Disable the ncsi work before freeing the associated structure
In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic.
5.9
CVE-2024-46238 -
Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /admin/add-doctor.php and /admin/edit-doctor.php
5.5
CVE-2024-50026 - scsi: wd33c93: Don't use stale scsi_pointer value
In the Linux kernel, the following vulnerability has been resolved: scsi: wd33c93: Don't use stale scsi_pointer value A regression was introduced with commit dbb2da557a6a ("scsi: wd33c93: Move the SCSI pointer to private command data") which results in an oops in wd33c93_intr(). That commit addedβ¦
5.5
CVE-2024-50025 - scsi: fnic: Move flush_work initialization out of if block
In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flush_work initialization out of if block After commit 379a58caa199 ("scsi: fnic: Move fnic_fnic_flush_tx() to a work queue"), it can happen that a work item is sent to an uninitialized work queue. This may has β¦
5.5
CVE-2024-47680 - f2fs: check discard support for conventional zones
In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_discard_sectors() and bdev_is_zoned(). This β¦
5.5
CVE-2024-49877 - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate When doing cleanup, if flags without OCFS2_BH_READAHEAD, it may trigger NULL pointer dereference in the following ocfs2_set_buffer_uptodate() if bh is NULL.
4.4
CVE-2024-50018 - kernel: net: napi: Prevent overflow of napi_defer_hard_irqs
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2022-48974 - netfilter: conntrack: fix using __this_cpu_add in preemptible
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix using __this_cpu_add in preemptible Currently in nf_conntrack_hash_check_insert(), when it fails in nf_ct_ext_valid_pre/post(), NF_CT_STAT_INC() will be called in the preemptible context, a call trace caβ¦
7.1
CVE-2024-49967 - kernel: ext4: no need to continue when the number of entries is 1
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.