7.8
CVE-2024-49865 - drm/xe/vm: move xa_alloc to prevent UAF
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xa_alloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Move the xa_alloc allβ¦
7.8
CVE-2022-48954 - s390/qeth: fix use-after-free in hsci
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix use-after-free in hsci KASAN found that addr was dereferenced after br2dev_event_work was freed. ================================================================== BUG: KASAN: use-after-free in qeth_l2_br2dev_workβ¦
5.5
CVE-2024-49945 - net/ncsi: Disable the ncsi work before freeing the associated structure
In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic.
5.9
CVE-2024-46238 -
Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /admin/add-doctor.php and /admin/edit-doctor.php
5.5
CVE-2024-50026 - scsi: wd33c93: Don't use stale scsi_pointer value
In the Linux kernel, the following vulnerability has been resolved: scsi: wd33c93: Don't use stale scsi_pointer value A regression was introduced with commit dbb2da557a6a ("scsi: wd33c93: Move the SCSI pointer to private command data") which results in an oops in wd33c93_intr(). That commit addedβ¦
5.5
CVE-2024-50025 - scsi: fnic: Move flush_work initialization out of if block
In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flush_work initialization out of if block After commit 379a58caa199 ("scsi: fnic: Move fnic_fnic_flush_tx() to a work queue"), it can happen that a work item is sent to an uninitialized work queue. This may has β¦
5.5
CVE-2024-47680 - f2fs: check discard support for conventional zones
In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_discard_sectors() and bdev_is_zoned(). This β¦
4.4
CVE-2024-50018 - kernel: net: napi: Prevent overflow of napi_defer_hard_irqs
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7.1
CVE-2024-49967 - kernel: ext4: no need to continue when the number of entries is 1
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-50016 - kernel: drm/amd/display: Avoid overflow assignment in link_dp_cts
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.