B&R VC4 Security Vulnerabilities
In the Linux kernel, the following vulnerability has been resolved: mm: turn folio_test_hugetlb into a PageType The current folio_test_hugetlb() can be fooled by a concurrent folio split into returning true for a folio which has never belonged to hugetlbfs. This can't happen if the caller holds a.....
6.4AI Score
0.0004EPSS
Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6777-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6777-2 advisory. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading...
7.8CVSS
7.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix the pre-flush when appending to a file in writethrough mode In netfs_perform_write(), when the file is marked NETFS_ICTX_WRITETHROUGH or O_SYNC or RWF_SYNC was specified, write-through caching is performed on a buffered....
6.4AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (AWS) vulnerabilities (USN-6766-3)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6766-3 advisory. It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations...
7.8CVSS
6.8AI Score
EPSS
🚀 CVE-2024-29269 Exploit This repository contains an exploit...
8.3AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] refcount_t:...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] refcount_t: underf...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] refcount_t: underf...
6.4AI Score
0.0004EPSS
CVE-2024-35932 drm/vc4: don't check if plane->state->fb == state->fb
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] refcount_t: underf...
6.3AI Score
0.0004EPSS
CVE-2024-35932 drm/vc4: don't check if plane->state->fb == state->fb
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] refcount_t: underf...
6.7AI Score
0.0004EPSS
Linux-Smart-Enumeration - Linux Enumeration Tool For Pentesting And CTFs With Verbosity Levels
First, a couple of useful oneliners ;) wget "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -O lse.sh;chmod 700 lse.sh curl "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -Lo lse.sh;chmod 700 lse.sh Note...
7.7AI Score
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] refcount_t: underf...
6.4AI Score
0.0004EPSS
9.8CVSS
7.7AI Score
0.106EPSS
In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: platform_get_resource replaced by wrong function The function platform_get_resource was replaced with devm_platform_ioremap_resource_byname and is called using 0 as name. This eventually ends up in...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: platform_get_resource replaced by wrong function The function platform_get_resource was replaced with devm_platform_ioremap_resource_byname and is called using 0 as name. This eventually ends up in...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: platform_get_resource replaced by wrong function The function platform_get_resource was replaced with devm_platform_ioremap_resource_byname and is called using 0 as name. This eventually ends up in...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: platform_get_resource replaced by wrong function The function platform_get_resource was replaced with devm_platform_ioremap_resource_byname and is called using 0 as name. This eventually ends up in...
7.5AI Score
0.0004EPSS
Security Bulletin: Vulnerabilities in Node.js and packages affect IBM Voice Gateway
Summary Security Vulnerabilities in Node.js and packages affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details ** CVEID: CVE-2024-31206 DESCRIPTION: **Node.js dectalk-tts module could allow a remote attacker to obtain sensitive information, caused by the use of...
8.2CVSS
8AI Score
0.0004EPSS
CVE-2024-35796 net: ll_temac: platform_get_resource replaced by wrong function
In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: platform_get_resource replaced by wrong function The function platform_get_resource was replaced with devm_platform_ioremap_resource_byname and is called using 0 as name. This eventually ends up in...
7.5AI Score
0.0004EPSS
CVE-2024-35796 net: ll_temac: platform_get_resource replaced by wrong function
In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: platform_get_resource replaced by wrong function The function platform_get_resource was replaced with devm_platform_ioremap_resource_byname and is called using 0 as name. This eventually ends up in...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: platform_get_resource replaced by wrong function The function platform_get_resource was replaced with devm_platform_ioremap_resource_byname and is called using 0 as name. This eventually ends up in...
6.7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for linux-firmware (EulerOS-SA-2024-1692)
The remote host is missing an update for the Huawei...
8.2CVSS
6.7AI Score
0.0005EPSS
EulerOS Virtualization 3.0.6.0 : linux-firmware (EulerOS-SA-2024-1692)
According to the versions of the linux-firmware packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged...
8.2CVSS
8AI Score
0.0005EPSS
EulerOS Virtualization 3.0.6.0 : kernel (EulerOS-SA-2024-1685)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can...
9.8CVSS
8.3AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1685)
The remote host is missing an update for the Huawei...
9.8CVSS
8AI Score
0.001EPSS
EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2024-1672)
According to the versions of the kernel package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and...
9.8CVSS
8.5AI Score
0.003EPSS
EulerOS Virtualization 3.0.6.6 : mdadm (EulerOS-SA-2024-1659)
According to the versions of the mdadm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially...
6.7CVSS
8AI Score
0.0004EPSS
Improper input validation in PfrSmiUpdateFw driver in UEFI firmware for some Intel(R) Server M50FCP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.7AI Score
0.0004EPSS
Improper buffer restrictions in PlatformPfrDxe driver in UEFI firmware for some Intel(R) Server D50FCP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.2AI Score
0.0004EPSS
Improper input validation in firmware for some Intel(R) FPGA products before version 2.9.1 may allow denial of...
4.4CVSS
7AI Score
0.0004EPSS
Improper input validation in some Intel(R) Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote...
10CVSS
9.8AI Score
0.0004EPSS
Improper input validation in PfrSmiUpdateFw driver in UEFI firmware for some Intel(R) Server M50FCP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.1AI Score
0.0004EPSS
Improper input validation in firmware for some Intel(R) FPGA products before version 2.9.1 may allow denial of...
4.4CVSS
4.8AI Score
0.0004EPSS
Improper input validation in UserAuthenticationSmm driver in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.7AI Score
0.0004EPSS
Improper buffer restrictions in PlatformPfrDxe driver in UEFI firmware for some Intel(R) Server D50FCP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.7AI Score
0.0004EPSS
Improper input validation in some Intel(R) Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote...
10CVSS
7.5AI Score
0.0004EPSS
Improper input validation in UserAuthenticationSmm driver in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.1AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) Inspector software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
6.7AI Score
0.0004EPSS
Improper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.1AI Score
0.0004EPSS
Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2022.0.0 published Nov 2023 may allow an authenticated user to potentially enable information disclosure via local...
2.8CVSS
3.5AI Score
0.0004EPSS
Improper input validation for some Intel(R) DLB driver software before version 8.5.0 may allow an authenticated user to potentially denial of service via local...
6.5CVSS
6.3AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) Inspector software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
7AI Score
0.0004EPSS
Improper input validation for some Intel(R) DLB driver software before version 8.5.0 may allow an authenticated user to potentially denial of service via local...
6.5CVSS
6.5AI Score
0.0004EPSS
Improper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.7AI Score
0.0004EPSS
Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2022.0.0 published Nov 2023 may allow an authenticated user to potentially enable information disclosure via local...
2.8CVSS
6AI Score
0.0004EPSS
Improper input validation in PlatformVariableInitDxe driver in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local...
7.2CVSS
7.1AI Score
0.0004EPSS
Improper input validation in PlatformVariableInitDxe driver in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local...
7.2CVSS
7.1AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) Quartus(R) Prime Standard Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
6.7AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
7AI Score
0.0004EPSS
Uncontrolled search path for some Intel(R) Computing Improvement Program software before version 2.4.0.10654 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
7.1AI Score
0.0004EPSS