CVE-2024-35839
- EPSS 0.22%
- Veröffentlicht 17.05.2024 15:15:21
- Zuletzt bearbeitet 24.09.2025 21:02:31
In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nf_bridge_info An skb can be added to a neigh->arp_queue while waiting for an arp reply. Where original skb's skb->dev can be ...
CVE-2024-35840
- EPSS 0.22%
- Veröffentlicht 17.05.2024 15:15:21
- Zuletzt bearbeitet 24.09.2025 21:00:50
In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac, none) that may contain garbage unless OPTION_MPTCP...
CVE-2024-35841
- EPSS 0.22%
- Veröffentlicht 17.05.2024 15:15:21
- Zuletzt bearbeitet 26.09.2025 16:05:30
In the Linux kernel, the following vulnerability has been resolved: net: tls, fix WARNIING in __sk_msg_free A splice with MSG_SPLICE_PAGES will cause tls code to use the tls_sw_sendmsg_splice path in the TLS sendmsg code to move the user provided p...
CVE-2024-35842
- EPSS 0.22%
- Veröffentlicht 17.05.2024 15:15:21
- Zuletzt bearbeitet 19.09.2025 18:47:48
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normal_link string It's not granted that all entries of struct sof_conn_stream declare a `normal_link` (a non-SOF, direct link) strin...
CVE-2024-35843
- EPSS 0.22%
- Veröffentlicht 17.05.2024 15:15:21
- Zuletzt bearbeitet 07.04.2025 19:05:09
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in iopf reporting path The existing I/O page fault handler currently locates the PCI device by calling pci_get_domain_bus_and_slot(). This function se...
CVE-2024-35844
- EPSS 0.24%
- Veröffentlicht 17.05.2024 15:15:21
- Zuletzt bearbeitet 26.09.2025 16:04:43
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix reserve_cblocks counting error when out of space When a file only needs one direct_node, performing the following operations will cause the file to be unrepaira...
CVE-2024-35845
- EPSS 1.17%
- Veröffentlicht 17.05.2024 15:15:21
- Zuletzt bearbeitet 12.05.2026 12:16:37
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is used as a string, so we must ensure the string is terminated correctly before using it.
CVE-2024-35848
- EPSS 0.19%
- Veröffentlicht 17.05.2024 15:15:21
- Zuletzt bearbeitet 23.12.2025 19:33:51
In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read will fail, and the device will be torn down. If ano...
CVE-2023-52692
- EPSS 0.23%
- Veröffentlicht 17.05.2024 15:15:20
- Zuletzt bearbeitet 25.09.2025 16:29:51
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() scarlett2_usb_set_config() calls scarlett2_usb_get() but was not checking the result. Return the error if it ...
CVE-2023-52693
- EPSS 0.26%
- Veröffentlicht 17.05.2024 15:15:20
- Zuletzt bearbeitet 17.12.2025 03:43:35
In the Linux kernel, the following vulnerability has been resolved: ACPI: video: check for error while searching for backlight device parent If acpi_get_parent() called in acpi_video_dev_register_backlight() fails, for example, because acpi_ut_acqu...