CVE-2024-35884
- EPSS 0.67%
- Veröffentlicht 19.05.2024 09:15:09
- Zuletzt bearbeitet 12.05.2026 12:16:38
In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx-udp-gro-forwarding is enabled UDP packets might be GROed when being forwarded. If such packets might land in a tu...
CVE-2024-35886
- EPSS 0.28%
- Veröffentlicht 19.05.2024 09:15:09
- Zuletzt bearbeitet 12.05.2026 12:16:38
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6_dump_done(). syzkaller reported infinite recursive calls of fib6_dump_done() during netlink socket destruction. [1] From the log, syzkaller s...
CVE-2024-35888
- EPSS 0.25%
- Veröffentlicht 19.05.2024 09:15:09
- Zuletzt bearbeitet 12.05.2026 12:16:38
In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb->head syzbot reported a problem in ip6erspan_rcv() [1] Issue is that ip6erspan_rcv() (and erspan_rcv()) no longer make sure ers...
CVE-2024-35866
- EPSS 0.24%
- Veröffentlicht 19.05.2024 09:15:08
- Zuletzt bearbeitet 21.04.2026 19:07:47
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
CVE-2024-35867
- EPSS 0.27%
- Veröffentlicht 19.05.2024 09:15:08
- Zuletzt bearbeitet 23.12.2025 15:03:47
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
CVE-2024-35871
- EPSS 0.26%
- Veröffentlicht 19.05.2024 09:15:08
- Zuletzt bearbeitet 22.01.2026 20:21:18
In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs->gp is never used since...
CVE-2024-35877
- EPSS 0.25%
- Veröffentlicht 19.05.2024 09:15:08
- Zuletzt bearbeitet 12.05.2026 12:16:38
In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VM_PAT handling in COW mappings PAT handling won't do the right thing in COW mappings: the first PTE (or, in fact, all PTEs) can be replaced during write faults to ...
CVE-2024-35853
- EPSS 0.73%
- Veröffentlicht 17.05.2024 15:15:22
- Zuletzt bearbeitet 07.04.2025 19:03:01
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filt...
CVE-2024-35854
- EPSS 0.94%
- Veröffentlicht 17.05.2024 15:15:22
- Zuletzt bearbeitet 07.04.2025 19:00:03
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits...
CVE-2024-35845
- EPSS 1.17%
- Veröffentlicht 17.05.2024 15:15:21
- Zuletzt bearbeitet 12.05.2026 12:16:37
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is used as a string, so we must ensure the string is terminated correctly before using it.