CVE-2024-26586
- EPSS 0.25%
- Veröffentlicht 22.02.2024 17:15:08
- Zuletzt bearbeitet 21.11.2024 09:02:35
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group con...
CVE-2024-26583
- EPSS 0.18%
- Veröffentlicht 21.02.2024 15:15:09
- Zuletzt bearbeitet 04.11.2025 19:17:01
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any co...
CVE-2024-26584
- EPSS 0.25%
- Veröffentlicht 21.02.2024 15:15:09
- Zuletzt bearbeitet 04.11.2025 19:17:01
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return ...
CVE-2024-26585
- EPSS 0.19%
- Veröffentlicht 21.02.2024 15:15:09
- Zuletzt bearbeitet 04.11.2025 19:17:01
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls c...
CVE-2023-52436
- EPSS 0.3%
- Veröffentlicht 20.02.2024 21:15:08
- Zuletzt bearbeitet 21.11.2024 08:39:45
In the Linux kernel, the following vulnerability has been resolved: f2fs: explicitly null-terminate the xattr list When setting an xattr, explicitly null-terminate the xattr list. This eliminates the fragile assumption that the unused xattr space ...
CVE-2023-52438
- EPSS 0.3%
- Veröffentlicht 20.02.2024 21:15:08
- Zuletzt bearbeitet 21.11.2024 08:39:45
In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the shrinker's callback, which means that using alloc->vma pointer isn't safe as it can race with...
CVE-2023-52439
- EPSS 0.3%
- Veröffentlicht 20.02.2024 21:15:08
- Zuletzt bearbeitet 27.12.2024 16:15:23
In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2 ------------------------------------------------------- uio_unregister_device uio_open idev = idr_find() device_unregister...
CVE-2023-52435
- EPSS 0.23%
- Veröffentlicht 20.02.2024 20:15:08
- Zuletzt bearbeitet 21.11.2024 08:39:45
In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able to crash the kernel in skb_segment() [1] GSO_BY_FRAGS is a forbidden value, but unfortunately the following co...
- EPSS 0.56%
- Veröffentlicht 20.02.2024 18:15:50
- Zuletzt bearbeitet 17.01.2025 20:15:27
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). This fixes following oops when...
CVE-2024-26581
- EPSS 2.22%
- Veröffentlicht 20.02.2024 13:15:09
- Zuletzt bearbeitet 01.10.2025 19:15:33
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end ...