CVE-2024-49863
- EPSS 0.29%
- Veröffentlicht 21.10.2024 18:15:06
- Zuletzt bearbeitet 03.11.2025 23:16:26
In the Linux kernel, the following vulnerability has been resolved: vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() Since commit 3f8ca2e115e5 ("vhost/scsi: Extract common handling code from control queue handler") a null pointer dereferenc...
CVE-2024-49867
- EPSS 0.29%
- Veröffentlicht 21.10.2024 18:15:06
- Zuletzt bearbeitet 05.01.2026 11:17:19
In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at close_ctree(), we have the following steps in this order: 1) Park the cleaner kthrea...
CVE-2024-49868
- EPSS 0.29%
- Veröffentlicht 21.10.2024 18:15:06
- Zuletzt bearbeitet 03.11.2025 23:16:27
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion [BUG] Syzbot reported a NULL pointer dereference with the following crash: FAULT_INJECTION: forcing ...
CVE-2024-49858
- EPSS 0.21%
- Veröffentlicht 21.10.2024 13:15:06
- Zuletzt bearbeitet 03.11.2025 23:16:26
In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog() boot serv...
CVE-2024-49859
- EPSS 0.16%
- Veröffentlicht 21.10.2024 13:15:06
- Zuletzt bearbeitet 03.11.2025 23:16:26
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check atomic_file in f2fs ioctl interfaces Some f2fs ioctl interfaces like f2fs_ioc_set_pin_file(), f2fs_move_file_range(), and f2fs_defragment_range() missed to check...
CVE-2024-49860
- EPSS 0.25%
- Veröffentlicht 21.10.2024 13:15:06
- Zuletzt bearbeitet 03.11.2025 23:16:26
In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method Only buffer objects are valid return values of _STR. If something else is returned description_show() will access invalid memory.
CVE-2024-47757
- EPSS 0.24%
- Veröffentlicht 21.10.2024 13:15:05
- Zuletzt bearbeitet 03.11.2025 23:16:22
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential oob read in nilfs_btree_check_delete() The function nilfs_btree_check_delete(), which checks whether degeneration to direct mapping occurs before deleting a b...
CVE-2024-47742
- EPSS 0.29%
- Veröffentlicht 21.10.2024 13:15:04
- Zuletzt bearbeitet 12.05.2026 19:07:08
In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex...
CVE-2024-47745
- EPSS 0.29%
- Veröffentlicht 21.10.2024 13:15:04
- Zuletzt bearbeitet 12.05.2026 19:07:20
In the Linux kernel, the following vulnerability has been resolved: mm: call the security_mmap_file() LSM hook in remap_file_pages() The remap_file_pages syscall handler calls do_mmap() directly, which doesn't contain the LSM security check. And if...
CVE-2024-47749
- EPSS 0.23%
- Veröffentlicht 21.10.2024 13:15:04
- Zuletzt bearbeitet 03.11.2025 23:16:22
In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: Added NULL check for lookup_atid The lookup_atid() function can return NULL if the ATID is invalid or does not exist in the identifier table, which could lead to derefe...