CVE-2024-51562
- EPSS 0.4%
- Veröffentlicht 12.11.2024 15:15:10
- Zuletzt bearbeitet 15.04.2026 00:35:42
The NVMe driver function nvme_opc_get_log_page is vulnerable to a buffer over-read from a guest-controlled value.
CVE-2024-51563
- EPSS 0.31%
- Veröffentlicht 12.11.2024 15:15:10
- Zuletzt bearbeitet 15.04.2026 00:35:42
The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race condition.
CVE-2024-51564
- EPSS 0.44%
- Veröffentlicht 12.11.2024 15:15:10
- Zuletzt bearbeitet 15.04.2026 00:35:42
A guest can trigger an infinite loop in the hda audio driver.
CVE-2024-32668
- EPSS 0.21%
- Veröffentlicht 05.09.2024 05:15:13
- Zuletzt bearbeitet 21.11.2024 09:15:25
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution ...
CVE-2024-42416
- EPSS 0.4%
- Veröffentlicht 05.09.2024 05:15:13
- Zuletzt bearbeitet 04.11.2025 17:16:04
The ctl_report_supported_opcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel help memory. Malicious software running in a guest VM that exposes virtio_scsi can explo...
- EPSS 0.68%
- Veröffentlicht 05.09.2024 05:15:13
- Zuletzt bearbeitet 21.11.2024 09:35:00
Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub-request of UMTX_OP_SHM can lead to decreasing the reference count of the object representing the mapping too many times, causing it to be freed too earl...
CVE-2024-43110
- EPSS 0.4%
- Veröffentlicht 05.09.2024 05:15:13
- Zuletzt bearbeitet 04.11.2025 17:16:05
The ctl_request_sense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve users...
CVE-2024-45063
- EPSS 0.52%
- Veröffentlicht 05.09.2024 05:15:13
- Zuletzt bearbeitet 04.11.2025 17:16:14
The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code exec...
CVE-2024-8178
- EPSS 0.6%
- Veröffentlicht 05.09.2024 05:15:13
- Zuletzt bearbeitet 04.11.2025 17:16:16
The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on ...
CVE-2024-45287
- EPSS 0.51%
- Veröffentlicht 05.09.2024 04:15:07
- Zuletzt bearbeitet 21.11.2024 09:37:36
A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data.