Vuldb Updates

A vulnerability was found in Palo Alto Networks Cloud NGFW, PAN-OS and Prisma Access. It has been classified as critical. Affected is an unknown function of the component GlobalProtect Service. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-2550. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Palo Alto Networks Cloud NGFW, PAN-OS and Prisma Access. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Packet Handler. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-2551. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Palo Alto Networks Cloud NGFW, PAN-OS and Prisma Access. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to path traversal. This vulnerability is handled as CVE-2024-2552. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Google Android 12/13/14/15. This issue affects the function shouldHideDocument of the file ExternalStorageProvider.java. The manipulation leads to Local Privilege Escalation. The identification of this vulnerability is CVE-2024-43093. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.11.1. This issue affects the function seq_nr of the component padata. The manipulation leads to integer overflow. The identification of this vulnerability is CVE-2024-47739. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.1.112/6.6.53/6.10.12/6.11.1. This vulnerability affects unknown code of the component mac80211. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-47738. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.112/6.6.53/6.10.12/6.11.1 and classified as problematic. Affected by this issue is the function handle_mmio. The manipulation leads to improper check for unusual conditions. This vulnerability is handled as CVE-2024-47727. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.112/6.6.53/6.10.12/6.11.1. It has been classified as problematic. Affected is an unknown function of the component hisilicon. The manipulation leads to injection. This vulnerability is traded as CVE-2024-47730. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.1. It has been declared as problematic. This vulnerability affects the function sock_hash_free of the component sock_map. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-47710. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.15.167/6.1.112/6.6.53/6.10.12/6.11.1. Affected is the function dcn30_set_output_transfer_func of the component AMD Display. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-47720. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.112/6.6.53/6.10.12/6.11.1. Affected is the function rt6_uncached_list_flush_dev of the component ipv6. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-47707. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.54/6.10.13/6.11.1 and classified as critical. This vulnerability affects unknown code of the component AMD Display. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-47704. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.1. It has been rated as critical. Affected by this issue is the function blk_add_partition. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-47705. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.11.1. This affects the function bfq_insert_request of the file block/bfq-iosched.c. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2024-47706. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.11.1. Affected is the function memdup_user in the library /var/lib/nfs/nfsdcld/. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-47692. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.1. It has been rated as problematic. Affected by this issue is the function nf_reject_ip6_tcphdr_put of the component netfilter. The manipulation leads to uninitialized resource. This vulnerability is handled as CVE-2024-47685. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.8. It has been classified as critical. This affects an unknown part of the component AMD Display. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2024-47661. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.111/6.6.52/6.10.11. It has been rated as problematic. This issue affects the function iwl_trans_wait_tx_queues_empty of the component iwlwifi. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2024-47672. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.111/6.6.52/6.10.11. It has been classified as problematic. Affected is the function iwl_trans_send_cmd of the file drivers/net/wireless/intel/iwlwifi/iwl-trans.c. The manipulation leads to state issue. This vulnerability is traded as CVE-2024-47673. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.50/6.10.9. Affected by this vulnerability is the function hisi_calc_effective_speed of the component hisi-kunpeng. The manipulation leads to divide by zero. This vulnerability is known as CVE-2024-47664. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.