Vuldb Updates

A vulnerability was found in Linux Kernel up to 5.10.217. It has been rated as critical. Affected by this issue is the function USERGS_SYSRET64 of the component Xen. The manipulation leads to buffer overflow. This vulnerability is listed as CVE-2021-4440. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability described as critical has been identified in Linux Kernel up to 6.1.94/6.6.34/6.9.4. The affected element is the function __folio_start_writeback of the file folio/page of the component nilfs2. Executing a manipulation can lead to memory corruption. This vulnerability appears as CVE-2024-37078. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.9.4. It has been classified as critical. This affects the function platform_data of the component lgdt3306a. The manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2022-48772. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.10.9. Affected by this vulnerability is the function get_stashed_dentry of the component libfs. This manipulation causes null pointer dereference. This vulnerability is handled as CVE-2024-46801. The attack can only be done within the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.10.9. Affected by this issue is the function am65_cpsw_ndo_xdp_xmit of the file /xdp-trafficgen of the component Virtual Address Handler. Performing a manipulation results in null pointer dereference. This vulnerability is identified as CVE-2024-46799. The attack can only be performed from the local network. Additionally, an exploit exists. It is advisable to upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.10.9. Affected is the function snd_pcm_suspend_all. The manipulation results in use after free. This vulnerability is known as CVE-2024-46798. Access to the local network is required for this attack. No exploit is available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.10.9 and classified as critical. The impacted element is the function netem_dequeue. Such manipulation leads to use after free. This vulnerability is listed as CVE-2024-46800. The attack must be carried out from within the local network. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.15.166/6.1.109/6.6.50/6.10.9. This affects the function generate_preauth_hash. Executing a manipulation can lead to null pointer dereference. This vulnerability is tracked as CVE-2024-46795. The attack is only possible within the local network. No exploit exists. You should upgrade the affected component.

A vulnerability identified as problematic has been detected in Linux Kernel up to 6.6.50/6.10.9. This impacts the function queued_spin_lock_slowpath. The manipulation leads to improper initialization. This vulnerability is traded as CVE-2024-46797. Access to the local network is required for this attack to succeed. There is no exploit available. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.10.9. Affected is the function COMP_DUMMY of the component Intel. Executing a manipulation can lead to null pointer dereference. This vulnerability is handled as CVE-2024-46793. The attack can only be done within the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.109/6.6.50/6.10.9. It has been classified as problematic. This affects the function mmio_read of the component tdx. The manipulation leads to improper initialization. This vulnerability is documented as CVE-2024-46794. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.10.9. The impacted element is the function raw_copy_to_user/raw_copy_from_user. The manipulation results in memory corruption. This vulnerability is cataloged as CVE-2024-46792. The attack must originate from the local network. There is no exploit available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.225/5.15.166/6.1.109/6.6.50/6.10.9 and classified as critical. Affected by this issue is the function mcp251x_hw_wake of the component mcp251x. Executing a manipulation can lead to deadlock. This vulnerability is registered as CVE-2024-46791. The attack requires access to the local network. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.10.9. Affected is the function prepare_slab_obj_exts_hook. Such manipulation leads to allocation of resources. This vulnerability is listed as CVE-2024-46789. The attack must be carried out from within the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.10.9 and classified as problematic. Affected by this vulnerability is the function free_pages_prepare in the library /include/linux/alloc_tag.h of the component codetag. Performing a manipulation results in allocation of resources. This vulnerability is cataloged as CVE-2024-46790. The attack must originate from the local network. There is no exploit available. The affected component should be upgraded.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.6.50/6.10.9. This affects the function start_kthread of the component osnoise. Performing a manipulation results in null pointer dereference. This vulnerability was named CVE-2024-46788. The attack needs to be approached within the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.50/6.10.9. The affected element is the function timer_reduce of the component fscache. The manipulation leads to use after free. This vulnerability is listed as CVE-2024-46786. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.6.50/6.10.9. Affected by this vulnerability is the function list_del_rcu of the file /sys/kernel/debug/tracing/kprobe_events of the component eventfs. The manipulation results in null pointer dereference. This vulnerability is identified as CVE-2024-46785. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability classified as problematic was found in Linux Kernel up to 6.10.9. This affects the function tcp_bpf_sendmsg. The manipulation results in unchecked return value. This vulnerability is identified as CVE-2024-46783. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.109/6.6.50/6.10.9. This impacts the function napi_disable of the component mana. This manipulation causes denial of service. This vulnerability is tracked as CVE-2024-46784. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.