VulDB Recent Entries

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. Affected is an unknown function of the component Landlock. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2024-42318. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.10.2. This issue affects the function pci_epf_test_core_init of the file drivers/pci/endpoint/functions/pci-epf-test.c. The manipulation of the argument epc_features leads to null pointer dereference. The identification of this vulnerability is CVE-2024-43824. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. This vulnerability affects the function acpi_get_first_physical_node. The manipulation leads to improper update of reference count. This vulnerability was named CVE-2024-43818. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.103/6.6.44/6.10.3. This affects the function rhashtable_lookup in the library include/linux/rhashtable.h. The manipulation leads to improper initialization. This vulnerability is uniquely identified as CVE-2024-42272. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. It has been rated as critical. Affected by this issue is the function apparmor_socket_post_create. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2023-52889. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.43/6.10.2. It has been declared as critical. Affected by this vulnerability is the function ip_vs_add_service of the file net/netfilter/ipvs/ip_vs_ctl.c. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-42322. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. It has been classified as critical. Affected is the function vmpressure_calc_level. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-42316. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2 and classified as critical. This issue affects the function dasd_copy_pair_store of the component s390. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-42320. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.102/6.6.43/6.10.2 and classified as critical. This vulnerability affects the function psb_intel_lvds_get_modes of the component gma500. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-42309. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. This affects an unknown part of the component udf. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2024-42306. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. Affected by this issue is the function make_indexed_dir of the component ext4. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-42304. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.43/6.10.2. Affected by this vulnerability is the function __exfat_get_dentry_set of the component exfat. The manipulation leads to deadlock. This vulnerability is known as CVE-2024-42315. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.43/6.10.2. Affected is the function add_ra_bio_pages of the component btrfs. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-42314. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. It has been rated as critical. This issue affects the function vdec_close of the component venus. The manipulation leads to use after free. The identification of this vulnerability is CVE-2024-42313. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. It has been declared as critical. This vulnerability affects the function cdv_intel_lvds_get_modes. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-42310. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. It has been classified as problematic. This affects the function hfs_alloc_inode. The manipulation leads to uninitialized pointer. This vulnerability is uniquely identified as CVE-2024-42311. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2 and classified as critical. Affected by this issue is the function init_cifs of the file fs/smb/client/cifsfs.c of the component cifs. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-42307. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.43/6.10.2 and classified as critical. Affected by this vulnerability is the function pxp_probe of the component imx-pxp. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-42303. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. Affected is an unknown function of the component parport. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-42301. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.10.2. This issue affects the function z_erofs_get_gbuf of the file fs/erofs/zutil.c. The manipulation leads to race condition. The identification of this vulnerability is CVE-2024-42300. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.