Vuldb Updates

A vulnerability was found in Linux Kernel up to 6.1.106/6.6.47/6.10.6. It has been declared as critical. This vulnerability affects unknown code of the component AMD GPU. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2024-44977. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical was found in Linux Kernel up to 5.15.165/6.1.106/6.6.47/6.10.6. Affected by this vulnerability is an unknown functionality of the component flowtable. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2024-44983. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.165/6.1.106/6.6.47/6.10.6 and classified as problematic. This vulnerability affects the function dpu_format_populate_layout. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-44982. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.106/6.6.47/6.10.6. It has been declared as critical. Affected by this vulnerability is the function kcm_release in the library include/linux/skbuff.h. The manipulation leads to use after free. This vulnerability is known as CVE-2024-44946. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.45/6.10.4 and classified as problematic. This issue affects the function idr_alloc of the component memcg. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2024-43892. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.6.45/6.10.4. This affects the function gpio_device_get_desc of the component gpio. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-44931. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.6.46/6.10.5. This affects the function gue_gro_receive of the component fou. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2024-44940. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.36/6.9.7. This affects the function ata_port_alloc of the component libata-core. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-41098. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.43/6.10.2. This affects the function f2fs_file_open. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-43859. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.43/6.10.2. Affected is the function add_ra_bio_pages of the component btrfs. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-42314. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.36/6.9.7. It has been rated as critical. Affected by this issue is the function __msi_domain_alloc_locked of the component MSI. The manipulation leads to use after free. This vulnerability is handled as CVE-2024-41096. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.8.6 and classified as problematic. This vulnerability affects the function rfcomm_sock_setsockopt_old in the library include/linux/sockptr.h of the component Bluetooth. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2024-35966. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.10. Affected is the function ocfs2_xattr_find_entry. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-41016. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.8.7/6.9-rc4 and classified as problematic. Affected by this issue is some unknown functionality of the component nft_set_pipapo. The manipulation leads to Privilege Escalation. This vulnerability is handled as CVE-2024-27017. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.26/6.8.5 and classified as problematic. This issue affects some unknown processing of the component cfg80211. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2024-35937. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.26/6.8.5. Affected by this vulnerability is the function devm_kasprintf of the component pmdomain. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-35943. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel 6.2 and classified as problematic. Affected by this vulnerability is the function hci_uart_tty_ioctl of the file drivers/bluetooth/hci_ldisc.c. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2023-31083. The attack can only be done within the local network. Furthermore, there is an exploit available.

A vulnerability was found in Zabbix up to 6.0.30/6.4.15/7.0.0 and classified as critical. This issue affects some unknown processing of the component JavaScript Engine. The manipulation leads to untrusted pointer dereference. The identification of this vulnerability is CVE-2024-36461. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in NVIDIA CUDA Toolkit up to 12.6U1 on Windows/Linux. It has been rated as problematic. Affected by this issue is some unknown functionality of the component nvdisam. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-0125. Local access is required to approach this attack. There is no exploit available.

A vulnerability was found in NVIDIA CUDA Toolkit up to 12.6U1 on Windows/Linux. It has been classified as problematic. Affected is an unknown function of the component nvdisam. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-0124. The attack needs to be approached locally. There is no exploit available.