CVE List - 2024 / October
Showing 2101 - 2200 of 3571 CVEs for October 2024 (Page 22 of 36)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-47675 | 2024-10-21 | bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() |
| CVE-2024-47676 | 2024-10-21 | mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway |
| CVE-2024-47677 | 2024-10-21 | exfat: resolve memory leak from exfat_create_upcase_table() |
| CVE-2024-47678 | 2024-10-21 | icmp: change the order of rate limits |
| CVE-2024-47679 | 2024-10-21 | vfs: fix race between evice_inodes() and find_inode()&iput() |
| CVE-2024-47680 | 2024-10-21 | f2fs: check discard support for conventional zones |
| CVE-2024-47681 | 2024-10-21 | wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he |
| CVE-2024-47682 | 2024-10-21 | scsi: sd: Fix off-by-one error in sd_read_block_characteristics() |
| CVE-2024-47683 | 2024-10-21 | drm/amd/display: Skip Recompute DSC Params if no Stream on Link |
| CVE-2024-47684 | 2024-10-21 | tcp: check skb is non-NULL in tcp_rto_delta_us() |
| CVE-2024-47685 | 2024-10-21 | netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() |
| CVE-2024-47686 | 2024-10-21 | ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() |
| CVE-2024-47687 | 2024-10-21 | vdpa/mlx5: Fix invalid mr resource destroy |
| CVE-2024-47688 | 2024-10-21 | driver core: Fix a potential null-ptr-deref in module_add_driver() |
| CVE-2024-47689 | 2024-10-21 | f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error() |
| CVE-2024-47690 | 2024-10-21 | f2fs: get rid of online repaire on corrupted directory |
| CVE-2024-47691 | 2024-10-21 | f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread() |
| CVE-2024-47692 | 2024-10-21 | nfsd: return -EINVAL when namelen is 0 |
| CVE-2024-47693 | 2024-10-21 | IB/core: Fix ib_cache_setup_one error flow cleanup |
| CVE-2024-47694 | 2024-10-21 | IB/mlx5: Fix UMR pd cleanup on error flow of driver init |
| CVE-2024-47695 | 2024-10-21 | RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds |
| CVE-2024-47696 | 2024-10-21 | RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency |
| CVE-2024-47697 | 2024-10-21 | drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error |
| CVE-2024-47698 | 2024-10-21 | drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error |
| CVE-2024-47699 | 2024-10-21 | nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() |
| CVE-2024-47700 | 2024-10-21 | ext4: check stripe size compatibility on remount as well |
| CVE-2024-47701 | 2024-10-21 | ext4: avoid OOB when system.data xattr changes underneath the filesystem |
| CVE-2024-47702 | 2024-10-21 | bpf: Fail verification for sign-extension of packet data/data_end/data_meta |
| CVE-2024-47703 | 2024-10-21 | bpf, lsm: Add check for BPF LSM return value |
| CVE-2024-47704 | 2024-10-21 | drm/amd/display: Check link_res->hpo_dp_link_enc before using it |
| CVE-2024-47705 | 2024-10-21 | block: fix potential invalid pointer dereference in blk_add_partition |
| CVE-2024-47706 | 2024-10-21 | block, bfq: fix possible UAF for bfqq->bic with merge chain |
| CVE-2024-47707 | 2024-10-21 | ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() |
| CVE-2024-47708 | 2024-10-21 | netkit: Assign missing bpf_net_context |
| CVE-2024-47709 | 2024-10-21 | can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). |
| CVE-2024-47710 | 2024-10-21 | sock_map: Add a cond_resched() in sock_hash_free() |
| CVE-2024-47711 | 2024-10-21 | af_unix: Don't return OOB skb in manage_oob(). |
| CVE-2024-47712 | 2024-10-21 | wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param |
| CVE-2024-47713 | 2024-10-21 | wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() |
| CVE-2024-47714 | 2024-10-21 | wifi: mt76: mt7996: use hweight16 to get correct tx antenna |
| CVE-2024-47715 | 2024-10-21 | wifi: mt76: mt7915: fix oops on non-dbdc mt7986 |
| CVE-2024-47716 | 2024-10-21 | ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros |
| CVE-2024-47717 | 2024-10-21 | RISC-V: KVM: Don't zero-out PMU snapshot area before freeing data |
| CVE-2024-47718 | 2024-10-21 | wifi: rtw88: always wait for both firmware loading attempts |
| CVE-2024-47719 | 2024-10-21 | iommufd: Protect against overflow of ALIGN() during iova allocation |
| CVE-2024-47720 | 2024-10-21 | drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func |
| CVE-2024-47721 | 2024-10-21 | wifi: rtw89: remove unused C2H event ID RTW89_MAC_C2H_FUNC_READ_WOW_CAM to prevent out-of-bounds reading |
| CVE-2024-47723 | 2024-10-21 | jfs: fix out-of-bounds in dbNextAG() and diAlloc() |
| CVE-2024-47724 | 2024-10-21 | wifi: ath11k: use work queue to process beacon tx event |
| CVE-2024-47726 | 2024-10-21 | f2fs: fix to wait dio completion |
| CVE-2024-47727 | 2024-10-21 | x86/tdx: Fix "in-kernel MMIO" check |
| CVE-2024-47728 | 2024-10-21 | bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error |
| CVE-2024-47729 | 2024-10-21 | drm/xe: Use reserved copy engine for user binds on faulting devices |
| CVE-2024-47730 | 2024-10-21 | crypto: hisilicon/qm - inject error before stopping queue |
| CVE-2024-47731 | 2024-10-21 | drivers/perf: Fix ali_drw_pmu driver interrupt status clearing |
| CVE-2024-47732 | 2024-10-21 | crypto: iaa - Fix potential use after free bug |
| CVE-2024-47733 | 2024-10-21 | netfs: Delete subtree of 'fs/netfs' when netfs module exits |
| CVE-2024-47734 | 2024-10-21 | bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave() |
| CVE-2024-47735 | 2024-10-21 | RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled |
| CVE-2024-47736 | 2024-10-21 | erofs: handle overlapped pclusters out of crafted images properly |
| CVE-2024-47737 | 2024-10-21 | nfsd: call cache_put if xdr_reserve_space returns NULL |
| CVE-2024-47738 | 2024-10-21 | wifi: mac80211: don't use rate mask for offchannel TX either |
| CVE-2024-47739 | 2024-10-21 | padata: use integer wrap around to prevent deadlock on seq_nr overflow |
| CVE-2024-47740 | 2024-10-21 | f2fs: Require FMODE_WRITE for atomic write ioctls |
| CVE-2024-47741 | 2024-10-21 | btrfs: fix race setting file private on concurrent lseek using same fd |
| CVE-2024-47742 | 2024-10-21 | firmware_loader: Block path traversal |
| CVE-2024-47743 | 2024-10-21 | KEYS: prevent NULL pointer dereference in find_asymmetric_key() |
| CVE-2024-47744 | 2024-10-21 | KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock |
| CVE-2024-47745 | 2024-10-21 | mm: call the security_mmap_file() LSM hook in remap_file_pages() |
| CVE-2024-47746 | 2024-10-21 | fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set |
| CVE-2024-47747 | 2024-10-21 | net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition |
| CVE-2024-47748 | 2024-10-21 | vhost_vdpa: assign irq bypass producer token correctly |
| CVE-2024-47749 | 2024-10-21 | RDMA/cxgb4: Added NULL check for lookup_atid |
| CVE-2024-47750 | 2024-10-21 | RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 |
| CVE-2024-47751 | 2024-10-21 | PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() |
| CVE-2024-47752 | 2024-10-21 | media: mediatek: vcodec: Fix H264 stateless decoder smatch warning |
| CVE-2024-47753 | 2024-10-21 | media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning |
| CVE-2024-47754 | 2024-10-21 | media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning |
| CVE-2024-47756 | 2024-10-21 | PCI: keystone: Fix if-statement expression in ks_pcie_quirk() |
| CVE-2024-47757 | 2024-10-21 | nilfs2: fix potential oob read in nilfs_btree_check_delete() |
| CVE-2024-49850 | 2024-10-21 | bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos |
| CVE-2024-49851 | 2024-10-21 | tpm: Clean up TPM space after command failure |
| CVE-2024-49852 | 2024-10-21 | scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() |
| CVE-2024-49853 | 2024-10-21 | firmware: arm_scmi: Fix double free in OPTEE transport |
| CVE-2024-49854 | 2024-10-21 | block, bfq: fix uaf for accessing waker_bfqq after splitting |
| CVE-2024-49855 | 2024-10-21 | nbd: fix race between timeout and normal completion |
| CVE-2024-49856 | 2024-10-21 | x86/sgx: Fix deadlock in SGX NUMA node search |
| CVE-2024-49857 | 2024-10-21 | wifi: iwlwifi: mvm: set the cipher for secured NDP ranging |
| CVE-2024-49858 | 2024-10-21 | efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption |
| CVE-2024-49859 | 2024-10-21 | f2fs: fix to check atomic_file in f2fs ioctl interfaces |
| CVE-2024-49860 | 2024-10-21 | ACPI: sysfs: validate return type of _STR method |
| CVE-2024-49861 | 2024-10-21 | bpf: Fix helper writes to read-only maps |
| CVE-2024-49862 | 2024-10-21 | powercap: intel_rapl: Fix off by one in get_rpi() |
| CVE-2024-8305 | 2024-10-21 | MongoDB Server secondaries may crash due to forced index constraints |
| CVE-2024-6519 | 2024-10-21 | Qemu: scsi: lsi53c895a: use-after-free local privilege escalation vulnerability |
| CVE-2024-45309 | 2024-10-21 | OneDev vulnerable to arbitrary file reading for unauthenticated user |
| CVE-2024-48930 | 2024-10-21 | secp256k1-node vulnerable to private key extraction over ECDH |
| CVE-2024-49366 | 2024-10-21 | Nginx UI's json field can construct a directory traversal payload, causing arbitrary files to be written |
| CVE-2024-40746 | 2024-10-21 | Extension - hikashop.com - Stored cross site scripting vulnerability in Hikashop component for Joomla < 5.1.1 |
| CVE-2024-49367 | 2024-10-21 | Nginx UI's log path can be controlled |