Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linux linux kernel 5.4 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-0045
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only ...
Linux Linux Kernel
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
4.4
CVSSv3
CVE-2023-2269
A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.
Linux Linux Kernel 6.2
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
5.5
CVSSv3
CVE-2023-31085
An issue exists in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.
Linux Linux Kernel 6.2
7.8
CVSSv3
CVE-2022-4744
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges o...
Linux Linux Kernel
7
CVSSv3
CVE-2023-1077
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a ...
Linux Linux Kernel
Debian Debian Linux 10.0
Netapp A700s Firmware -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
Netapp C400 Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
7.8
CVSSv3
CVE-2023-1078
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf...
Linux Linux Kernel
4.7
CVSSv3
CVE-2023-0590
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be...
Linux Linux Kernel
Linux Linux Kernel 6.1
7
CVSSv3
CVE-2023-28466
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel up to and including 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
Linux Linux Kernel
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
Netapp H410c -
Debian Debian Linux 10.0
4.7
CVSSv3
CVE-2022-27672
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
Amd Athlon X4 750 Firmware -
Amd Athlon X4 760k Firmware -
Amd Athlon X4 830 Firmware -
Amd Athlon X4 840 Firmware -
Amd Athlon X4 860k Firmware -
Amd Athlon X4 870k Firmware -
Amd Athlon X4 880k Firmware -
Amd Athlon X4 835 Firmware -
Amd Athlon X4 845 Firmware -
Amd Athlon X4 940 Firmware -
Amd Athlon X4 950 Firmware -
Amd Athlon X4 970 Firmware -
Amd Ryzen Threadripper Pro 5995wx Firmware -
Amd Ryzen Threadripper Pro 5975w Firmware -
Amd Ryzen Threadripper Pro 5965wx Firmware -
Amd Ryzen Threadripper Pro 5955wx Firmware -
Amd Ryzen Threadripper Pro 5945wx Firmware -
Amd Ryzen Threadripper 2990wx Firmware -
Amd Ryzen Threadripper 2970wx Firmware -
Amd Ryzen Threadripper 2950x Firmware -
Amd Ryzen Threadripper 2920x Firmware -
Amd Ryzen Threadripper 3960x Firmware -
1 Article
4.7
CVSSv3
CVE-2023-26545
In the Linux kernel prior to 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
Linux Linux Kernel
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »