Vuldb Updates

A vulnerability classified as problematic was found in Linux Kernel up to 6.6.22/6.7.10/6.8.1. This vulnerability affects the function drm_fixp2int of the component vkms. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2023-52649. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.82/6.6.22/6.7.10/6.8.1. It has been declared as critical. This vulnerability affects the function papr_get_attr of the component pseries. The manipulation leads to memory leak. This vulnerability was named CVE-2022-48669. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.8.1 and classified as critical. Affected by this issue is the function of_find_device_by_node of the component tegra. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2023-52650. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.79/6.6.18/6.7.6. This issue affects the function mddev_suspend of the component md. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2024-27023. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.8.1. Affected is the function nla_nest_start of the component nbd. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-27025. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.8.2. It has been classified as problematic. This affects the function fat_encode_fh_nostale. The manipulation leads to uninitialized pointer. This vulnerability is uniquely identified as CVE-2024-26973. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.8.1. This vulnerability affects the function clk_core_get. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-27038. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.22/6.7.10/6.8.1. This vulnerability affects the function kzalloc of the component brcm80211. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-27048. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.22/6.7.10 and classified as critical. Affected by this issue is the function sof_ipc4_pcm_hw_free of the component ASoC. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-27057. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4. This affects the function static_command_line of the file init/main.c. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2024-26988. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4. It has been rated as critical. This issue affects the function swsusp_save of the component hibernate. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2024-26989. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.6.28/6.8.7/6.9-rc4 on TDP. This affects the function kvm_mmu_page_ad_need_write_protect of the component KVM. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2024-26990. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.23/6.7.11/6.8.2. Affected by this issue is some unknown functionality of the component intel_rapl. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-26975. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.87/6.6.28/6.8.7/6.9-rc4. It has been rated as problematic. Affected by this issue is the function fixed_ctrl_field of the component KVM. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-26992. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.87/6.6.28/6.8.7/6.9-rc4 and classified as critical. Affected by this vulnerability is the function clk_pm_runtime_get. The manipulation leads to deadlock. This vulnerability is known as CVE-2024-27003. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4 and classified as critical. Affected by this issue is the function clk_pm_runtime_get. The manipulation leads to deadlock. This vulnerability is handled as CVE-2024-27004. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.87/6.6.28/6.8.7/6.9-rc4. It has been rated as critical. Affected by this issue is some unknown functionality of the component mlx5e. The manipulation leads to deadlock. This vulnerability is handled as CVE-2024-27014. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4. This affects an unknown part of the component flowtable. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2024-27015. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.9-rc1. This vulnerability affects the function usb_deauthorize_interface of the file drivers/usb/core/sysfs.c. The manipulation leads to deadlock. This vulnerability was named CVE-2024-26934. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.83/6.6.23/6.7.11/6.8.2/6.9-rc1 and classified as critical. Affected by this issue is the function device_del of the file port.c of the component USB. The manipulation leads to deadlock. This vulnerability is handled as CVE-2024-26933. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.