Vulnerabilities > Linux > Linux Kernel > 4.9.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-20 | CVE-2024-26581 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active. | 7.8 |
2024-02-12 | CVE-2023-52429 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. | 5.5 |
2024-02-12 | CVE-2024-25739 | Improper Check for Unusual or Exceptional Conditions vulnerability in Linux Kernel create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. | 5.5 |
2024-02-12 | CVE-2024-25740 | Memory Leak vulnerability in Linux Kernel A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released. | 5.5 |
2024-02-08 | CVE-2024-1312 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. | 4.7 |
2024-02-05 | CVE-2024-22386 | NULL Pointer Dereference vulnerability in Linux Kernel A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. | 4.7 |
2024-02-05 | CVE-2024-23196 | NULL Pointer Dereference vulnerability in Linux Kernel A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function. | 4.7 |
2024-02-05 | CVE-2024-24860 | NULL Pointer Dereference vulnerability in Linux Kernel A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. | 5.3 |
2024-01-31 | CVE-2024-1086 | Use After Free vulnerability in Linux Kernel A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. | 7.8 |
2024-01-30 | CVE-2024-0564 | Information Exposure Through Discrepancy vulnerability in multiple products A flaw was found in the Linux kernel's memory deduplication mechanism. | 6.5 |