Vulnerabilities > Linux > Linux Kernel > High

DATE CVE VULNERABILITY TITLE RISK
2024-11-09 CVE-2024-50242 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in ntfs_file_release
local
low complexity
linux
7.8
2024-11-09 CVE-2024-50246 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add rough attr alloc_size check
local
low complexity
linux
7.8
2024-11-09 CVE-2024-50247 Out-of-bounds Read vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check if more than chunk-size bytes are written A incorrectly formatted chunk may decompress into more than LZNT_CHUNK_SIZE bytes and a index out of bounds will occur in s_max_off.
local
low complexity
linux CWE-125
7.1
2024-11-09 CVE-2024-50250 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fsdax: dax_unshare_iter needs to copy entire blocks The code that copies data from srcmap to iomap in dax_unshare_iter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to dax_file_unshare are not aligned to an fsblock boundary, the iter pos and length in the _iter function will reflect this unalignment. dax_iomap_direct_access always returns a pointer to the start of the kmapped fsdax page, even if its pos argument is in the middle of that page.
local
low complexity
linux
7.1
2024-11-09 CVE-2024-50257 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in get_info() ip6table_nat module unload has refcnt warning for UAF.
local
low complexity
linux CWE-416
7.8
2024-11-09 CVE-2024-50261 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF.
local
low complexity
linux CWE-416
7.8
2024-11-09 CVE-2024-50262 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, while it writes (trie->max_prefixlen + 1) nodes to the stack when it has full paths from the root to leaves.
local
low complexity
linux CWE-787
7.8
2024-11-08 CVE-2024-50203 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPF_TRAMP_F_CALL_ORIG is enabled, the address of a bpf_tramp_image struct on the stack is passed during the size calculation pass and an address on the heap is passed during code generation.
local
low complexity
linux CWE-787
7.8
2024-11-08 CVE-2024-50209 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Add a check for memory allocation __alloc_pbl() can return error when memory allocation fails. Driver is not checking the status on one of the instances.
local
low complexity
linux
7.8
2024-11-07 CVE-2024-50143 Use of Uninitialized Resource vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uninit-value use in udf_get_fileshortad KMSAN bug[1]. After applying the patch reproducer did not trigger any issue[2]. [1] https://syzkaller.appspot.com/bug?extid=8901c4560b7ab5c2f9df [2] https://syzkaller.appspot.com/x/log.txt?x=10242227980000
local
low complexity
linux CWE-908
7.8