Vuldb Updates

A vulnerability classified as problematic was found in Linux Kernel up to 6.11.9. Affected is the function move_page_tables. Such manipulation of the argument orig_old_start leads to incorrect comparison. This vulnerability is listed as CVE-2024-53111. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. This impacts the function ocfs2_verify_group_and_input of the file fs/ocfs2/uptodate.c. The manipulation results in buffer overflow. This vulnerability was named CVE-2024-53112. The attack needs to be approached within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.6.62/6.11.9 and classified as problematic. This vulnerability affects the function vma_iter_prealloc. The manipulation results in allocation of resources. This vulnerability is reported as CVE-2024-53109. The attacker must have access to the local network to execute the attack. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.62/6.11.9 and classified as problematic. This affects the function amdgpu_dm_update_freesync_caps+0xefa/0x17a0. The manipulation leads to out-of-bounds read. This vulnerability is documented as CVE-2024-53108. The attack requires being on the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.11.9. The impacted element is the function pagemap_scan_get_args. Executing a manipulation of the argument vec_len can lead to integer overflow. This vulnerability is handled as CVE-2024-53107. The attack can only be done within the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.119/6.6.63/6.11.10/6.12.1 and classified as critical. Impacted is the function fscache_create_volume of the file /fscache of the component netfs. The manipulation results in memory corruption. This vulnerability is cataloged as CVE-2024-56755. The attack must originate from the local network. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.1. The impacted element is the function __nvme_alloc_host_mem of the component nvme-pci. The manipulation results in allocation of resources. This vulnerability was named CVE-2024-56756. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. It has been rated as critical. The affected element is the function ima_eventdigest_init. Performing a manipulation results in buffer overflow. This vulnerability is known as CVE-2024-53106. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is advised.

A vulnerability has been found in Linux Kernel up to 6.12.1 and classified as problematic. This issue affects the function gfx_v9_0. The manipulation leads to improper initialization. This vulnerability is listed as CVE-2024-56753. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.63/6.11.10/6.12.1. The affected element is the function gf100_gr_chan_new of the component nouveau. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-56752. The attack can only be initiated within the local network. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been rated as critical. This affects the function caam_qi_shutdown. Performing a manipulation results in denial of service. This vulnerability is reported as CVE-2024-56754. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.

A vulnerability described as problematic has been identified in Linux Kernel up to 6.12.1. Impacted is the function sb_set_blocksize of the component erofs. Executing a manipulation can lead to privilege escalation. This vulnerability is handled as CVE-2024-56750. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.11.10/6.12.1. It has been declared as critical. The impacted element is the function dlm_recover_members. Such manipulation leads to improper update of reference count. This vulnerability is documented as CVE-2024-56749. The attack requires being on the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.12.1. This issue affects the function qedf_alloc_and_init_sb of the component scsi. Performing a manipulation results in memory leak. This vulnerability is known as CVE-2024-56748. Access to the local network is required for this attack. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.12.1. This affects the function sh7760fb_alloc_mem of the component fbdev. This manipulation causes memory leak. This vulnerability appears as CVE-2024-56746. The attacker needs to be present on the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.12.1. This vulnerability affects the function qedi_alloc_and_init_sb of the component scsi. Such manipulation leads to memory leak. This vulnerability is traded as CVE-2024-56747. Access to the local network is required for this attack to succeed. There is no exploit available. The affected component should be upgraded.

A vulnerability was found in iTerm2 up to 3.4.19. It has been classified as critical. The impacted element is an unknown function. Performing a manipulation results in unrestricted upload. This vulnerability is cataloged as CVE-2023-46301. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability labeled as problematic has been found in calibre up to 6.18.x. This issue affects the function link_to_local_path of the file ebooks/conversion/plugins/html_input.py. Executing a manipulation can lead to server-side request forgery. This vulnerability appears as CVE-2023-46303. The attacker needs to be present on the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in etc-browser 87ae63d75260 and classified as critical. This issue affects some unknown processing of the file server.js of the component Web Server. Executing a manipulation can lead to relative path traversal. This vulnerability is registered as CVE-2023-46307. It is possible to launch the attack remotely. No exploit is available.

A vulnerability was found in NetModule Router Software and classified as critical. This impacts the function cleanup of the file /admin/gnssAutoAlign.php of the component Web Administration Interface. Executing a manipulation of the argument device_id can lead to os command injection. This vulnerability is tracked as CVE-2023-46306. The attack is only possible within the local network. No exploit exists. It is suggested to upgrade the affected component.