Vuldb Updates

A vulnerability classified as problematic has been found in Linux Kernel up to 5.15.28/5.16.14. This affects the function thrustmaster_probe of the component hid-thrustmaster. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2022-48866. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.4.155/5.10.75/5.14.14. Affected by this issue is the function kmem_cache_open. The manipulation leads to memory leak. This vulnerability is handled as CVE-2021-47466. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.99/6.6.40/6.9.9. This affects the function cs_dsp_load of the component cs_dsp. The manipulation of the argument length leads to excessive iteration. This vulnerability is uniquely identified as CVE-2024-42237. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.99/6.6.40/6.9.9 and classified as critical. This vulnerability affects the function cs_dsp_power_up of the component cs_dsp. The manipulation leads to infinite loop. This vulnerability was named CVE-2024-42238. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.7.1. Affected is the function cec_queue_msg_fh of the file drivers/media/cec/core/cec-adap.c. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-23848. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in Linux Kernel up to 6.8.9. It has been declared as critical. This vulnerability affects the function fib6_rule_action of the component ipv6. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-36902. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.162/6.1.99/6.6.40/6.9.9. This affects the function entry_SYSENTER_compat. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2024-42240. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.9.2. It has been classified as critical. This affects the function memdup_user_nul of the component qedf. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2024-38559. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.9.2 and classified as critical. Affected by this vulnerability is the function spu2_dump_omd of the component crypto. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2024-38579. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.14.10. This vulnerability affects the function rq_qos_done_bio of the component block. The manipulation leads to denial of service. This vulnerability was named CVE-2021-47412. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.90/6.6.30/6.8.9 and classified as critical. Affected by this vulnerability is the function ip6_output. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-36901. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.10.221/5.15.162/6.1.97/6.6.38/6.9.8 and classified as problematic. This vulnerability affects the function nvmet_sq_destroy. The manipulation leads to allocation of resources. This vulnerability was named CVE-2024-42152. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. Affected is the function deactivate of the component trigger. The manipulation leads to allocation of resources. This vulnerability is traded as CVE-2024-43830. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.75/6.6.14/6.7/6.7.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component nbd. The manipulation leads to uninitialized pointer. This vulnerability is known as CVE-2024-26638. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.8.9. Affected by this vulnerability is an unknown functionality of the file mm/vmalloc.c of the component bnx2fc. The manipulation leads to Privilege Escalation. This vulnerability is known as CVE-2024-36919. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.30/6.8.9 and classified as critical. This issue affects some unknown processing of the component iwlwifi. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2024-36922. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.11 and classified as problematic. Affected by this issue is the function asix_mdio_read of the file drivers/net/usb/asix_common.c. The manipulation leads to uninitialized pointer. This vulnerability is handled as CVE-2021-47101. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.7.9. It has been declared as critical. This vulnerability affects the function ice_bridge_setlink. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-26855. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.87/6.6.28/6.8.2/6.9-rc1 and classified as critical. Affected by this vulnerability is the function __active_retire in the library lib/debugobjects.c of the component i915. The manipulation leads to use after free. This vulnerability is known as CVE-2024-26939. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.6.35/6.9.6. This affects the function __ext4_fill_super. The manipulation leads to improper initialization. This vulnerability is uniquely identified as CVE-2024-40998. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.