The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2024-24784 | The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers. | -- | Feb 25, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-25629 | c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist. | -- | Feb 23, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2022-48624 | close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. | -- | Feb 20, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-0985 | Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker\'s roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker\'s materialized view. As part of exploiting this vulnerability, the attacker creates functions that use CREATE RULE to convert the internally-built temporary table to a view. Versions before PostgreSQL 15.6, 14.11, 13.14, and 12.18 are affected. The only known exploit does not work in PostgreSQL 16 and later. For defense in depth, PostgreSQL 16.2 adds the protections that older branches are using to fix their vulnerability. | -- | Feb 8, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-25062 | An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. | -- | Feb 5, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-22667 | Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. | -- | Feb 5, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-1086 | A use-after-free vulnerability in the Linux kernel\'s netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. | -- | Jan 31, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2024-1085 | A use-after-free vulnerability in the Linux kernel\'s netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the next generation before freeing it, but only flags it inactive in the next generation, making it possible to free the element multiple times, leading to a double free vulnerability. We recommend upgrading past commit b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7. | -- | Jan 31, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2024-1013 | An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken. | -- | Jan 31, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-52340 | kernel: ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU | -- | Jan 29, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-6200 | A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution. | -- | Jan 29, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2024-23307 | Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow. | -- | Jan 25, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-40547 | A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully. | -- | Jan 25, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-46838 | Transmit requests in Xen\'s virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts are directly translated into what Linux calls SKB fragments. Such converted request parts can, when for a particular SKB they are all of length zero, lead to a de-reference of NULL in core networking code. | -- | Jan 24, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-23850 | In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation. | -- | Jan 23, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2024-23849 | In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access. | -- | Jan 23, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-51043 | In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload. | -- | Jan 23, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51042 | In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free. | -- | Jan 23, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-46343 | In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c. | -- | Jan 23, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0775 | A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free. | -- | Jan 22, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-22563 | openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c. | -- | Jan 19, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-0607 | A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality. | -- | Jan 18, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2021-33631 | Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0. | -- | Jan 18, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2021-33630 | NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3. | -- | Jan 18, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0646 | An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system. | -- | Jan 17, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0641 | A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system. | -- | Jan 17, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0639 | A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system. | -- | Jan 17, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-21886 | A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-21885 | A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-0409 | A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-0408 | A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-0229 | An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6816 | A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device\'s particular number of buttons, leading to a heap overflow if a bigger value was used. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-0584 | Rejected reason: Do not use this CVE as it is duplicate of CVE-2023-6932 | -- | Jan 16, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2024-0582 | A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system. | -- | Jan 16, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0565 | An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service. | -- | Jan 16, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0562 | A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_writeback_end() may schedule bandwidth estimation work after this has completed, which can result in the timer attempting to access the recently freed bdi_writeback. | -- | Jan 16, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-6915 | A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return. | -- | Jan 16, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-6040 | An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access. | -- | Jan 12, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2022-48619 | An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap. | -- | Jan 12, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0443 | A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called when the blkcg reference count reaches 0. This circular dependency will prevent blkcg and some blkgs from being freed after they are made offline. This issue may allow an attacker with a local access to cause system instability, such as an out of memory error. | -- | Jan 12, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0340 | A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. | -- | Jan 9, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-34324 | Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. triggered by removal of a paravirtual device on the other side. As this action will cause console messages to be issued on the other side quite often, the chance of triggering the deadlock is not neglectable. Note that 32-bit Arm-guests are not affected, as the 32-bit Linux kernel on Arm doesn\'t use queued-RW-locks, which are required to trigger the issue (on Arm32 a waiting writer doesn\'t block further readers to get the lock). | -- | Jan 5, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2024-0193 | A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system. | -- | Jan 2, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-7192 | A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow. | -- | Jan 2, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-7104 | A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999. | -- | Dec 28, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6531 | A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector\'s deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. | -- | Dec 28, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51782 | An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51781 | An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51780 | An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
