csaf_certbund - wid-sec-w-2024-0296

wid-sec-w-2024-0296

Vulnerability from csaf_certbund

Published

2024-02-04 23:00

Modified

2024-07-23 22:00

Summary

Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0296 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0296.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0296 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0296"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6688-1 vom 2024-03-11",
        "url": "https://ubuntu.com/security/notices/USN-6688-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0476-1 vom 2024-02-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017917.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0515-1 vom 2024-02-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017922.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0514-1 vom 2024-02-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017923.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0516-1 vom 2024-02-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017921.html"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-02-04",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24855"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-02-04",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24857"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-02-04",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24858"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-02-04",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24859"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-02-04",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24860"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-02-04",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24861"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-02-04",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24864"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-02-04",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22386"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-02-04",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23196"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6700-1 vom 2024-03-19",
        "url": "https://ubuntu.com/security/notices/USN-6700-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6701-1 vom 2024-03-19",
        "url": "https://ubuntu.com/security/notices/USN-6701-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6699-1 vom 2024-03-19",
        "url": "https://ubuntu.com/security/notices/USN-6699-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6702-1 vom 2024-03-19",
        "url": "https://ubuntu.com/security/notices/USN-6702-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6704-1 vom 2024-03-20",
        "url": "https://ubuntu.com/security/notices/USN-6704-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6705-1 vom 2024-03-20",
        "url": "https://ubuntu.com/security/notices/USN-6705-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6701-2 vom 2024-03-20",
        "url": "https://ubuntu.com/security/notices/USN-6701-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6702-2 vom 2024-03-20",
        "url": "https://ubuntu.com/security/notices/USN-6702-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6704-2 vom 2024-03-21",
        "url": "https://ubuntu.com/security/notices/USN-6704-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6700-2 vom 2024-03-21",
        "url": "https://ubuntu.com/security/notices/USN-6700-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6716-1 vom 2024-03-26",
        "url": "https://ubuntu.com/security/notices/USN-6716-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6704-3 vom 2024-03-26",
        "url": "https://ubuntu.com/security/notices/USN-6704-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6701-3 vom 2024-03-26",
        "url": "https://ubuntu.com/security/notices/USN-6701-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6704-4 vom 2024-03-28",
        "url": "https://ubuntu.com/security/notices/USN-6704-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6725-1 vom 2024-04-09",
        "url": "https://ubuntu.com/security/notices/USN-6725-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6701-4 vom 2024-04-09",
        "url": "https://ubuntu.com/security/notices/USN-6701-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6725-2 vom 2024-04-16",
        "url": "https://ubuntu.com/security/notices/USN-6725-2"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5681 vom 2024-05-06",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00090.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6765-1 vom 2024-05-07",
        "url": "https://ubuntu.com/security/notices/USN-6765-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018526.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018529.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018524.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018572.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018634.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6819-1 vom 2024-06-08",
        "url": "https://ubuntu.com/security/notices/USN-6819-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6818-1 vom 2024-06-08",
        "url": "https://ubuntu.com/security/notices/USN-6818-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6817-1 vom 2024-06-08",
        "url": "https://ubuntu.com/security/notices/USN-6817-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6816-1 vom 2024-06-08",
        "url": "https://ubuntu.com/security/notices/USN-6816-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6818-2 vom 2024-06-10",
        "url": "https://ubuntu.com/security/notices/USN-6818-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6819-2 vom 2024-06-12",
        "url": "https://ubuntu.com/security/notices/USN-6819-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6817-2 vom 2024-06-11",
        "url": "https://ubuntu.com/security/notices/USN-6817-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6819-3 vom 2024-06-12",
        "url": "https://ubuntu.com/security/notices/USN-6819-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6817-3 vom 2024-06-14",
        "url": "https://ubuntu.com/security/notices/USN-6817-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6818-3 vom 2024-06-14",
        "url": "https://ubuntu.com/security/notices/USN-6818-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6818-4 vom 2024-06-19",
        "url": "https://ubuntu.com/security/notices/USN-6818-4"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2135-1 vom 2024-06-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018783.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3841 vom 2024-06-25",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3842 vom 2024-06-25",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6819-4 vom 2024-06-26",
        "url": "https://ubuntu.com/security/notices/USN-6819-4"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3840 vom 2024-06-27",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-022 vom 2024-07-03",
        "url": "https://www.dell.com/support/kbdoc/de-de/000226633/dsa-2024-022-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6865-1 vom 2024-07-04",
        "url": "https://ubuntu.com/security/notices/USN-6865-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6866-1 vom 2024-07-04",
        "url": "https://ubuntu.com/security/notices/USN-6866-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6866-2 vom 2024-07-04",
        "url": "https://ubuntu.com/security/notices/USN-6866-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6878-1 vom 2024-07-04",
        "url": "https://ubuntu.com/security/notices/USN-6878-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6865-2 vom 2024-07-04",
        "url": "https://ubuntu.com/security/notices/USN-6865-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6866-3 vom 2024-07-10",
        "url": "https://ubuntu.com/security/notices/USN-6866-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6893-1 vom 2024-07-11",
        "url": "https://ubuntu.com/security/notices/USN-6893-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6896-1 vom 2024-07-12",
        "url": "https://ubuntu.com/security/notices/USN-6896-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6895-1 vom 2024-07-12",
        "url": "https://ubuntu.com/security/notices/USN-6895-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6898-1 vom 2024-07-15",
        "url": "https://ubuntu.com/security/notices/USN-6898-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6895-2 vom 2024-07-16",
        "url": "https://ubuntu.com/security/notices/USN-6895-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6893-2 vom 2024-07-16",
        "url": "https://ubuntu.com/security/notices/USN-6893-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6896-2 vom 2024-07-16",
        "url": "https://ubuntu.com/security/notices/USN-6896-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6898-2 vom 2024-07-17",
        "url": "https://ubuntu.com/security/notices/USN-6898-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6896-3 vom 2024-07-17",
        "url": "https://ubuntu.com/security/notices/USN-6896-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6900-1 vom 2024-07-17",
        "url": "https://ubuntu.com/security/notices/USN-6900-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6896-4 vom 2024-07-19",
        "url": "https://ubuntu.com/security/notices/USN-6896-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6898-3 vom 2024-07-19",
        "url": "https://ubuntu.com/security/notices/USN-6898-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6895-3 vom 2024-07-19",
        "url": "https://ubuntu.com/security/notices/USN-6895-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6893-3 vom 2024-07-23",
        "url": "https://ubuntu.com/security/notices/USN-6893-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6896-5 vom 2024-07-23",
        "url": "https://ubuntu.com/security/notices/USN-6896-5"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6898-4 vom 2024-07-23",
        "url": "https://ubuntu.com/security/notices/USN-6898-4"
      },
      {
        "category": "external",
        "summary": "SEM 2024.2.1 release notes vom 2024-07-23",
        "url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2024-2-1_release_notes.htm"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2024-07-23T22:00:00.000+00:00",
      "generator": {
        "date": "2024-07-24T09:10:14.618+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2024-0296",
      "initial_release_date": "2024-02-04T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-02-04T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-02-14T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-02-15T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-03-11T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-18T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-19T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-20T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-21T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-25T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-04-01T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-04-09T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-04-16T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-06T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-05-07T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-14T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-09T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-10T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-11T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-12T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-16T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-18T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-23T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-25T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-06-26T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-27T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-07-02T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2024-07-03T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-07-04T22:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-07-10T22:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-07-11T22:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-07-14T22:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-07-15T22:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-07-16T22:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-07-17T22:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-07-18T22:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-07-22T22:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-07-23T22:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates aufgenommen"
        }
      ],
      "status": "final",
      "version": "39"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c19.11",
                "product": {
                  "name": "Dell NetWorker \u003c19.11",
                  "product_id": "T035785",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:networker:19.11"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "NetWorker"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T032517",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2024.2",
                "product": {
                  "name": "SolarWinds Security Event Manager \u003c2024.2",
                  "product_id": "T034244",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:solarwinds:security_event_manager:2024.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Security Event Manager"
          }
        ],
        "category": "vendor",
        "name": "SolarWinds"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-22386",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel gibt es mehrere Schwachstellen. Diese bestehen in mehreren Treibern wie \"drm/exynos\", \"scsi\" oder \"net/bluetooth\" Ger\u00e4tetreibern aufgrund von Race Conditions und NULL-Zeiger-Dereferenzproblemen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T032517",
          "T035785",
          "T034244"
        ]
      },
      "release_date": "2024-02-04T23:00:00Z",
      "title": "CVE-2024-22386"
    },
    {
      "cve": "CVE-2024-23196",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel gibt es mehrere Schwachstellen. Diese bestehen in mehreren Treibern wie \"drm/exynos\", \"scsi\" oder \"net/bluetooth\" Ger\u00e4tetreibern aufgrund von Race Conditions und NULL-Zeiger-Dereferenzproblemen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T032517",
          "T035785",
          "T034244"
        ]
      },
      "release_date": "2024-02-04T23:00:00Z",
      "title": "CVE-2024-23196"
    },
    {
      "cve": "CVE-2024-24855",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel gibt es mehrere Schwachstellen. Diese bestehen in mehreren Treibern wie \"drm/exynos\", \"scsi\" oder \"net/bluetooth\" Ger\u00e4tetreibern aufgrund von Race Conditions und NULL-Zeiger-Dereferenzproblemen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T032517",
          "T035785",
          "T034244"
        ]
      },
      "release_date": "2024-02-04T23:00:00Z",
      "title": "CVE-2024-24855"
    },
    {
      "cve": "CVE-2024-24857",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel gibt es mehrere Schwachstellen. Diese bestehen in mehreren Treibern wie \"drm/exynos\", \"scsi\" oder \"net/bluetooth\" Ger\u00e4tetreibern aufgrund von Race Conditions und NULL-Zeiger-Dereferenzproblemen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T032517",
          "T035785",
          "T034244"
        ]
      },
      "release_date": "2024-02-04T23:00:00Z",
      "title": "CVE-2024-24857"
    },
    {
      "cve": "CVE-2024-24858",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel gibt es mehrere Schwachstellen. Diese bestehen in mehreren Treibern wie \"drm/exynos\", \"scsi\" oder \"net/bluetooth\" Ger\u00e4tetreibern aufgrund von Race Conditions und NULL-Zeiger-Dereferenzproblemen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T032517",
          "T035785",
          "T034244"
        ]
      },
      "release_date": "2024-02-04T23:00:00Z",
      "title": "CVE-2024-24858"
    },
    {
      "cve": "CVE-2024-24859",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel gibt es mehrere Schwachstellen. Diese bestehen in mehreren Treibern wie \"drm/exynos\", \"scsi\" oder \"net/bluetooth\" Ger\u00e4tetreibern aufgrund von Race Conditions und NULL-Zeiger-Dereferenzproblemen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T032517",
          "T035785",
          "T034244"
        ]
      },
      "release_date": "2024-02-04T23:00:00Z",
      "title": "CVE-2024-24859"
    },
    {
      "cve": "CVE-2024-24860",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel gibt es mehrere Schwachstellen. Diese bestehen in mehreren Treibern wie \"drm/exynos\", \"scsi\" oder \"net/bluetooth\" Ger\u00e4tetreibern aufgrund von Race Conditions und NULL-Zeiger-Dereferenzproblemen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T032517",
          "T035785",
          "T034244"
        ]
      },
      "release_date": "2024-02-04T23:00:00Z",
      "title": "CVE-2024-24860"
    },
    {
      "cve": "CVE-2024-24861",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel gibt es mehrere Schwachstellen. Diese bestehen in mehreren Treibern wie \"drm/exynos\", \"scsi\" oder \"net/bluetooth\" Ger\u00e4tetreibern aufgrund von Race Conditions und NULL-Zeiger-Dereferenzproblemen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T032517",
          "T035785",
          "T034244"
        ]
      },
      "release_date": "2024-02-04T23:00:00Z",
      "title": "CVE-2024-24861"
    },
    {
      "cve": "CVE-2024-24864",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel gibt es mehrere Schwachstellen. Diese bestehen in mehreren Treibern wie \"drm/exynos\", \"scsi\" oder \"net/bluetooth\" Ger\u00e4tetreibern aufgrund von Race Conditions und NULL-Zeiger-Dereferenzproblemen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T032517",
          "T035785",
          "T034244"
        ]
      },
      "release_date": "2024-02-04T23:00:00Z",
      "title": "CVE-2024-24864"
    }
  ]
}

cve-2024-24857

Vulnerability from cvelistv5

Published

2024-02-05 07:31

Modified

2024-08-01 23:28

Severity ?

4.6 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L

Summary

Race condition vulnerability in Linux kernel bluetooth in conn_info_{min,max}_age_set()

References

▼	URL	Tags
	https://bugzilla.openanolis.cn/show_bug.cgi?id=8155
	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
	https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Impacted products

▼	Vendor	Product
	Linux	Linux kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-24857",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-21T19:29:31.571479Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:43:34.885Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:28:12.866Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8155"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "bluetooth"
          ],
          "packageName": "kernel",
          "platforms": [
            "Linux",
            "x86",
            "ARM"
          ],
          "product": "Linux kernel",
          "programFiles": [
            "https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/hci_debugfs.c"
          ],
          "repo": "https://gitee.com/anolis/cloud-kernel.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "v6.8-rc2",
              "status": "affected",
              "version": "v4.0-rc1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u767d\u5bb6\u9a79 \u003cbaijiaju@buaa.edu.cn\u003e"
        },
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u97e9\u6842\u680b \u003changuidong@buaa.edu.cn\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA race condition was found in the Linux kernel\u0027s net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.\u003c/p\u003e\n\n\n"
            }
          ],
          "value": "A race condition was found in the Linux kernel\u0027s net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.\n\n\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-26",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-26 Leveraging Race Conditions"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T07:31:31.308Z",
        "orgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
        "shortName": "Anolis"
      },
      "references": [
        {
          "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8155"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://lore.kernel.org/lkml/20231222162310.6461-1-2045gemini@gmail.com/T/\"\u003ehttps://lore.kernel.org/lkml/20231222162310.6461-1-2045gemini@gmail.com/T/\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": " https://lore.kernel.org/lkml/20231222162310.6461-1-2045gemini@gmail.com/T/ https://lore.kernel.org/lkml/20231222162310.6461-1-2045gemini@gmail.com/T/ \n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Race condition vulnerability in Linux kernel bluetooth in conn_info_{min,max}_age_set()",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
    "assignerShortName": "Anolis",
    "cveId": "CVE-2024-24857",
    "datePublished": "2024-02-05T07:31:31.308Z",
    "dateReserved": "2024-02-01T09:11:56.214Z",
    "dateUpdated": "2024-08-01T23:28:12.866Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-24861

Vulnerability from cvelistv5

Published

2024-02-05 07:26

Modified

2024-08-01 23:28

Severity ?

3.3 (Low) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L

Summary

Race condition vulnerability in Linux kernel media/xc4000 xc4000_get_frequency()

References

▼	URL	Tags
	https://bugzilla.openanolis.cn/show_bug.cgi?id=8150
	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
	https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Impacted products

▼	Vendor	Product
	Linux	Linux kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-24861",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-22T18:11:41.377364Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:43:39.200Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:28:12.999Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8150"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://kernel.org/",
          "defaultStatus": "unaffected",
          "modules": [
            "media",
            "xc4000"
          ],
          "packageName": "kernel",
          "platforms": [
            "Linux",
            "x86",
            "ARM"
          ],
          "product": "Linux kernel",
          "programFiles": [
            "https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/drivers/media/tuners/xc4000.c"
          ],
          "repo": "https://gitee.com/anolis/cloud-kernel.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "v6.8-rc1",
              "status": "affected",
              "version": "v3.1-rc1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u767d\u5bb6\u9a79 \u003cbaijiaju@buaa.edu.cn\u003e"
        },
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u97e9\u6842\u680b \u003changuidong@buaa.edu.cn\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA race condition was found in the Linux kernel\u0027s media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.\u003c/p\u003e\n\n\n"
            }
          ],
          "value": "A race condition was found in the Linux kernel\u0027s media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.\n\n\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-26",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-26 Leveraging Race Conditions"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T07:26:43.824Z",
        "orgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
        "shortName": "Anolis"
      },
      "references": [
        {
          "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8150"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://lore.kernel.org/lkml/20231222055030.5237-1-2045gemini@gmail.com/\"\u003ehttps://lore.kernel.org/lkml/20231222055030.5237-1-2045gemini@gmail.com/\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": " https://lore.kernel.org/lkml/20231222055030.5237-1-2045gemini@gmail.com/ https://lore.kernel.org/lkml/20231222055030.5237-1-2045gemini@gmail.com/ \n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Race condition vulnerability in Linux kernel media/xc4000 xc4000_get_frequency()",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
    "assignerShortName": "Anolis",
    "cveId": "CVE-2024-24861",
    "datePublished": "2024-02-05T07:26:43.824Z",
    "dateReserved": "2024-02-01T09:11:56.214Z",
    "dateUpdated": "2024-08-01T23:28:12.999Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-24859

Vulnerability from cvelistv5

Published

2024-02-05 07:28

Modified

2024-08-01 23:28

Severity ?

4.6 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H

Summary

Race condition vulnerability in Linux kernel bluetooth sniff_{min,max}_interval_set()

References

▼	URL	Tags
	https://bugzilla.openanolis.cn/show_bug.cgi?id=8153

Impacted products

▼	Vendor	Product
	Linux	Linux kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-24859",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-05T15:33:58.445018Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:25.429Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:28:12.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8153"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "bluetooth"
          ],
          "packageName": "kernel",
          "platforms": [
            "Linux",
            "x86",
            "ARM"
          ],
          "product": "Linux kernel",
          "programFiles": [
            "https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/hci_debugfs.c"
          ],
          "repo": "https://gitee.com/anolis/cloud-kernel.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "v6.8-rc2",
              "status": "affected",
              "version": "v4.0-rc1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u767d\u5bb6\u9a79 \u003cbaijiaju@buaa.edu.cn\u003e"
        },
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u97e9\u6842\u680b \u003changuidong@buaa.edu.cn\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA race condition was found in the Linux kernel\u0027s net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service.\u003cbr\u003e\u003c/p\u003e\n\n\n\n\n"
            }
          ],
          "value": "A race condition was found in the Linux kernel\u0027s net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service.\n\n\n\n\n\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-26",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-26 Leveraging Race Conditions"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T07:28:06.115Z",
        "orgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
        "shortName": "Anolis"
      },
      "references": [
        {
          "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8153"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://lore.kernel.org/lkml/20231222162931.6553-1-2045gemini@gmail.com/\"\u003ehttps://lore.kernel.org/lkml/20231222162931.6553-1-2045gemini@gmail.com/\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": " https://lore.kernel.org/lkml/20231222162931.6553-1-2045gemini@gmail.com/ https://lore.kernel.org/lkml/20231222162931.6553-1-2045gemini@gmail.com/ \n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Race condition vulnerability in Linux kernel bluetooth sniff_{min,max}_interval_set()",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
    "assignerShortName": "Anolis",
    "cveId": "CVE-2024-24859",
    "datePublished": "2024-02-05T07:28:06.115Z",
    "dateReserved": "2024-02-01T09:11:56.214Z",
    "dateUpdated": "2024-08-01T23:28:12.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-22386

Vulnerability from cvelistv5

Published

2024-02-05 07:21

Modified

2024-08-01 22:43

Severity ?

5.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H

Summary

Race condition vulnerability in Linux kernel drm/exynos exynos_drm_crtc_atomic_disable

References

▼	URL	Tags
	https://bugzilla.openanolis.cn/show_bug.cgi?id=8147

Impacted products

▼	Vendor	Product
	Linux	Linux kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22386",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-28T17:06:57.037858Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-28T17:07:05.173Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:43:34.688Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8147"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://kernel.org/",
          "defaultStatus": "unaffected",
          "modules": [
            "drm",
            "exynos"
          ],
          "packageName": "kernel",
          "platforms": [
            "Linux",
            "x86",
            "ARM"
          ],
          "product": "Linux kernel",
          "programFiles": [
            "https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/drivers/gpu/drm/exynos/exynos_drm_crtc.c"
          ],
          "repo": "https://gitee.com/anolis/cloud-kernel.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "v6.6-rc1",
              "status": "affected",
              "version": "v4.11-rc1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u767d\u5bb6\u9a79 \u003cbaijiaju@buaa.edu.cn\u003e"
        },
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u97e9\u6842\u680b \u003changuidong@buaa.edu.cn\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA race condition was found in the Linux kernel\u0027s drm/exynos device driver in\u0026nbsp;exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edenial of service issue\u003c/span\u003e.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "A race condition was found in the Linux kernel\u0027s drm/exynos device driver in\u00a0exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-26",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-26 Leveraging Race Conditions"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T07:21:20.819Z",
        "orgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
        "shortName": "Anolis"
      },
      "references": [
        {
          "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8147"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=2e63972a2de14482d0eae1a03a73e379f1c3f44c\"\u003ehttps://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=2e63972a2de14482d0eae...\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": " https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=2e63972a2de14482d0eae... https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/ \n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Race condition vulnerability in Linux kernel drm/exynos exynos_drm_crtc_atomic_disable",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
    "assignerShortName": "Anolis",
    "cveId": "CVE-2024-22386",
    "datePublished": "2024-02-05T07:21:20.819Z",
    "dateReserved": "2024-01-15T09:44:45.540Z",
    "dateUpdated": "2024-08-01T22:43:34.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-23196

Vulnerability from cvelistv5

Published

2024-02-05 07:22

Modified

2024-08-01 22:59

Severity ?

5.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H

Summary

Race condition vulnerability in Linux kernel sound/hda snd_hdac_regmap_sync

References

▼	URL	Tags
	https://bugzilla.openanolis.cn/show_bug.cgi?id=8148

Impacted products

▼	Vendor	Product
	Linux	Linux kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-23196",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-05T17:02:43.219098Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:22:53.499Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:59:32.092Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8148"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://kernel.org/",
          "defaultStatus": "unaffected",
          "modules": [
            "sound/hda"
          ],
          "packageName": "kernel",
          "platforms": [
            "Linux",
            "x86",
            "ARM"
          ],
          "product": "Linux kernel",
          "programFiles": [
            "https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/sound/hda/hdac_regmap.c"
          ],
          "repo": "https://gitee.com/anolis/cloud-kernel.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "v6.5-rc1",
              "status": "affected",
              "version": "v5.6-rc1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u767d\u5bb6\u9a79 \u003cbaijiaju@buaa.edu.cn\u003e"
        },
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u97e9\u6842\u680b \u003changuidong@buaa.edu.cn\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA race condition was found in the Linux kernel\u0027s \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esound/hda \u003c/span\u003e device driver in snd_hdac_regmap_sync() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edenial of service issue\u003c/span\u003e.\u003c/span\u003e\u003c/span\u003e\u003c/p\u003e"
            }
          ],
          "value": "A race condition was found in the Linux kernel\u0027s sound/hda  device driver in snd_hdac_regmap_sync() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-26",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-26 Leveraging Race Conditions"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T07:22:39.907Z",
        "orgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
        "shortName": "Anolis"
      },
      "references": [
        {
          "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8148"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/torvalds/linux/commit/1f4a08fed450d\"\u003ehttps://github.com/torvalds/linux/commit/1f4a08fed450d\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": " https://github.com/torvalds/linux/commit/1f4a08fed450d https://github.com/torvalds/linux/commit/1f4a08fed450d \n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Race condition vulnerability in Linux kernel sound/hda snd_hdac_regmap_sync",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
    "assignerShortName": "Anolis",
    "cveId": "CVE-2024-23196",
    "datePublished": "2024-02-05T07:22:39.907Z",
    "dateReserved": "2024-01-15T09:44:45.550Z",
    "dateUpdated": "2024-08-01T22:59:32.092Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-24860

Vulnerability from cvelistv5

Published

2024-02-05 07:27

Modified

2024-08-01 23:28

Severity ?

4.6 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N

Summary

Race condition vulnerability in Linux kernel bluetooth driver in {min,max}_key_size_set()

References

▼	URL	Tags
	https://bugzilla.openanolis.cn/show_bug.cgi?id=8151
	https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html

Impacted products

▼	Vendor	Product
	Linux	Linux kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-24860",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-05T14:05:40.448336Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:19.546Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:28:12.994Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8151"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://kernel.org/",
          "defaultStatus": "unaffected",
          "modules": [
            "bluetooth"
          ],
          "packageName": "kernel",
          "platforms": [
            "Linux",
            "x86",
            "ARM"
          ],
          "product": "Linux kernel",
          "programFiles": [
            "https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/hci_debugfs.c"
          ],
          "repo": "https://gitee.com/anolis/cloud-kernel.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "v6.8-rc1",
              "status": "affected",
              "version": "v5.6-rc1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u767d\u5bb6\u9a79 \u003cbaijiaju@buaa.edu.cn\u003e"
        },
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u97e9\u6842\u680b \u003changuidong@buaa.edu.cn\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA race condition was found in the Linux kernel\u0027s bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\u003c/p\u003e\n\n\n"
            }
          ],
          "value": "A race condition was found in the Linux kernel\u0027s bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-26",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-26 Leveraging Race Conditions"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T07:27:31.042Z",
        "orgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
        "shortName": "Anolis"
      },
      "references": [
        {
          "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8151"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/torvalds/linux/commit/da9065caa594d\"\u003ehttps://github.com/torvalds/linux/commit/da9065caa594d\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": " https://github.com/torvalds/linux/commit/da9065caa594d https://github.com/torvalds/linux/commit/da9065caa594d \n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Race condition vulnerability in Linux kernel bluetooth driver in {min,max}_key_size_set()",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
    "assignerShortName": "Anolis",
    "cveId": "CVE-2024-24860",
    "datePublished": "2024-02-05T07:27:31.042Z",
    "dateReserved": "2024-02-01T09:11:56.214Z",
    "dateUpdated": "2024-08-01T23:28:12.994Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-24858

Vulnerability from cvelistv5

Published

2024-02-05 07:30

Modified

2024-08-01 23:28

Severity ?

4.6 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H

Summary

Race condition vulnerability in Linux kernel net/bluetooth in {conn,adv}_{min,max}_interval_set()

References

▼	URL	Tags
	https://bugzilla.openanolis.cn/show_bug.cgi?id=8154
	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
	https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Impacted products

▼	Vendor	Product
	Linux	Linux kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-24858",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-06T18:47:37.158239Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:10.209Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:28:13.187Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8154"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "bluetooth"
          ],
          "packageName": "kernel",
          "platforms": [
            "Linux",
            "x86",
            "ARM"
          ],
          "product": "Linux kernel",
          "programFiles": [
            "https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/hci_debugfs.c"
          ],
          "repo": "https://gitee.com/anolis/cloud-kernel.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "v6.8-rc2",
              "status": "affected",
              "version": "v4.0-rc1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u767d\u5bb6\u9a79 \u003cbaijiaju@buaa.edu.cn\u003e"
        },
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u97e9\u6842\u680b \u003changuidong@buaa.edu.cn\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA race condition was found in the Linux kernel\u0027s net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.\u003c/p\u003e\n\n\n"
            }
          ],
          "value": "A race condition was found in the Linux kernel\u0027s net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.\n\n\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-26",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-26 Leveraging Race Conditions"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T07:30:55.483Z",
        "orgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
        "shortName": "Anolis"
      },
      "references": [
        {
          "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8154"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://lore.kernel.org/lkml/20231222161317.6255-1-2045gemini@gmail.com/\"\u003ehttps://lore.kernel.org/lkml/20231222161317.6255-1-2045gemini@gmail.com/\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": " https://lore.kernel.org/lkml/20231222161317.6255-1-2045gemini@gmail.com/ https://lore.kernel.org/lkml/20231222161317.6255-1-2045gemini@gmail.com/ \n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Race condition vulnerability in Linux kernel net/bluetooth in {conn,adv}_{min,max}_interval_set()",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
    "assignerShortName": "Anolis",
    "cveId": "CVE-2024-24858",
    "datePublished": "2024-02-05T07:30:55.483Z",
    "dateReserved": "2024-02-01T09:11:56.214Z",
    "dateUpdated": "2024-08-01T23:28:13.187Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-24864

Vulnerability from cvelistv5

Published

2024-02-05 07:36

Modified

2024-08-01 23:28

Severity ?

5.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H

Summary

Race condition vulnerability in Linux kernel media/dvb-core in dvbdmx_write()

References

▼	URL	Tags
	https://bugzilla.openanolis.cn/show_bug.cgi?id=8178

Impacted products

▼	Vendor	Product
	Linux	Linux kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-24864",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-05T14:37:17.751005Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:24.554Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:28:12.940Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8178"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "media",
            "dvd-core"
          ],
          "packageName": "kernel",
          "platforms": [
            "Linux",
            "x86",
            "ARM"
          ],
          "product": "Linux kernel",
          "programFiles": [
            "https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/drivers/media/dvb-core/dvb_demux.c"
          ],
          "repo": "https://gitee.com/anolis/cloud-kernel.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "v6.8-rc2",
              "status": "affected",
              "version": "v2.6.12-rc2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u767d\u5bb6\u9a79 \u003cbaijiaju@buaa.edu.cn\u003e"
        },
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u97e9\u6842\u680b \u003changuidong@buaa.edu.cn\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA race condition was found in the Linux kernel\u0027s media/dvb-core in dvbdmx_write()\u0026nbsp;function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\u003c/p\u003e\n\n\n"
            }
          ],
          "value": "A race condition was found in the Linux kernel\u0027s media/dvb-core in dvbdmx_write()\u00a0function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-26",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-26 Leveraging Race Conditions"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T07:36:04.281Z",
        "orgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
        "shortName": "Anolis"
      },
      "references": [
        {
          "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8178"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cu\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://patchwork.kernel.org/project/linux-media/patch/20230626024429.994136-1-islituo@gmail.com/\"\u003ehttps://patchwork.kernel.org/project/linux-media/patch/20230626024429.994136-1-islituo@gmail.com/\u003c/a\u003e\u003cbr\u003e\u003c/u\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://lore.kernel.org/all/20230626024429.994136-1-islituo@gmail.com/\"\u003ehttps://lore.kernel.org/all/20230626024429.994136-1-islituo@gmail.com/\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": " https://patchwork.kernel.org/project/linux-media/patch/20230626024429.994136-1-islituo@gmail.com/ https://patchwork.kernel.org/project/linux-media/patch/20230626024429.994136-1-islituo@gmail.com/ \n https://lore.kernel.org/all/20230626024429.994136-1-islituo@gmail.com/ https://lore.kernel.org/all/20230626024429.994136-1-islituo@gmail.com/ \n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Race condition vulnerability in Linux kernel media/dvb-core in dvbdmx_write()",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
    "assignerShortName": "Anolis",
    "cveId": "CVE-2024-24864",
    "datePublished": "2024-02-05T07:36:04.281Z",
    "dateReserved": "2024-02-01T09:11:56.216Z",
    "dateUpdated": "2024-08-01T23:28:12.940Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-24855

Vulnerability from cvelistv5

Published

2024-02-05 07:25

Modified

2024-08-01 23:28

Severity ?

5.0 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H

Summary

Race condition vulnerability in Linux kernel scsi device driver lpfc_unregister_fcf_rescan()

References

▼	URL	Tags
	https://bugzilla.openanolis.cn/show_bug.cgi?id=8149

Impacted products

▼	Vendor	Product
	Linux	Linux kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-24855",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-06T16:37:53.304176Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:34.582Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:28:12.898Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8149"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://kernel.org/",
          "defaultStatus": "unaffected",
          "modules": [
            "scsi"
          ],
          "packageName": "kernel",
          "platforms": [
            "Linux",
            "x86",
            "ARM"
          ],
          "product": "Linux kernel",
          "programFiles": [
            "https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/drivers/scsi/lpfc/lpfc_hbadisc.c"
          ],
          "repo": "https://gitee.com/anolis/cloud-kernel.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "v6.5-rc2",
              "status": "affected",
              "version": "v2.6.34-rc2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u767d\u5bb6\u9a79 \u003cbaijiaju@buaa.edu.cn\u003e"
        },
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "\u97e9\u6842\u680b \u003changuidong@buaa.edu.cn\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA race condition was found in the Linux kernel\u0027s scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\u003c/p\u003e\n\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "A race condition was found in the Linux kernel\u0027s scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-26",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-26 Leveraging Race Conditions"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T07:25:41.568Z",
        "orgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
        "shortName": "Anolis"
      },
      "references": [
        {
          "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8149"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/torvalds/linux/commit/0e881c0a4b614\"\u003ehttps://github.com/torvalds/linux/commit/0e881c0a4b614\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": " https://github.com/torvalds/linux/commit/0e881c0a4b614 https://github.com/torvalds/linux/commit/0e881c0a4b614 \n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Race condition vulnerability in Linux kernel scsi device driver lpfc_unregister_fcf_rescan()",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb8f1db9-b4b1-487b-a760-f65c4f368d8e",
    "assignerShortName": "Anolis",
    "cveId": "CVE-2024-24855",
    "datePublished": "2024-02-05T07:25:41.568Z",
    "dateReserved": "2024-02-01T09:11:56.213Z",
    "dateUpdated": "2024-08-01T23:28:12.898Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_certbund

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature