Total
2742 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-52472 | 1 Linux | 1 Linux Kernel | 2024-04-17 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: crypto: rsa - add a check for allocation failure Static checkers insist that the mpi_alloc() allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail in current kernels, but adding a check is very simple and makes the static checkers happy. | |||||
CVE-2023-52473 | 1 Linux | 1 Linux Kernel | 2024-04-17 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If device_register() in thermal_zone_device_register_with_trips() returns an error, the tz variable is set to NULL and subsequently dereferenced in kfree(tz->tzp). Commit adc8749b150c ("thermal/drivers/core: Use put_device() if device_register() fails") added the tz = NULL assignment in question to avoid a possible double-free after dropping the reference to the zone device. However, after commit 4649620d9404 ("thermal: core: Make thermal_zone_device_unregister() return after freeing the zone"), that assignment has become redundant, because dropping the reference to the zone device does not cause the zone object to be freed any more. Drop it to address the NULL pointer dereference. | |||||
CVE-2024-26604 | 1 Linux | 1 Linux Kernel | 2024-04-17 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: Revert "kobject: Remove redundant checks for whether ktype is NULL" This reverts commit 1b28cb81dab7c1eedc6034206f4e8d644046ad31. It is reported to cause problems, so revert it for now until the root cause can be found. | |||||
CVE-2021-46912 | 1 Linux | 1 Linux Kernel | 2024-04-17 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: net: Make tcp_allowed_congestion_control readonly in non-init netns Currently, tcp_allowed_congestion_control is global and writable; writing to it in any net namespace will leak into all other net namespaces. tcp_available_congestion_control and tcp_allowed_congestion_control are the only sysctls in ipv4_net_table (the per-netns sysctl table) with a NULL data pointer; their handlers (proc_tcp_available_congestion_control and proc_allowed_congestion_control) have no other way of referencing a struct net. Thus, they operate globally. Because ipv4_net_table does not use designated initializers, there is no easy way to fix up this one "bad" table entry. However, the data pointer updating logic shouldn't be applied to NULL pointers anyway, so we instead force these entries to be read-only. These sysctls used to exist in ipv4_table (init-net only), but they were moved to the per-net ipv4_net_table, presumably without realizing that tcp_allowed_congestion_control was writable and thus introduced a leak. Because the intent of that commit was only to know (i.e. read) "which congestion algorithms are available or allowed", this read-only solution should be sufficient. The logic added in recent commit 31c4d2f160eb: ("net: Ensure net namespace isolation of sysctls") does not and cannot check for NULL data pointers, because other table entries (e.g. /proc/sys/net/netfilter/nf_log/) have .data=NULL but use other methods (.extra2) to access the struct net. | |||||
CVE-2022-24808 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a `SET` request to `NET-SNMP-AGENT-MIB::nsLogTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | |||||
CVE-2022-24809 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a `GET-NEXT` to the `nsVacmAccessTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | |||||
CVE-2022-24810 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | |||||
CVE-2023-33056 | 1 Qualcomm | 232 Ar8035, Ar8035 Firmware, Csr8811 and 229 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE. | |||||
CVE-2023-24847 | 1 Qualcomm | 514 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 511 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS in Modem while allocating DSM items. | |||||
CVE-2022-33305 | 1 Qualcomm | 162 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 159 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH. | |||||
CVE-2022-33304 | 1 Qualcomm | 80 9205 Lte Modem, 9205 Lte Modem Firmware, 9206 Lte Modem and 77 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet. | |||||
CVE-2022-33294 | 1 Qualcomm | 24 Mdm8207, Mdm8207 Firmware, Mdm9205 and 21 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message. | |||||
CVE-2022-33223 | 1 Qualcomm | 24 Mdm8207, Mdm8207 Firmware, Mdm9205 and 21 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding. | |||||
CVE-2022-25739 | 1 Qualcomm | 52 Mdm8207, Mdm8207 Firmware, Mdm9205 and 49 more | 2024-04-12 | N/A | 7.5 HIGH |
Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call | |||||
CVE-2022-25735 | 1 Qualcomm | 68 Ar8031, Ar8031 Firmware, Csra6620 and 65 more | 2024-04-12 | N/A | 7.5 HIGH |
Denial of service in modem due to missing null check while processing TCP or UDP packets from server | |||||
CVE-2022-25733 | 1 Qualcomm | 70 Ar8031, Ar8031 Firmware, Csra6620 and 67 more | 2024-04-12 | N/A | 7.5 HIGH |
Denial of service in modem due to null pointer dereference while processing DNS packets | |||||
CVE-2023-43522 | 1 Qualcomm | 572 Aqt1000, Aqt1000 Firmware, Ar8035 and 569 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. | |||||
CVE-2023-33109 | 1 Qualcomm | 620 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 617 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. | |||||
CVE-2023-33089 | 1 Qualcomm | 456 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 453 more | 2024-04-12 | N/A | 7.5 HIGH |
Transient DOS when processing a NULL buffer while parsing WLAN vdev. | |||||
CVE-2023-33088 | 1 Qualcomm | 612 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 609 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption when processing cmd parameters while parsing vdev. |