CVE-2024-53197
published 2024-12-27CVE-2024-53197: In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus…
PriorityP278high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2025-04-30
Exploited in the wild
EPSS
3.56%
87.9th percentile
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
A bogus device can provide a bNumConfigurations value that exceeds the
initial value used in usb_get_configuration for allocating dev->config.
This can lead to out-of-bounds accesses later, e.g. in
usb_destroy_configuration.
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.123-1 (bookworm) | linux 6.1.123-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.123-1 (bookworm) | linux 6.1.123-1 (bookworm) |
| android | — | — | |
| linux | linux | — | — |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0b4ea4bfe16566b84645ded1403756a2dc4e0f19 | 0b4ea4bfe16566b84645ded1403756a2dc4e0f19 |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9b8460a2a7ce478e0b625af7c56d444dc24190f7 | 9b8460a2a7ce478e0b625af7c56d444dc24190f7 |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 62dc01c83fa71e10446ee4c31e0e3d5d1291e865 | 62dc01c83fa71e10446ee4c31e0e3d5d1291e865 |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9887d859cd60727432a01564e8f91302d361b72b | 9887d859cd60727432a01564e8f91302d361b72b |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 920a369a9f014f10ec282fd298d0666129379f1b | 920a369a9f014f10ec282fd298d0666129379f1b |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < b8f8b81dabe52b413fe9e062e8a852c48dd0680d | b8f8b81dabe52b413fe9e062e8a852c48dd0680d |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 379d3b9799d9da953391e973b934764f01e03960 | 379d3b9799d9da953391e973b934764f01e03960 |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < b521b53ac6eb04e41c03f46f7fe452e4d8e9bcca | b521b53ac6eb04e41c03f46f7fe452e4d8e9bcca |
| linux | linux | >= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < b909df18ce2a998afef81d58bbd1a05dc0788c40 | b909df18ce2a998afef81d58bbd1a05dc0788c40 |
| linux | linux_kernel | >= 0 < 5.10.234-1 | 5.10.234-1 |
| linux | linux_kernel | >= 0 < 6.1.123-1 | 6.1.123-1 |
| linux | linux_kernel | >= 0 < 6.12.3-1 | 6.12.3-1 |
| linux | linux_kernel | >= 0 < 6.12.3-1 | 6.12.3-1 |
| linux | linux_kernel | >= 0 < 5.4.0-211.231 | 5.4.0-211.231 |
| linux | linux_kernel | >= 0 < 5.15.0-135.146 | 5.15.0-135.146 |
| linux | linux_kernel | >= 0 < 6.8.0-58.60 | 6.8.0-58.60 |
| linux | linux_kernel | >= 0 < 6.11.0-18.18 | 6.11.0-18.18 |
| linux | linux_kernel | >= 0 < 3.13.0-210.261 | 3.13.0-210.261 |
| linux | linux_kernel | >= 0 < 4.4.0-270.304 | 4.4.0-270.304 |
| linux | linux_kernel | >= 0 < 4.4.0-278.312 | 4.4.0-278.312 |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2024-53197 is exploited via a malicious USB device physically connected to the target system, targeting the Linux kernel ALSA USB-audio driver (usb-audio). Detection should focus on anomalous USB device enumeration events, especially devices presenting a bNumConfigurations value that exceeds expected bounds. ↗
- →The vulnerability is in the ALSA usb-audio subsystem; specifically, a bogus device can supply a bNumConfigurations value exceeding the allocation in usb_get_configuration, leading to out-of-bounds access in usb_destroy_configuration. Monitor kernel logs for out-of-bounds access faults in usb-audio or USB configuration handling code paths. ↗
- ·Exploitation requires physical access to the target device via USB. Remote exploitation is not indicated; threat model is limited to scenarios where an adversary can connect a malicious USB audio device. ↗
- ·Android OEM patch timelines vary; Google Pixel devices receive patches immediately, but other vendors may lag. Verify patch level 2025-04-05 or later is applied to confirm remediation on Android devices. ↗
- ·Fixes were shared with Android OEM partners in a partner advisory on January 18 (prior to public disclosure), meaning some OEMs may have already shipped patches before the April 2025 bulletin. ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH
vulncheck7.8HIGH
cisa7.8HIGH
vendor_ubuntu8.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
linux vulnerabilities
osv·2026-01-29·CVSS 7.8
CVE-2024-26689 [HIGH] linux vulnerabilities
linux vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Ceph distributed file system;
- JFFS2 file system;
- Timer subsystem;
- USB sound devices;
(CVE-2024-26689, CVE-2024-53197, CVE-2024-57850, CVE-2025-38352)
OSV
linux-kvm vulnerabilities
osv·2025-07-08·CVSS 5.5
CVE-2022-3640 [MEDIUM] linux-kvm vulnerabilities
linux-kvm vulnerabilities
It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3640)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- Network file system (NFS) client;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Bluetooth subsystem;
- Network traffic control;
- USB sound devices;
(CVE-2024-50116, CVE-2021-47576, CVE-2024-53197, CVE-2024-46787,
CVE-2025-37798, CVE-2024-49958, CVE-2021-47260, CVE-2025-37932,
CVE-2022-49909)
OSV
linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips vulnerabilities
osv·2025-07-08·CVSS 7.8
CVE-2025-37932 [HIGH] linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips vulnerabilities
linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- Block layer subsystem;
- ACPI drivers;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Network traffic control;
- USB sound devices;
(CVE-2025-37932, CVE-2024-53197, CVE-2024-50116, CVE-2021-47379,
CVE-2024-49958, CVE-2022-49179, CVE-2024-46787, CVE-2024-41070,
CVE-2025-38000, CVE-2024-56662, CVE-2022-49176, CVE-2025-37798)
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities
osv·2025-07-08·CVSS 7.8
[HIGH] linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- Block layer subsystem;
- ACPI drivers;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Network traffic control;
- USB sound devices;
(CVE-2025-37932, CVE-2024-53197, CVE-2024-50116, CVE-2021-47379,
CVE-2024-49958, CVE-2022-49179, CVE-2024-46787, CVE-2024-41070,
CVE-2025-38000, CVE-2024-56662, CVE-2022-49176, CVE-2025-37798)
OSV
linux, linux-aws, linux-lts-xenial vulnerabilities
osv·2025-07-01·CVSS 5.5
CVE-2022-3640 [MEDIUM] linux, linux-aws, linux-lts-xenial vulnerabilities
linux, linux-aws, linux-lts-xenial vulnerabilities
It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3640)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- Network file system (NFS) client;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Bluetooth subsystem;
- Network traffic control;
- USB sound devices;
(CVE-2024-50116, CVE-2021-47576, CVE-2024-53197, CVE-2024-46787,
CVE-2025-37798, CVE-2024-49958, CVE-2021-47260, CVE-2025-37932,
CVE-2
OSV
linux-fips vulnerabilities
osv·2025-07-01·CVSS 5.5
CVE-2022-3640 [MEDIUM] linux-fips vulnerabilities
linux-fips vulnerabilities
It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3640)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- Network file system (NFS) client;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Bluetooth subsystem;
- Network traffic control;
- USB sound devices;
(CVE-2024-50116, CVE-2021-47576, CVE-2024-53197, CVE-2024-46787,
CVE-2025-37798, CVE-2024-49958, CVE-2021-47260, CVE-2025-37932,
CVE-2022-49909)
OSV
Kernel Live Patch Security Notice
osv·2025-05-29·CVSS 7.8
[HIGH] Kernel Live Patch Security Notice
Kernel Live Patch Security Notice
In the Linux kernel, the following vulnerability has been
resolved: nfsd: fix use-after-free due to delegation race A delegation
break could arrive as soon as we've called vfs_setlease. A delegation break
runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the
delegation to del_recall_lru. If we then exit nfs4_set_delegation without
hashing the delegation, it will be freed as soon as the callback is done
with it, without ever being removed from del_recall_lru. Symptoms show up
later as use-after-free or list corruption warnings, usually in the
laundromat thread. I suspect aba2072f4523 'nfsd: grant read delegations to
clients holding writes' made this bug easier to hit, but I looked as far
back as v3.0 and it looks to me it already had the
OSV
linux-raspi-5.4 vulnerabilities
osv·2025-05-28·CVSS 5.5
CVE-2024-23848 [MEDIUM] linux-raspi-5.4 vulnerabilities
linux-raspi-5.4 vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC archi
OSV
linux-raspi vulnerabilities
osv·2025-05-28·CVSS 5.5
CVE-2024-23848 [MEDIUM] linux-raspi vulnerabilities
linux-raspi vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architect
OSV
linux-raspi vulnerabilities
osv·2025-05-26
linux-raspi vulnerabilities
linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Ublk userspace block driver;
- Virtio block driver;
- Compressed RAM block device driver;
- Bluetooth drivers;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto d
OSV
linux-raspi-realtime vulnerabilities
osv·2025-05-20
linux-raspi-realtime vulnerabilities
linux-raspi-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Ublk userspace block driver;
- Virtio block driver;
- Compressed RAM block device driver;
- Bluetooth drivers;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware
OSV
linux-gcp-5.15 vulnerabilities
osv·2025-04-28·CVSS 7.8
CVE-2022-0995 [HIGH] linux-gcp-5.15 vulnerabilities
linux-gcp-5.15 vulnerabilities
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data
OSV
linux-azure-nvidia vulnerabilities
osv·2025-04-28·CVSS 8.8
CVE-2024-8805 [HIGH] linux-azure-nvidia vulnerabilities
linux-azure-nvidia vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive informa
OSV
linux-intel-iotg-5.15 vulnerabilities
osv·2025-04-24·CVSS 7.8
CVE-2022-0995 [HIGH] linux-intel-iotg-5.15 vulnerabilities
linux-intel-iotg-5.15 vulnerabilities
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
OSV
linux-hwe-6.8 vulnerabilities
osv·2025-04-24
linux-hwe-6.8 vulnerabilities
linux-hwe-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- CXL (Compute Express Link) drivers;
- EDAC drivers;
- AR
OSV
linux-ibm-5.15 vulnerabilities
osv·2025-04-24
CVE-2025-0927 linux-ibm-5.15 vulnerabilities
linux-ibm-5.15 vulnerabilities
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block d
OSV
linux-ibm-5.4 vulnerabilities
osv·2025-04-24·CVSS 5.5
CVE-2024-23848 [MEDIUM] linux-ibm-5.4 vulnerabilities
linux-ibm-5.4 vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- S390 architec
OSV
linux, linux-aws, linux-azure, linux-azure-6.8, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracl
osv·2025-04-23
linux, linux-aws, linux-azure, linux-azure-6.8, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracl
linux, linux-aws, linux-azure, linux-azure-6.8, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock
OSV
linux-realtime vulnerabilities
osv·2025-04-23
linux-realtime vulnerabilities
linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- CXL (Compute Express Link) drivers;
- EDAC drivers;
- A
OSV
linux-gcp-6.8 vulnerabilities
osv·2025-04-23
linux-gcp-6.8 vulnerabilities
linux-gcp-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- CXL (Compute Express Link) drivers;
- EDAC drivers;
- AR
OSV
linux-aws-6.8 vulnerabilities
osv·2025-04-23
linux-aws-6.8 vulnerabilities
linux-aws-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- CXL (Compute Express Link
OSV
linux-gcp, linux-gke, linux-gkeop vulnerabilities
osv·2025-04-23
linux-gcp, linux-gke, linux-gkeop vulnerabilities
linux-gcp, linux-gke, linux-gkeop vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- CXL (Compute Express Link) drivers;
OSV
linux-azure-5.15, linux-azure-fde-5.15 vulnerabilities
osv·2025-04-07
linux-azure-5.15, linux-azure-fde-5.15 vulnerabilities
linux-azure-5.15, linux-azure-fde-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Microsoft Hyper-V drivers;
- I3C subsystem;
- II
OSV
linux-iot vulnerabilities
osv·2025-04-03·CVSS 5.5
CVE-2022-38096 [MEDIUM] linux-iot vulnerabilities
linux-iot vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not
properly handle certain error conditions, leading to a NULL pointer
dereference. A local attacker could possibly trigger this vulnerability to
cause a denial of service. (CVE-2022-38096)
Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux
kernel did not properly handle locking for rings with IOPOLL, leading to a
double-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-21400)
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly
OSV
linux-hwe-5.15 vulnerabilities
osv·2025-04-02
linux-hwe-5.15 vulnerabilities
linux-hwe-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Microsoft Hyper-V drivers;
- I3C subsystem;
- IIO ADC drivers;
- IIO sub
OSV
linux-aws-fips vulnerabilities
osv·2025-04-01·CVSS 5.5
CVE-2024-23848 [MEDIUM] linux-aws-fips vulnerabilities
linux-aws-fips vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- S390 archite
OSV
linux-aws-5.4 vulnerabilities
osv·2025-04-01·CVSS 5.5
CVE-2024-23848 [MEDIUM] linux-aws-5.4 vulnerabilities
linux-aws-5.4 vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC archite
OSV
linux-aws vulnerabilities
osv·2025-04-01·CVSS 5.5
CVE-2024-23848 [MEDIUM] linux-aws vulnerabilities
linux-aws vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- S390 architecture
OSV
CVE-2024-53197: In multiple functions of quirks
osv·2025-04-01
CVE-2024-53197 CVE-2024-53197: In multiple functions of quirks
In multiple functions of quirks.c, there is a possible way to free arbitrary memory due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
OSV
linux-nvidia-tegra, linux-nvidia-tegra-igx vulnerabilities
osv·2025-03-28
CVE-2025-0927 linux-nvidia-tegra, linux-nvidia-tegra-igx vulnerabilities
linux-nvidia-tegra, linux-nvidia-tegra-igx vulnerabilities
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Driver
OSV
linux-fips vulnerabilities
osv·2025-03-28·CVSS 5.5
CVE-2024-23848 [MEDIUM] linux-fips vulnerabilities
linux-fips vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architectu
OSV
linux, linux-hwe-5.4 vulnerabilities
osv·2025-03-28·CVSS 5.5
CVE-2024-23848 [MEDIUM] linux, linux-hwe-5.4 vulnerabilities
linux, linux-hwe-5.4 vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Cryptographic API;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers
OSV
linux-xilinx-zynqmp vulnerabilities
osv·2025-03-28
CVE-2025-0927 linux-xilinx-zynqmp vulnerabilities
linux-xilinx-zynqmp vulnerabilities
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed bl
OSV
linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities
osv·2025-03-28·CVSS 5.5
CVE-2024-23848 [MEDIUM] linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities
linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibl
OSV
linux-realtime, linux-intel-iot-realtime vulnerabilities
osv·2025-03-28
linux-realtime, linux-intel-iot-realtime vulnerabilities
linux-realtime, linux-intel-iot-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Microsoft Hyper-V drivers;
- I3C subsystem;
-
OSV
linux-azure-fips, linux-gcp-fips vulnerabilities
osv·2025-03-28·CVSS 5.5
CVE-2024-23848 [MEDIUM] linux-azure-fips, linux-gcp-fips vulnerabilities
linux-azure-fips, linux-gcp-fips vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architectu
OSV
linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips vulnerabilities
osv·2025-03-28
linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips vulnerabilities
linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Microsoft Hyper-V drivers;
OSV
linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi v
osv·2025-03-27
linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi v
linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA eng
OSV
linux-aws-5.15, linux-kvm vulnerabilities
osv·2025-03-27
CVE-2025-0927 linux-aws-5.15, linux-kvm vulnerabilities
linux-aws-5.15, linux-kvm vulnerabilities
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM bac
OSV
linux-oem-6.11 vulnerabilities
osv·2025-02-28
CVE-2025-0927 linux-oem-6.11 vulnerabilities
linux-oem-6.11 vulnerabilities
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
-
OSV
linux-aws, linux-azure, linux-gcp, linux-oracle, linux-raspi, linux-realtime vulnerabilities
osv·2025-02-19
linux-aws, linux-azure, linux-gcp, linux-oracle, linux-raspi, linux-realtime vulnerabilities
linux-aws, linux-azure, linux-gcp, linux-oracle, linux-raspi, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- RAM backed block device driver;
- Network block device driver;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bluetooth drivers;
- TPM device driver;
- Clock framework a
OSV
linux, linux-lowlatency vulnerabilities
osv·2025-02-19
CVE-2025-0927 linux, linux-lowlatency vulnerabilities
linux, linux-lowlatency vulnerabilities
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI d
GHSA
GHSA-5244-qm9f-xx43: In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
ghsa_unreviewed·2024-12-27
CVE-2024-53197 [HIGH] CWE-787 GHSA-5244-qm9f-xx43: In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
A bogus device can provide a bNumConfigurations value that exceeds the
initial value used in usb_get_configuration for allocating dev->config.
This can lead to out-of-bounds accesses later, e.g. in
usb_destroy_configuration.
OSV
CVE-2024-53197: In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A
osv·2024-12-27·CVSS 7.8
CVE-2024-53197 [HIGH] CVE-2024-53197: In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration.
VulnCheck
Linux Kernel Out-of-Bounds Access Vulnerability
vulncheck·2024·CVSS 7.8
CVE-2024-53197 [HIGH] CWE-787 Linux Kernel Out-of-Bounds Access Vulnerability
Linux Kernel Out-of-Bounds Access Vulnerability
Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to potentially manipulate system memory, escalate privileges, or execute arbitrary code.
Affected: Linux Kernel
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://securitylab.amnesty.org/latest/2025/02/cellebrite-zero-day-exploit-used-to-target-phone-of-serbian-student-activist/; https://source.android.com/docs/securit
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-01-29·CVSS 7.8
CVE-2024-26689 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Ceph distributed file system;
- JFFS2 file system;
- Timer subsystem;
- USB sound devices;
(CVE-2024-26689, CVE-2024-53197, CVE-2024-57850, CVE-2025-38352)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the stan
Ubuntu
Kernel Live Patch Security Notice
vendor_ubuntu·2025-08-18
CVE-2022-49176 Kernel Live Patch Security Notice
Title: Kernel Live Patch Security Notice
Summary: Several security issues were fixed in the kernel.
In the Linux kernel, the following vulnerability has been
resolved: bfq: fix use-after-free in bfq_dispatch_request KASAN reports a
use-after-free report when doing normal scsi-mq test .
In the Linux kernel, the following vulnerability has been
resolved: block, bfq: don't move oom_bfqq Our test report a UAF: .
In the Linux kernel, the following vulnerability has been
resolved: Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() When
l2cap_recv_frame() is invoked to receive data, and the cid is
L2CAP_CID_A2MP, if the channel does not exist, it will create a channel.
However, after a channel is created, the hold operation of the channel is
not performed.
In the Linux kernel, the foll
CISA ICS
Siemens Third-Party Components in SINEC OS
cisa_ics·2025-08-14
Siemens Third-Party Components in SINEC OS
ICS Advisory
##
Siemens Third-Party Components in SINEC OS
Release DateAugust 14, 2025
Alert CodeICSA-25-226-07
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.1
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: Third-Party Components in SINEC OS
- Vulnerabilities: Improper Input Validation, Use After Free, Out-of-bounds Read,
Ubuntu
Linux kernel (KVM) vulnerabilities
vendor_ubuntu·2025-07-08·CVSS 5.5
CVE-2021-47260 [MEDIUM] Linux kernel (KVM) vulnerabilities
Title: Linux kernel (KVM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3640)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- Network file system (NFS) client;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Bluetooth subsystem;
- Network traffic control;
- USB sound devices;
(CVE-2024-50116, CVE-2021-47576, CVE-2024-53197, CVE-2024-46787,
CVE-2025-377
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-07-08·CVSS 7.8
CVE-2024-41070 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- Block layer subsystem;
- ACPI drivers;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Network traffic control;
- USB sound devices;
(CVE-2025-37932, CVE-2024-53197, CVE-2024-50116, CVE-2021-47379,
CVE-2024-49958, CVE-2022-49179, CVE-2024-46787, CVE-2024-41070,
CVE-2025-38000, CVE-2024-56662, CVE-2022-49176, CVE-2025-37798)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an u
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2025-07-08·CVSS 7.8
CVE-2024-41070 [HIGH] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- Block layer subsystem;
- ACPI drivers;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Network traffic control;
- USB sound devices;
(CVE-2025-37932, CVE-2024-53197, CVE-2024-50116, CVE-2021-47379,
CVE-2024-49958, CVE-2022-49179, CVE-2024-46787, CVE-2024-41070,
CVE-2025-38000, CVE-2024-56662, CVE-2022-49176, CVE-2025-37798)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2025-07-01·CVSS 5.5
CVE-2022-3640 [MEDIUM] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3640)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- Network file system (NFS) client;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Bluetooth subsystem;
- Network traffic control;
- USB sound devices;
(CVE-2024-50116, CVE-2021-47576, CVE-2024-53197, CVE-2024-46787,
CVE-2025-37
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-07-01·CVSS 5.5
CVE-2022-3640 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3640)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- Network file system (NFS) client;
- NILFS2 file system;
- File systems infrastructure;
- Memory management;
- Bluetooth subsystem;
- Network traffic control;
- USB sound devices;
(CVE-2024-50116, CVE-2021-47576, CVE-2024-53197, CVE-2024-46787,
CVE-2025-37798, CV
Ubuntu
Kernel Live Patch Security Notice
vendor_ubuntu·2025-05-29·CVSS 7.8
CVE-2022-0995 [HIGH] Kernel Live Patch Security Notice
Title: Kernel Live Patch Security Notice
Summary: Several security issues were fixed in the kernel.
In the Linux kernel, the following vulnerability has been
resolved: nfsd: fix use-after-free due to delegation race A delegation
break could arrive as soon as we've called vfs_setlease. A delegation break
runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the
delegation to del_recall_lru. If we then exit nfs4_set_delegation without
hashing the delegation, it will be freed as soon as the callback is done
with it, without ever being removed from del_recall_lru. Symptoms show up
later as use-after-free or list corruption warnings, usually in the
laundromat thread. I suspect aba2072f4523 'nfsd: grant read delegations to
clients holding writes' made this bug easier to hit, but
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
vendor_ubuntu·2025-05-28·CVSS 5.5
CVE-2024-53198 [MEDIUM] Linux kernel (Raspberry Pi) vulnerabilities
Title: Linux kernel (Raspberry Pi) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This upd
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
vendor_ubuntu·2025-05-28·CVSS 5.5
CVE-2025-21731 [MEDIUM] Linux kernel (Raspberry Pi) vulnerabilities
Title: Linux kernel (Raspberry Pi) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This upd
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
vendor_ubuntu·2025-05-26
CVE-2024-56551 Linux kernel (Raspberry Pi) vulnerabilities
Title: Linux kernel (Raspberry Pi) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Ublk userspace block driver;
- Virtio block driver;
- Compressed RAM block device driver;
- Bluetooth drivers;
- TPM device driver;
- Clock framework and drivers;
- Data
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities
vendor_ubuntu·2025-05-20
CVE-2024-57793 Linux kernel (Raspberry Pi Real-time) vulnerabilities
Title: Linux kernel (Raspberry Pi Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Ublk userspace block driver;
- Virtio block driver;
- Compressed RAM block device driver;
- Bluetooth drivers;
- TPM device driver;
- Clock framework and driver
Ubuntu
Linux kernel (GCP) vulnerabilities
vendor_ubuntu·2025-04-28·CVSS 7.8
CVE-2024-56631 [HIGH] Linux kernel (GCP) vulnerabilities
Title: Linux kernel (GCP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- D
Ubuntu
Linux kernel (Azure, N-Series) vulnerabilities
vendor_ubuntu·2025-04-28·CVSS 8.8
CVE-2024-53083 [HIGH] Linux kernel (Azure, N-Series) vulnerabilities
Title: Linux kernel (Azure, N-Series) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target na
Ubuntu
Linux kernel (IBM) vulnerabilities
vendor_ubuntu·2025-04-24
CVE-2024-40965 Linux kernel (IBM) vulnerabilities
Title: Linux kernel (IBM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsyst
Ubuntu
Linux kernel (HWE) vulnerabilities
vendor_ubuntu·2025-04-24
CVE-2024-53083 Linux kernel (HWE) vulnerabilities
Title: Linux kernel (HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware cry
Ubuntu
Linux kernel (IBM) vulnerabilities
vendor_ubuntu·2025-04-24·CVSS 5.5
CVE-2024-53237 [MEDIUM] Linux kernel (IBM) vulnerabilities
Title: Linux kernel (IBM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corre
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities
vendor_ubuntu·2025-04-24·CVSS 7.8
CVE-2024-56631 [HIGH] Linux kernel (Intel IoTG) vulnerabilities
Title: Linux kernel (Intel IoTG) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drive
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2025-04-23
CVE-2024-53047 Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardwa
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-04-23
CVE-2024-53047 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto de
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-04-23
CVE-2024-53083 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-04-23
CVE-2024-53047 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto de
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-04-23
CVE-2024-53047 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Compressed RAM block device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto de
CISA
Linux Kernel Out-of-Bounds Access Vulnerability
cisa·2025-04-09·CVSS 7.8
CVE-2024-53197 [HIGH] CWE-787 Linux Kernel Out-of-Bounds Access Vulnerability
Vulnerability: Linux Kernel Out-of-Bounds Access Vulnerability
Affected: Linux Kernel
Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to potentially manipulate system memory, escalate privileges, or execute arbitrary code.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notes: This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024122725-CVE-2024-53197-6aef@gregkh/ ; https://source.andr
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-04-07
CVE-2024-57906 Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID subsys
Ubuntu
Linux kernel (IoT) vulnerabilities
vendor_ubuntu·2025-04-03·CVSS 6.3
CVE-2024-50006 [MEDIUM] Linux kernel (IoT) vulnerabilities
Title: Linux kernel (IoT) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not
properly handle certain error conditions, leading to a NULL pointer
dereference. A local attacker could possibly trigger this vulnerability to
cause a denial of service. (CVE-2022-38096)
Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux
kernel did not properly handle locking for rings with IOPOLL, leading to a
double-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-21400)
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A loca
Ubuntu
Linux kernel (HWE) vulnerabilities
vendor_ubuntu·2025-04-02
CVE-2024-53685 Linux kernel (HWE) vulnerabilities
Title: Linux kernel (HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID subsyste
Ubuntu
Linux kernel (AWS) vulnerabilities
vendor_ubuntu·2025-04-01·CVSS 5.5
CVE-2024-53183 [MEDIUM] Linux kernel (AWS) vulnerabilities
Title: Linux kernel (AWS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corre
Ubuntu
Linux kernel (AWS) vulnerabilities
vendor_ubuntu·2025-04-01·CVSS 5.5
CVE-2024-53183 [MEDIUM] Linux kernel (AWS) vulnerabilities
Title: Linux kernel (AWS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corre
Ubuntu
Linux kernel (AWS FIPS) vulnerabilities
vendor_ubuntu·2025-04-01·CVSS 5.5
CVE-2024-53183 [MEDIUM] Linux kernel (AWS FIPS) vulnerabilities
Title: Linux kernel (AWS FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update
Android
CVE-2024-53197: USB
vendor_android·2025-04-01·CVSS 7.8
CVE-2024-53197 [HIGH] CVE-2024-53197: USB
Android Security Bulletin 2025-04-01
CVE: CVE-2024-53197
Severity: HIGH
Type: EoP
Component: USB
References: A-382243530
Upstream kernel
[2]
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities
vendor_ubuntu·2025-03-28
CVE-2024-50153 Linux kernel (Xilinx ZynqMP) vulnerabilities
Title: Linux kernel (Xilinx ZynqMP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block lay
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2025-03-28·CVSS 5.5
CVE-2024-50006 [MEDIUM] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corr
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-03-28·CVSS 5.5
CVE-2024-57900 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Cryptographic API;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC driv
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-03-28·CVSS 5.5
CVE-2024-56633 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects fl
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2025-03-28
CVE-2024-53685 Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID subsyst
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2025-03-28
CVE-2024-53685 Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID su
Ubuntu
Linux kernel (NVIDIA Tegra) vulnerabilities
vendor_ubuntu·2025-03-28
CVE-2024-50153 Linux kernel (NVIDIA Tegra) vulnerabilities
Title: Linux kernel (NVIDIA Tegra) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block laye
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-03-27
CVE-2024-53151 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- M
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-03-27
CVE-2024-56724 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
-
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-02-28
CVE-2024-47738 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
-
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-02-19
CVE-2024-47738 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- RAM backed block device driver;
- Network block device driver;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bluetooth drivers;
- TPM device driver;
- Clock fr
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-02-19
CVE-2024-49996 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
-
Red Hat
kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
vendor_redhat·2024-12-27·CVSS 7.8
CVE-2024-53197 [HIGH] CWE-120 kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
A bogus device can provide a bNumConfigurations value that exceeds the
initial value used in usb_get_configuration for allocating dev->config.
This can lead to out-of-bounds accesses later, e.g. in
usb_destroy_configuration.
A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code.
Statement: This CVE marked as impor
Debian
CVE-2024-53197: linux - In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-a...
vendor_debian·2024·CVSS 7.8
CVE-2024-53197 [HIGH] CVE-2024-53197: linux - In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-a...
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration.
Scope: local
bookworm: resolved (fixed in 6.1.123-1)
bullseye: resolved (fixed in 5.10.234-1)
forky: resolved (fixed in 6.12.3-1)
sid: resolved (fixed in 6.12.3-1)
trixie: resolved (fixed in 6.12.3-1)
No detection rules found.
No public exploits indexed.
Checkpoint
14th April – Threat Intelligence Report
blogs_checkpoint·2025-04-14
CVE-2024-50623 14th April – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 14th April – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 14th April, please download our Threat Intelligence Bulletin .
TOP ATTACKS AND BREACHES
The United States Office of the Comptroller of the Currency (OCC), an independent bureau of the Department of the Treasury, has suffered a significant security breach. Threat actors have gained access to the bureau’s email messages for a period of a year and a half. According to the agency’s disclosure, the messages included
Bleepingcomputer
Google fixes Android zero-days exploited in attacks, 60 other flaws
blogs_bleepingcomputer·2025-04-07·CVSS 5.5
CVE-2024-53197 [MEDIUM] Google fixes Android zero-days exploited in attacks, 60 other flaws
## Google fixes Android zero-days exploited in attacks, 60 other flaws
## Sergiu Gatlan
Google has released patches for 62 vulnerabilities in Android's April 2025 security update, including two zero-days exploited in targeted attacks.
One of the zero-days, a high-severity privilege escalation security vulnerability ( CVE-2024-53197 ) in the Linux kernel's USB-audio driver for ALSA Devices, was reportedly exploited by Serbian authorities to unlock confiscated Android devices as part of a zero-day exploit chain developed by Israeli digital forensics company Cellebrite.
This exploit chain—which also included a USB Video Class zero-day (CVE-2024-53104) patched in February and a Human Interface Devices zero-day (CVE-2024-50302) patched last month )—was discovered by Amnesty International's
https://git.kernel.org/stable/c/0b4ea4bfe16566b84645ded1403756a2dc4e0f19https://git.kernel.org/stable/c/379d3b9799d9da953391e973b934764f01e03960https://git.kernel.org/stable/c/62dc01c83fa71e10446ee4c31e0e3d5d1291e865https://git.kernel.org/stable/c/920a369a9f014f10ec282fd298d0666129379f1bhttps://git.kernel.org/stable/c/9887d859cd60727432a01564e8f91302d361b72bhttps://git.kernel.org/stable/c/9b8460a2a7ce478e0b625af7c56d444dc24190f7https://git.kernel.org/stable/c/b521b53ac6eb04e41c03f46f7fe452e4d8e9bccahttps://git.kernel.org/stable/c/b8f8b81dabe52b413fe9e062e8a852c48dd0680dhttps://git.kernel.org/stable/c/b909df18ce2a998afef81d58bbd1a05dc0788c40https://lists.debian.org/debian-lts-announce/2025/03/msg00001.htmlhttps://lists.debian.org/debian-lts-announce/2025/03/msg00002.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-53197
2024-12-27
Published
2025-04-09
Added to CISA KEV
Exploited in the wild