exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 16

BDU:2024-08680

больше 1 года назад

Уязвимость компонента writeback ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 5.5

EPSS: Низкий

CVE-2024-26720

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (struct dirty_throttle_control *)->thresh is an unsigned long, but is passed as the u32 divisor argument to div_u64(). On architectures where unsigned long is 64 bytes, the argument will be implicitly truncated. Use div64_u64() instead of div_u64() so that the value used in the "is this a safe division" check is the same as the divisor. Also, remove redundant cast of the numerator to u64, as that should happen implicitly. This would be difficult to exploit in memcg domain, given the ratio-based arithmetic domain_drity_limits() uses, but is much easier in global writeback domain with a BDI_CAP_STRICTLIMIT-backing device, using e.g. vm.dirty_bytes=(1<<32)*PAGE_SIZE so that dtc->thresh == (1<<32)

EPSS: Низкий

CVE-2024-26720

больше 1 года назад

A vulnerability was found in the wb_dirty_limits() function in the Linux kernel memory management (mm) subsystem which can lead to a divide-by-zero error. This issue could lead to a potential kernel crash.

CVSS3: 5.5

EPSS: Низкий

CVE-2024-26720

больше 1 года назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

EPSS: Низкий

GHSA-wcqp-hrg4-jgjg

больше 1 года назад

EPSS: Низкий

ROS-20241021-09

10 месяцев назад

Множественные уязвимости kernel-lt

CVSS3: 8.8

EPSS: Низкий

RLSA-2024:6567

11 месяцев назад

Moderate: kernel security update

EPSS: Низкий

ELSA-2024-6567

11 месяцев назад

ELSA-2024-6567: kernel security update (MODERATE)

EPSS: Низкий

SUSE-SU-2024:2381-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

ELSA-2024-7000

10 месяцев назад

ELSA-2024-7000: kernel security update (IMPORTANT)

EPSS: Низкий

RLSA-2024:7000

3 месяца назад

Important: kernel security update

EPSS: Низкий

SUSE-SU-2024:2360-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:2561-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:2394-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:2372-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:2939-1

12 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	Опубликовано
BDU:2024-08680 Уязвимость компонента writeback ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 5.5	больше 1 года назад
CVE-2024-26720 In the Linux kernel, the following vulnerability has been resolved: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (struct dirty_throttle_control )->thresh is an unsigned long, but is passed as the u32 divisor argument to div_u64(). On architectures where unsigned long is 64 bytes, the argument will be implicitly truncated. Use div64_u64() instead of div_u64() so that the value used in the "is this a safe division" check is the same as the divisor. Also, remove redundant cast of the numerator to u64, as that should happen implicitly. This would be difficult to exploit in memcg domain, given the ratio-based arithmetic domain_drity_limits() uses, but is much easier in global writeback domain with a BDI_CAP_STRICTLIMIT-backing device, using e.g. vm.dirty_bytes=(1<<32)PAGE_SIZE so that dtc->thresh == (1<<32)		больше 1 года назад
CVE-2024-26720 A vulnerability was found in the wb_dirty_limits() function in the Linux kernel memory management (mm) subsystem which can lead to a divide-by-zero error. This issue could lead to a potential kernel crash.	CVSS3: 5.5	больше 1 года назад
CVE-2024-26720 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.		больше 1 года назад
GHSA-wcqp-hrg4-jgjg In the Linux kernel, the following vulnerability has been resolved: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (struct dirty_throttle_control )->thresh is an unsigned long, but is passed as the u32 divisor argument to div_u64(). On architectures where unsigned long is 64 bytes, the argument will be implicitly truncated. Use div64_u64() instead of div_u64() so that the value used in the "is this a safe division" check is the same as the divisor. Also, remove redundant cast of the numerator to u64, as that should happen implicitly. This would be difficult to exploit in memcg domain, given the ratio-based arithmetic domain_drity_limits() uses, but is much easier in global writeback domain with a BDI_CAP_STRICTLIMIT-backing device, using e.g. vm.dirty_bytes=(1<<32)PAGE_SIZE so that dtc->thresh == (1<<32)		больше 1 года назад
ROS-20241021-09 Множественные уязвимости kernel-lt	CVSS3: 8.8	10 месяцев назад
RLSA-2024:6567 Moderate: kernel security update		11 месяцев назад
ELSA-2024-6567 ELSA-2024-6567: kernel security update (MODERATE)		11 месяцев назад
SUSE-SU-2024:2381-1 Security update for the Linux Kernel		около 1 года назад
ELSA-2024-7000 ELSA-2024-7000: kernel security update (IMPORTANT)		10 месяцев назад
RLSA-2024:7000 Important: kernel security update		3 месяца назад
SUSE-SU-2024:2360-1 Security update for the Linux Kernel		около 1 года назад
SUSE-SU-2024:2561-1 Security update for the Linux Kernel		около 1 года назад
SUSE-SU-2024:2394-1 Security update for the Linux Kernel		около 1 года назад
SUSE-SU-2024:2372-1 Security update for the Linux Kernel		около 1 года назад
SUSE-SU-2024:2939-1 Security update for the Linux Kernel		12 месяцев назад

Уязвимостей на страницу