Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

Поиск уязвимостСй ΠΏΠΎ источнику Π‘Π”Π£ ЀБВЭК

Π‘Π”Π£ ЀБВЭК

Поиск уязвимостСй ΠΏΠΎ источнику Microsoft MSRC

Microsoft MSRC

Поиск уязвимостСй ΠΏΠΎ источнику NVD

NVD

Поиск уязвимостСй ΠΏΠΎ источнику Oracle ELSA

Oracle ELSA

Поиск уязвимостСй ΠΏΠΎ источнику Red Hat CVE

Red Hat CVE

Поиск уязвимостСй ΠΏΠΎ источнику Π Π•Π” ОБ

Π Π•Π” ОБ

Поиск уязвимостСй ΠΏΠΎ источнику Rocky RLSA

Rocky RLSA

Поиск уязвимостСй ΠΏΠΎ источнику SUSE CVRF

SUSE CVRF

Поиск уязвимостСй ΠΏΠΎ источнику Ubuntu

Ubuntu

Поиск уязвимостСй ΠΏΠΎ источнику Debian

Debian

Поиск уязвимостСй ΠΏΠΎ источнику Github

Github

ΠšΠΎΠ»ΠΈΡ‡Π΅ΡΡ‚Π²ΠΎ 16

ΠšΠΎΠ»ΠΈΡ‡Π΅ΡΡ‚Π²ΠΎ 16

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-26951

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list with a head on the stack of wg_peer_remove_all(). If a netlink dump is resumed and the cursored peer is one that has been removed via wg_peer_remove_all(), it will iterate from that peer and then attempt to dump freed peers. Fix this by instead checking peer->is_dead, which was explictly created for this purpose. Also move up the device_update_lock lockdep assertion, since reading is_dead relies on that. It can be reproduced by a small script like: echo "Setting config..." ip link add dev wg0 type wireguard wg setconf wg0 /big-config ( while true; do echo "Showing config..." wg showconf wg0 > /dev/null done ) & sleep 4 wg setconf wg0 <(printf "[Peer]\nPublicKey=$(wg genkey)\n") Resulting in: BUG: KASAN: slab-use-...

CVSS3: 7.8
EPSS: Низкий
redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-26951

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list with a head on the stack of wg_peer_remove_all(). If a netlink dump is resumed and the cursored peer is one that has been removed via wg_peer_remove_all(), it will iterate from that peer and then attempt to dump freed peers. Fix this by instead checking peer->is_dead, which was explictly created for this purpose. Also move up the device_update_lock lockdep assertion, since reading is_dead relies on that. It can be reproduced by a small script like: echo "Setting config..." ip link add dev wg0 type wireguard wg setconf wg0 /big-config ( while true; do echo "Showing config..." wg showconf wg0 > /dev/null done ) & sleep 4 wg setconf wg0 <(printf "[Peer]\nPublicKey=$(wg genkey)\n") Resulting in: BUG: KASAN: slab-use-...

CVSS3: 5.5
EPSS: Низкий
nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-26951

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list with a head on the stack of wg_peer_remove_all(). If a netlink dump is resumed and the cursored peer is one that has been removed via wg_peer_remove_all(), it will iterate from that peer and then attempt to dump freed peers. Fix this by instead checking peer->is_dead, which was explictly created for this purpose. Also move up the device_update_lock lockdep assertion, since reading is_dead relies on that. It can be reproduced by a small script like: echo "Setting config..." ip link add dev wg0 type wireguard wg setconf wg0 /big-config ( while true; do echo "Showing config..." wg showconf wg0 > /dev/null done ) & sleep 4 w

CVSS3: 7.8
EPSS: Низкий
msrc Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-26951

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

EPSS: Низкий
debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-26951

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: w ...

CVSS3: 7.8
EPSS: Низкий
github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-m923-55g6-m66q

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list with a head on the stack of wg_peer_remove_all(). If a netlink dump is resumed and the cursored peer is one that has been removed via wg_peer_remove_all(), it will iterate from that peer and then attempt to dump freed peers. Fix this by instead checking peer->is_dead, which was explictly created for this purpose. Also move up the device_update_lock lockdep assertion, since reading is_dead relies on that. It can be reproduced by a small script like: echo "Setting config..." ip link add dev wg0 type wireguard wg setconf wg0 /big-config ( while true; do echo "Showing config..." wg showconf wg0 > /dev/null done ) & sleep 4 ...

CVSS3: 7.8
EPSS: Низкий
fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2024-09398

большС 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ ΠΊΠΎΠΌΠΏΠΎΠ½Π΅Π½Ρ‚Π° wireguard ядра ΠΎΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½ΠΎΠΉ систСмы Linux, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ ΠΏΠΎΠ²Ρ‹ΡΠΈΡ‚ΡŒ ΠΏΡ€ΠΈΠ²ΠΈΠ»Π΅Π³ΠΈΠΈ Π² систСмС

CVSS3: 8.8
EPSS: Низкий
redos Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

ROS-20241031-01

большС 1 года назад

ΠœΠ½ΠΎΠΆΠ΅ΡΡ‚Π²Π΅Π½Π½Ρ‹Π΅ уязвимости kernel-lt

CVSS3: 8.8
EPSS: Низкий
oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

ELSA-2024-12813

большС 1 года назад

ELSA-2024-12813: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2024:1644-1

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2024:1659-1

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2024:1663-1

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2024:2203-1

ΠΏΠΎΡ‡Ρ‚ΠΈ 2 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2024:2135-1

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

ELSA-2024-9315

большС 1 года назад

ELSA-2024-9315: kernel security update (MODERATE)

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2024:2973-1

ΠΏΠΎΡ‡Ρ‚ΠΈ 2 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий

УязвимостСй Π½Π° страницу

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ
CVSS
EPSS
ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ
ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
CVE-2024-26951

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list with a head on the stack of wg_peer_remove_all(). If a netlink dump is resumed and the cursored peer is one that has been removed via wg_peer_remove_all(), it will iterate from that peer and then attempt to dump freed peers. Fix this by instead checking peer->is_dead, which was explictly created for this purpose. Also move up the device_update_lock lockdep assertion, since reading is_dead relies on that. It can be reproduced by a small script like: echo "Setting config..." ip link add dev wg0 type wireguard wg setconf wg0 /big-config ( while true; do echo "Showing config..." wg showconf wg0 > /dev/null done ) & sleep 4 wg setconf wg0 <(printf "[Peer]\nPublicKey=$(wg genkey)\n") Resulting in: BUG: KASAN: slab-use-...

CVSS3: 7.8
0%
Низкий
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
CVE-2024-26951

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list with a head on the stack of wg_peer_remove_all(). If a netlink dump is resumed and the cursored peer is one that has been removed via wg_peer_remove_all(), it will iterate from that peer and then attempt to dump freed peers. Fix this by instead checking peer->is_dead, which was explictly created for this purpose. Also move up the device_update_lock lockdep assertion, since reading is_dead relies on that. It can be reproduced by a small script like: echo "Setting config..." ip link add dev wg0 type wireguard wg setconf wg0 /big-config ( while true; do echo "Showing config..." wg showconf wg0 > /dev/null done ) & sleep 4 wg setconf wg0 <(printf "[Peer]\nPublicKey=$(wg genkey)\n") Resulting in: BUG: KASAN: slab-use-...

CVSS3: 5.5
0%
Низкий
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
CVE-2024-26951

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list with a head on the stack of wg_peer_remove_all(). If a netlink dump is resumed and the cursored peer is one that has been removed via wg_peer_remove_all(), it will iterate from that peer and then attempt to dump freed peers. Fix this by instead checking peer->is_dead, which was explictly created for this purpose. Also move up the device_update_lock lockdep assertion, since reading is_dead relies on that. It can be reproduced by a small script like: echo "Setting config..." ip link add dev wg0 type wireguard wg setconf wg0 /big-config ( while true; do echo "Showing config..." wg showconf wg0 > /dev/null done ) & sleep 4 w

CVSS3: 7.8
0%
Низкий
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
msrc Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
CVE-2024-26951

0%
Низкий
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
CVE-2024-26951

In the Linux kernel, the following vulnerability has been resolved: w ...

CVSS3: 7.8
0%
Низкий
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
GHSA-m923-55g6-m66q

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list with a head on the stack of wg_peer_remove_all(). If a netlink dump is resumed and the cursored peer is one that has been removed via wg_peer_remove_all(), it will iterate from that peer and then attempt to dump freed peers. Fix this by instead checking peer->is_dead, which was explictly created for this purpose. Also move up the device_update_lock lockdep assertion, since reading is_dead relies on that. It can be reproduced by a small script like: echo "Setting config..." ip link add dev wg0 type wireguard wg setconf wg0 /big-config ( while true; do echo "Showing config..." wg showconf wg0 > /dev/null done ) & sleep 4 ...

CVSS3: 7.8
0%
Низкий
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
BDU:2024-09398

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ ΠΊΠΎΠΌΠΏΠΎΠ½Π΅Π½Ρ‚Π° wireguard ядра ΠΎΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½ΠΎΠΉ систСмы Linux, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ ΠΏΠΎΠ²Ρ‹ΡΠΈΡ‚ΡŒ ΠΏΡ€ΠΈΠ²ΠΈΠ»Π΅Π³ΠΈΠΈ Π² систСмС

CVSS3: 8.8
0%
Низкий
большС 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
redos Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
ROS-20241031-01

ΠœΠ½ΠΎΠΆΠ΅ΡΡ‚Π²Π΅Π½Π½Ρ‹Π΅ уязвимости kernel-lt

CVSS3: 8.8
большС 1 года назад
oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
ELSA-2024-12813

ELSA-2024-12813: Unbreakable Enterprise kernel security update (IMPORTANT)

большС 1 года назад
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2024:1644-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2024:1659-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2024:1663-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2024:2203-1

Security update for the Linux Kernel

ΠΏΠΎΡ‡Ρ‚ΠΈ 2 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2024:2135-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
ELSA-2024-9315

ELSA-2024-9315: kernel security update (MODERATE)

большС 1 года назад
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2024:2973-1

Security update for the Linux Kernel

ΠΏΠΎΡ‡Ρ‚ΠΈ 2 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

УязвимостСй Π½Π° страницу

exploitDog - КомплСксноС Ρ€Π΅ΡˆΠ΅Π½ΠΈΠ΅ для обнаруТСния, ΠΎΡ†Π΅Π½ΠΊΠΈ ΠΈ устранСния уязвимостСй.