exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

bind:CVE-2024-50047

exploitDog

bind:CVE-2024-50047

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 24

Количество 24

CVE-2024-50047

8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt # dd if=/mnt/largefile of=/dev/null ... [ 194.196391] ================================================================== [ 194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110 [ 194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899 [ 194.197707] [ 194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43 [ 194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 [ 194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs] [ 194.200032] Call Trace: [ 194.200191] <TASK> [ 194.200327] dump_stack_lvl+0x4e/0x70 [ 194.200558] ? gf128mul_4k_ll...

CVSS3: 7.8

EPSS: Низкий

CVE-2024-50047

8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt # dd if=/mnt/largefile of=/dev/null ... [ 194.196391] ================================================================== [ 194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110 [ 194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899 [ 194.197707] [ 194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43 [ 194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 [ 194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs] [ 194.200032] Call Trace: [ 194.200191] <TASK> [ 194.200327] dump_stack_lvl+0x4e/0x70 [ 194.200558] ? gf128mul_4k_lle+0...

CVSS3: 6.7

EPSS: Низкий

CVE-2024-50047

8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt # dd if=/mnt/largefile of=/dev/null ... [ 194.196391] ================================================================== [ 194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110 [ 194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899 [ 194.197707] [ 194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43 [ 194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 [ 194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs] [ 194.200032] Call Trace: [ 194.200191] <TASK> [ 194.200327] dump_sta

CVSS3: 7.8

EPSS: Низкий

CVE-2024-50047

7 месяцев назад

CVSS3: 7.8

EPSS: Низкий

CVE-2024-50047

8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: s ...

CVSS3: 7.8

EPSS: Низкий

GHSA-mr7m-3g53-q257

8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt # dd if=/mnt/largefile of=/dev/null ... [ 194.196391] ================================================================== [ 194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110 [ 194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899 [ 194.197707] [ 194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43 [ 194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 [ 194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs] [ 194.200032] Call Trace: [ 194.200191] <TASK> [ 194.200327] dump_...

CVSS3: 7.8

EPSS: Низкий

BDU:2024-09012

9 месяцев назад

Уязвимость функции decrypt_raw_data() подсистемы SMB ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации.

CVSS3: 7.8

EPSS: Низкий

SUSE-SU-2024:4103-1

7 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:4140-1

7 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:4131-1

7 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2025:0153-1

5 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2025:0117-1

5 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2025:0154-1

5 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2025:0034-1

5 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:4100-1

7 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:3983-1

7 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:3985-1

7 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:3986-1

7 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:3984-1

7 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2025:0289-1

5 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2024-50047 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt # dd if=/mnt/largefile of=/dev/null ... [ 194.196391] ================================================================== [ 194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110 [ 194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899 [ 194.197707] [ 194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43 [ 194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 [ 194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs] [ 194.200032] Call Trace: [ 194.200191] <TASK> [ 194.200327] dump_stack_lvl+0x4e/0x70 [ 194.200558] ? gf128mul_4k_ll...	CVSS3: 7.8	0% Низкий	8 месяцев назад
	CVE-2024-50047 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt # dd if=/mnt/largefile of=/dev/null ... [ 194.196391] ================================================================== [ 194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110 [ 194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899 [ 194.197707] [ 194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43 [ 194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 [ 194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs] [ 194.200032] Call Trace: [ 194.200191] <TASK> [ 194.200327] dump_stack_lvl+0x4e/0x70 [ 194.200558] ? gf128mul_4k_lle+0...	CVSS3: 6.7	0% Низкий	8 месяцев назад
	CVE-2024-50047 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt # dd if=/mnt/largefile of=/dev/null ... [ 194.196391] ================================================================== [ 194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110 [ 194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899 [ 194.197707] [ 194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43 [ 194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 [ 194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs] [ 194.200032] Call Trace: [ 194.200191] <TASK> [ 194.200327] dump_sta	CVSS3: 7.8	0% Низкий	8 месяцев назад
	CVE-2024-50047	CVSS3: 7.8	0% Низкий	7 месяцев назад
	CVE-2024-50047 In the Linux kernel, the following vulnerability has been resolved: s ...	CVSS3: 7.8	0% Низкий	8 месяцев назад
	GHSA-mr7m-3g53-q257 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt # dd if=/mnt/largefile of=/dev/null ... [ 194.196391] ================================================================== [ 194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110 [ 194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899 [ 194.197707] [ 194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43 [ 194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 [ 194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs] [ 194.200032] Call Trace: [ 194.200191] <TASK> [ 194.200327] dump_...	CVSS3: 7.8	0% Низкий	8 месяцев назад
	BDU:2024-09012 Уязвимость функции decrypt_raw_data() подсистемы SMB ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации.	CVSS3: 7.8	0% Низкий	9 месяцев назад
	SUSE-SU-2024:4103-1 Security update for the Linux Kernel			7 месяцев назад
	SUSE-SU-2024:4140-1 Security update for the Linux Kernel			7 месяцев назад
	SUSE-SU-2024:4131-1 Security update for the Linux Kernel			7 месяцев назад
	SUSE-SU-2025:0153-1 Security update for the Linux Kernel			5 месяцев назад
	SUSE-SU-2025:0117-1 Security update for the Linux Kernel			5 месяцев назад
	SUSE-SU-2025:0154-1 Security update for the Linux Kernel			5 месяцев назад
	SUSE-SU-2025:0034-1 Security update for the Linux Kernel			5 месяцев назад
	SUSE-SU-2024:4100-1 Security update for the Linux Kernel			7 месяцев назад
	SUSE-SU-2024:3983-1 Security update for the Linux Kernel			7 месяцев назад
	SUSE-SU-2024:3985-1 Security update for the Linux Kernel			7 месяцев назад
	SUSE-SU-2024:3986-1 Security update for the Linux Kernel			7 месяцев назад
	SUSE-SU-2024:3984-1 Security update for the Linux Kernel			7 месяцев назад
	SUSE-SU-2025:0289-1 Security update for the Linux Kernel			5 месяцев назад

Уязвимостей на страницу