July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Developers Targeted by New ‘OtterCookie’ Malware with Fake Job Offers – Active IOCs
December 27, 2024Old D-Link Vulnerabilities Used by FICORA and Kaiten Botnets to Launch Worldwide Attacks – Active IOCs
December 27, 2024Developers Targeted by New ‘OtterCookie’ Malware with Fake Job Offers – Active IOCs
December 27, 2024Old D-Link Vulnerabilities Used by FICORA and Kaiten Botnets to Launch Worldwide Attacks – Active IOCs
December 27, 2024
Severity
Medium
Analysis Summary
CVE-2024-53095 CVSS:5.5
Linux Kernel is vulnerable to a denial of service caused by use-after-free of network namespace in smb. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-53094 CVSS:5.5
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES While running ISER over SIW, the initiator machine encounters a warning from skb_splice_from_iter() indicating that a slab page is being used in send_page. To address this, it is better to add a sendpage_ok() check within the driver itself, and if it returns 0, then MSG_SPLICE_PAGES flag should be disabled before entering the network stack.
CVE-2024-53092 CVSS:5.5
In the Linux kernel, the following vulnerability has been resolved: virtio_pci: Fix admin vq cleanup by using correct info pointer vp_modern_avq_cleanup() and vp_del_vqs() clean up admin vq resources by virtio_pci_vq_info pointer. The info pointer of admin vq is stored in vp_dev->admin_vq.info instead of vp_dev->vqs[]. Using the info pointer from vp_dev->vqs[] for admin vq causes a kernel NULL pointer dereference bug.
CVE-2024-53093 CVSS:5.5
Linux kernel is vulnerable to a denial of service caused by an error related to nvme-multipath. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-53091 CVSS:5.5
In the Linux kernel, the following vulnerability has been resolved: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx As the introduction of the support for vsock and unix sockets in sockmap, tls_sw_has_ctx_tx/rx cannot presume the socket passed in must be IS_ICSK. vsock and af_unix sockets have vsock_sock and unix_sock instead of inet_connection_sock.
CVE-2024-53090 CVSS:6.2
Linux Kernel is vulnerable to a denial of service, caused by a lock recursion in afs. By sending a specially crafted request, a local attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-53102 CVSS:5.5
Linux Kernel is vulnerable to a denial of service caused by a race condition in nvme. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-53100 CVSS:5.5
Linux Kernel is vulnerable to a denial of service caused by a race condition between queue_lock lock and destroy in nvme: tcp. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-53099 CVSS:5.5
Linux Kernel is vulnerable to a denial of service caused by out-of-bound read in bpf_link_show_fdinfo() of bpf. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-53095
- CVE-2024-53094
- CVE-2024-53092
- CVE-2024-53093
- CVE-2024-53091
- CVE-2024-53090
- CVE-2024-53102
- CVE-2024-53100
- CVE-2024-53099
Affected Vendors
Linux
Affected Products
- Linux Kernel 4.20
- Linux Kernel 5.15
- Linux Kernel 26abe14379f8
- Linux Kernel 1da177e4c3f4
- Linux Kernel 4c3b54af907e
- Linux Kernel 6.11
- Linux Kernel 94531cfcbe79
Remediation
Upgrade to the latest version of Linux Kernel, available from the GIT Repository.