

Critical Vulnerability Discovered in WordPress LiteSpeed Cache Plugin
September 6, 2024
Microchip Technology Confirms Data Breach in Play Ransomware Cyberattack
September 6, 2024
Critical Vulnerability Discovered in WordPress LiteSpeed Cache Plugin
September 6, 2024
Microchip Technology Confirms Data Breach in Play Ransomware Cyberattack
September 6, 2024Severity
Medium
Analysis Summary
CVE-2024-42273 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by a flaw in CURSEG_ALL_DATA_ATGC. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-42258 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by an error related to huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-42259 CVSS:4.1
Linux Kernel is vulnerable to a denial of service, caused by improper bounds checking by drm/i915/gem. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-41042 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by an error related to netfilter: nf_tables: prefer nft_chain_validate nft_chain_validate. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-43888 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in mem_cgroup_from_slab_obj(). By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-43910 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds memory accesses in check_func_arg_reg_off(). By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-42285 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by use-after-free related to destroying CM IDs in service RDMA/iwcm. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-42302 CVSS:6.2
Linux Kernel is vulnerable to a denial of service, caused by a use-after-free on concurrent DPC and hot-removal. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-43833 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in adding ancillary links In v4l2_async_create_ancillary_links(). A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-43857 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference when checking end of zone. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-42264 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds access in performance query extensions. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-42273
- CVE-2024-42258
- CVE-2024-42259
- CVE-2024-41042
- CVE-2024-43888
- CVE-2024-43910
- CVE-2024-42285
- CVE-2024-42302
- CVE-2024-43833
- CVE-2024-43857
- CVE-2024-42264
Affected Vendors
Affected Products
- Linux Kernel 6.1
- Linux Kernel 6.6
- Linux Kernel 6.8
- Linux Kernel 6.10
- Linux - 4ef9ad19e176
- Linux - c58305af1835
- Linux - 4.9
- Linux - 20a69341f2d0
- Linux - 3.13
- Linux 5.19
- Linux 6.5
- Linux 6.8
- Linux aa4faf6eb271
- Linux bae7cb5d6800
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.