Security Check #15

Annotations

10 errors, 11 warnings, and 1 notice

CVE-2024-26952 - HIGH severity - kernel: ksmbd: fix potencial out-of-bounds when buffer offset is invalid vulnerability in linux-libc-dev

CVE-2024-44949 - HIGH severity - kernel: parisc: fix a possible DMA corruption vulnerability in linux-libc-dev

CVE-2024-49950 - HIGH severity - kernel: Bluetooth: L2CAP: Fix uaf in l2cap_connect vulnerability in linux-libc-dev

CVE-2024-49960 - HIGH severity - kernel: ext4: fix timer use-after-free on failed mount vulnerability in linux-libc-dev

CVE-2024-49986 - HIGH severity - kernel: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors vulnerability in linux-libc-dev

CVE-2024-49991 - HIGH severity - kernel: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer vulnerability in linux-libc-dev

CVE-2024-50036 - HIGH severity - kernel: net: do not delay dst_entries_add() in dst_release() vulnerability in linux-libc-dev

CVE-2024-50067 - HIGH severity - kernel: uprobe: avoid out-of-bounds memory access of fetching args vulnerability in linux-libc-dev

CVE-2024-50126 - HIGH severity - kernel: net: sched: use RCU read-side critical section in taprio_dump() vulnerability in linux-libc-dev

CVE-2024-50215 - HIGH severity - kernel: nvmet-auth: assign dh_key to NULL after kfree_sensitive vulnerability in linux-libc-dev

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Dockerfile not provided. Skipping sarif scan result.

CVE-2022-45888 - MEDIUM severity - kernel: use-after-free due to race condition in drivers/char/xillybus/xillyusb.c vulnerability in linux-libc-dev

CVE-2023-52812 - MEDIUM severity - kernel: drm/amd: check num of link levels when update pcie param vulnerability in linux-libc-dev

CVE-2024-26954 - MEDIUM severity - kernel: ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() vulnerability in linux-libc-dev

CVE-2024-35964 - MEDIUM severity - kernel: Bluetooth: ISO: Fix not validating setsockopt user input vulnerability in linux-libc-dev

CVE-2024-36244 - MEDIUM severity - kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too vulnerability in linux-libc-dev

CVE-2024-36478 - MEDIUM severity - kernel: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' vulnerability in linux-libc-dev

CVE-2024-36914 - MEDIUM severity - kernel: drm/amd/display: Skip on writeback when it's not applicable vulnerability in linux-libc-dev

CVE-2024-36915 - MEDIUM severity - kernel: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies vulnerability in linux-libc-dev

CVE-2024-36923 - MEDIUM severity - kernel: fs/9p: fix uninitialized values during inode evict vulnerability in linux-libc-dev

CVE-2024-50280 - LOW severity - kernel: dm cache: fix flushing uninitialized delayed_work on cache_ctr error vulnerability in linux-libc-dev

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security Check #15

scan (ghcr.io/toshy/php:8.3-fpm-bookworm)

Security Check #15

Jobs

Run details

Annotations

The logs for this run have expired and are no longer available.

Re-running jobs...