Search Results (8809 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-47256 1 Linux 1 Linux Kernel 2025-05-04 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: make sure wait for page writeback in memory_failure Our syzkaller trigger the "BUG_ON(!list_empty(&inode->i_wb_list))" in clear_inode: kernel BUG at fs/inode.c:519! Internal error: Oops - BUG: 0 [#1] SMP Modules linked in: Process syz-executor.0 (pid: 249, stack limit = 0x00000000a12409d7) CPU: 1 PID: 249 Comm: syz-executor.0 Not tainted 4.19.95 Hardware name: linux,dummy-virt (DT) pstate: 80000005 (Nzcv daif -PAN -UAO) pc : clear_inode+0x280/0x2a8 lr : clear_inode+0x280/0x2a8 Call trace: clear_inode+0x280/0x2a8 ext4_clear_inode+0x38/0xe8 ext4_free_inode+0x130/0xc68 ext4_evict_inode+0xb20/0xcb8 evict+0x1a8/0x3c0 iput+0x344/0x460 do_unlinkat+0x260/0x410 __arm64_sys_unlinkat+0x6c/0xc0 el0_svc_common+0xdc/0x3b0 el0_svc_handler+0xf8/0x160 el0_svc+0x10/0x218 Kernel panic - not syncing: Fatal exception A crash dump of this problem show that someone called __munlock_pagevec to clear page LRU without lock_page: do_mmap -> mmap_region -> do_munmap -> munlock_vma_pages_range -> __munlock_pagevec. As a result memory_failure will call identify_page_state without wait_on_page_writeback. And after truncate_error_page clear the mapping of this page. end_page_writeback won't call sb_clear_inode_writeback to clear inode->i_wb_list. That will trigger BUG_ON in clear_inode! Fix it by checking PageWriteback too to help determine should we skip wait_on_page_writeback.
CVE-2024-21318 1 Microsoft 1 Sharepoint Server 2025-05-03 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-20686 1 Microsoft 1 Windows Server 2022 23h2 2025-05-03 7.8 High
Win32k Elevation of Privilege Vulnerability
CVE-2024-20656 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2025-05-03 7.8 High
Visual Studio Elevation of Privilege Vulnerability
CVE-2024-21405 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 7 High
Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
CVE-2024-21397 1 Microsoft 1 Azure File Sync 2025-05-03 5.3 Medium
Microsoft Azure File Sync Elevation of Privilege Vulnerability
CVE-2024-21329 1 Microsoft 1 Azure Connected Machine Agent 2025-05-03 7.3 High
Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2024-28916 1 Microsoft 1 Xbox Gaming Services 2025-05-03 8.8 High
Xbox Gaming Services Elevation of Privilege Vulnerability
CVE-2024-21432 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-05-03 7 High
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-26199 1 Microsoft 1 365 Apps 2025-05-03 7.8 High
Microsoft Office Elevation of Privilege Vulnerability
CVE-2024-21446 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 7.8 High
NTFS Elevation of Privilege Vulnerability
CVE-2024-29992 1 Microsoft 1 Azure Identity Library For .net 2025-05-03 5.5 Medium
Azure Identity Library for .NET Information Disclosure Vulnerability
CVE-2024-29989 1 Microsoft 2 Azure Monitor, Azure Monitor Agent 2025-05-03 8.4 High
Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-28907 1 Microsoft 1 Windows Server 2022 23h2 2025-05-03 7.8 High
Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-26216 1 Microsoft 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more 2025-05-03 7.3 High
Windows File Server Resource Management Service Elevation of Privilege Vulnerability
CVE-2024-26242 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 7 High
Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26236 1 Microsoft 1 Windows Server 2022 23h2 2025-05-03 7 High
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-26158 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 7.8 High
Microsoft Install Service Elevation of Privilege Vulnerability
CVE-2024-21447 1 Microsoft 7 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 4 more 2025-05-03 7.8 High
Windows Authentication Elevation of Privilege Vulnerability
CVE-2024-30042 1 Microsoft 5 365 Apps, Excel, Office and 2 more 2025-05-03 7.8 High
Microsoft Excel Remote Code Execution Vulnerability