The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsThere is no fixed version for Centos:9 kernel-rt-debug-modules-extra.
Note: Versions mentioned in the description apply only to the upstream kernel-rt-debug-modules-extra package and not the kernel-rt-debug-modules-extra package as distributed by Centos.
See How to fix? for Centos:9 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
atm: Revert atm_account_tx() if copy_from_iter_full() fails.
In vcc_sendmsg(), we account skb->truesize to sk->sk_wmem_alloc by atm_account_tx().
It is expected to be reverted by atm_pop_raw() later called by vcc->dev->ops->send(vcc, skb).
However, vcc_sendmsg() misses the same revert when copy_from_iter_full() fails, and then we will leak a socket.
Let's factorise the revert part as atm_return_tx() and call it in the failure path.
Note that the corresponding sk_wmem_alloc operation can be found in alloc_tx() as of the blamed commit.
$ git blame -L:alloc_tx net/atm/common.c c55fa3cccbc2c~