ROOT-OS-UBUNTU-2204-CVE-2024-42135 CVE-2024-42135 in rootio-linux - Patched by Root

Root has patched CVE-2024-42135 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

Mageia: Security Advisory (MGASA-2024-0278)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-42135

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

CVE-2024-42135 vhost_task: Handle SIGKILL by flushing work and exiting

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

CVE-2024-42135 vhost_task: Handle SIGKILL by flushing work and exiting

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

CVE-2024-42135 vhost_task: Handle SIGKILL by flushing work and exiting

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions

The point-of-sale PoS terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to...

CVE-2023-42135

creationtimestamp| type| source ---|---|--- 2024-01-15 15:26:50+00:00| seen| https://t.me/ctinow/168402 2024-01-17 17:06:42+00:00| published-proof-of-concept| https://t.me/truesecator/5303 2024-01-18 15:27:35+00:00| seen| https://t.me/itsecnews/3996 2024-06-01 21:47:05+00:00| seen|...

CVE-2023-42135

CVE-2023-42135 details (PAX A920Pro/A50) affect PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier on PAX Android POS devices. The vulnerability allows local code execution by bypassing input validation during flashing of a specific partition, via parameter injection in the flashing process....

CVE-2021-42135

creationtimestamp| type| source ---|---|--- 2021-10-11 07:23:27+00:00| seen| https://t.me/cibsecurity/30306...

CVE-2021-42135

HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. Users may, in some situations, have more privileges than intended, e.g., a user with read permission for the /gcp/roleset/ path may be abl...

CVE-2021-42135

CVE-2021-42135 affects HashiCorp Vault and Vault Enterprise 1.8.x–1.8.4, describing an unexpected interaction between glob-related policies and the Google Cloud secrets engine. The root cause is a policy-glob interaction that may grant more privileges than intended, e.g., a user with read access ...