CVE-2022-48797 mm: don't try to NUMA-migrate COW pages that have other uses

In the Linux kernel, the following vulnerability has been resolved: mm: don't try to NUMA-migrate COW pages that have other uses Oded Gabbay reports that enabling NUMA balancing causes corruption with his Gaudi accelerator test load: "All the details are in the bug, but the bottom line is that...

CVE-2022-48797 mm: don't try to NUMA-migrate COW pages that have other uses

In the Linux kernel, the following vulnerability has been resolved: mm: don't try to NUMA-migrate COW pages that have other uses Oded Gabbay reports that enabling NUMA balancing causes corruption with his Gaudi accelerator test load: "All the details are in the bug, but the bottom line is that...

CVE-2022-48797

CVE-2022-48797: Linux kernel vulnerability where NUMA balancing could affect COW page writability. Root cause: change_pte_range() tests page_mapcount(page) to enable NUMA faults, which is nonsensical; patch fixes to use page_count(). Oded Gabbay’s report linked a Gaudi accelerator workload; apply...

CVE-2024-37940

Cross-Site Request Forgery CSRF vulnerability in Seraphinite Solutions Seraphinite Accelerator Full, premium.This issue affects Seraphinite Accelerator Full, premium: from n/a through 2.21.13...

CVE-2024-37940 WordPress Seraphinite Accelerator (Full, premium) plugin <= 2.21.13 - CSRF Leading to Arbitrary File Deletion vulnerability

Cross-Site Request Forgery CSRF vulnerability in Seraphinite Solutions Seraphinite Accelerator Full, premium.This issue affects Seraphinite Accelerator Full, premium: from n/a through 2.21.13...

CVE-2024-37940

CVE-2024-37940 is a CSRF in the WordPress plugin Seraphinite Accelerator Ext (full/premium) affecting versions up to 2.21.13. The vulnerability can lead to arbitrary file deletion due to CSRF, as documented in public references. A fix is indicated by the plugin’s 2.21.13 release (or subsequent pa...

CVE-2024-37940 WordPress Seraphinite Accelerator (Full, premium) plugin <= 2.21.13 - CSRF Leading to Arbitrary File Deletion vulnerability

Cross-Site Request Forgery CSRF vulnerability in Seraphinite Solutions Seraphinite Accelerator Full, premium.This issue affects Seraphinite Accelerator Full, premium: from n/a through 2.21.13...

WordPress plugin Seraphinite Accelerator Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2024-27845 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Seraphinite Accelerator Full, premium versions n/a through 2.21.13 Liferay Portal and DXP versions 7.0.0 through 7.4.3.87 Description: A Cross-Site Request Forgery CSRF vulnerability and a medium severity XSS vulnerability have been identifie...

Ubuntu 24.04 LTS : Linux kernel (GKE) vulnerabilities (USN-6864-3)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6864-3 advisory. It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for...

USN-6864-3: Linux kernel (GKE) vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 A security issue was discovere...

Ubuntu 20.04 LTS : Linux kernel (IBM) vulnerabilities (USN-6892-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6892-1 advisory. It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An...

DEBIAN-CVE-2024-39493

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADFDEVRESETSYNC memory leak Using completiondone to determine whether the caller has gone away only works after a complete call. Furthermore it's still possible that the caller has not yet called...

UBUNTU-CVE-2024-39493

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADFDEVRESETSYNC memory leak Using completiondone to determine whether the caller has gone away only works after a complete call. Furthermore it's still possible that the caller has not yet called...

WordPress Seraphinite Accelerator (Full, premium) plugin <= 2.21.13 - CSRF Leading to Arbitrary File Deletion vulnerability

CSRF Leading to Arbitrary File Deletion vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Seraphinite Accelerator Full, premium versions = 2.21.13...

WordPress Seraphinite Accelerator (Full, premium) Plugin <= 2.21.13 is vulnerable to Cross Site Request Forgery (CSRF)

Software Seraphinite Accelerator Full, premium Type Plugin Vulnerable versions = 2.21.13 Fixed in 2.21.13.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37940 Patch priority Low CVSS severity Low 7.4 Developer Claim ownership PSID f1fc1258294f...

USN-6873-2: Linux kernel (StarFive) vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 Several security issues were...

USN-6864-2: Linux kernel vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 A security issue was discovere...

USN-6878-1: Linux kernel (Oracle) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

USN-6878-1 linux-oracle vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...