11457 matches found
CVE-2018-25149 Microhard Systems IPn4G 1.1.0 Cross-Site Request Forgery via Web Interface
Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change admin passwords, add new users, and modify system settings by tricking authenticated...
CVE-2018-25149 Microhard Systems IPn4G 1.1.0 Cross-Site Request Forgery via Web Interface
Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change admin passwords, add new users, and modify system settings by tricking authenticated...
EUVD-2023-60328
In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with listadd corruption Commit fb08a1908cb1 "dax: simplify the daxdevice gendisk association" introduced new logic for gendisk association, requiring drivers to explicitly call daxaddhost and...
EUVD-2023-60358
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following case: uifinit ubiaddvolume cdevadd - if it fails, call killvolumes deviceregister killvolumes - if ubiaddvolume fails call this...
EUVD-2023-60359
In the Linux kernel, the following vulnerability has been resolved: bpf: Add preemptcountsub,add into btf id deny list The recursion check in bpfprogenter and bpfprogexit leave preemptcountsub,add unprotected. When attaching trampoline to them we get panic as follows, 867.843050 BUG: TASK stack...
CVE-2023-54117
In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with listadd corruption Commit fb08a1908cb1 "dax: simplify the daxdevice gendisk association" introduced new logic for gendisk association, requiring drivers to explicitly call daxaddhost and...
CVE-2023-54086
In the Linux kernel, the following vulnerability has been resolved: bpf: Add preemptcountsub,add into btf id deny list The recursion check in bpfprogenter and bpfprogexit leave preemptcountsub,add unprotected. When attaching trampoline to them we get panic as follows, 867.843050 BUG: TASK stack...
CVE-2023-54087
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following case: uifinit ubiaddvolume cdevadd - if it fails, call killvolumes deviceregister killvolumes - if ubiaddvolume fails call this...
CVE-2022-50769
In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...
CVE-2023-54087
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following case: uifinit ubiaddvolume cdevadd - if it fails, call killvolumes deviceregister killvolumes - if ubiaddvolume fails call this...
CVE-2023-54117
In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with listadd corruption Commit fb08a1908cb1 "dax: simplify the daxdevice gendisk association" introduced new logic for gendisk association, requiring drivers to explicitly call daxaddhost and...
CVE-2023-54086
In the Linux kernel, the following vulnerability has been resolved: bpf: Add preemptcountsub,add into btf id deny list The recursion check in bpfprogenter and bpfprogexit leave preemptcountsub,add unprotected. When attaching trampoline to them we get panic as follows, 867.843050 BUG: TASK stack...
CVE-2022-50769
In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...
UBUNTU-CVE-2023-54087
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following case: uifinit ubiaddvolume cdevadd - if it fails, call killvolumes deviceregister killvolumes - if ubiaddvolume fails call this...
UBUNTU-CVE-2022-50769
In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...
UBUNTU-CVE-2023-54117
In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with listadd corruption Commit fb08a1908cb1 "dax: simplify the daxdevice gendisk association" introduced new logic for gendisk association, requiring drivers to explicitly call daxaddhost and...
UBUNTU-CVE-2023-54086
In the Linux kernel, the following vulnerability has been resolved: bpf: Add preemptcountsub,add into btf id deny list The recursion check in bpfprogenter and bpfprogexit leave preemptcountsub,add unprotected. When attaching trampoline to them we get panic as follows, 867.843050 BUG: TASK stack...
CVE-2023-54117 s390/dcssblk: fix kernel crash with list_add corruption
In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with listadd corruption Commit fb08a1908cb1 "dax: simplify the daxdevice gendisk association" introduced new logic for gendisk association, requiring drivers to explicitly call daxaddhost and...
CVE-2023-54117
CVE-2023-54117 affects the Linux kernel (s390/dcssblk) and is resolved by a patch that fixes list_add corruption causing kernel crashes during device add/remove cycles. The root cause was missing dax_remove_host() calls in dcssblk and an error-path handling issue that could leave a stale xarray e...
CVE-2023-54087
In the Linux kernel ubi subsystem, CVE-2023-54087 fixes a null pointer dereference in ubi_free_volume() triggered when ubi_add_volume() failures lead to kill_volumes() invoking ubi_free_volume() for devices that may not have been added. The patch ensures that, on ubi_add_volume() error, the affec...