CVE-2023-52735 bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Don't let sockmapclose,destroy,unhash call itself sockmap proto callbacks should never call themselves by design. Protect against bugs like 1 and break out of the recursive loop to avoid a stack overflow in favor of...

GO-2024-2694 Potential Reentrancy using Timeout Callbacks in ibc-hooks in github.com/cosmos/ibc-go

Potential Reentrancy using Timeout Callbacks in ibc-hooks in github.com/cosmos/ibc-go...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile devices SMR May-2024 Release 1, which originates from a setCocktailHostCallbacks improper access control vulnerability in...

AZL-59619 CVE-2024-27041 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix NULL checks for adev-dm.dc in amdgpudmfini Since 'adev-dm.dc' in amdgpudmfini might turn out to be NULL before the call to dcenabledmubnotifications, check beforehand to ensure there will not be a possible...

CVE-2024-26939 drm/i915/vma: Fix UAF on destroy against retire race

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free a still active i915 VMA object when parking a GT believed to be idle. 161.359441 ODEBUG: free active...

RemoteTLSCallbackInjection - Utilizing TLS Callbacks To Execute A Payload Without Spawning Any Threads In A Remote Process

This method utilizes TLS callbacks to execute a payload without spawning any threads in a remote process. This method is inspired by Threadless Injection as RemoteTLSCallbackInjection does not invoke any API calls to trigger the injected payload. Quick Links Maldev Academy Home Maldev Academy...

PT-2024-7852

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The vulnerability is related to the serial component of the Linux kernel and involves a NULL pointer dereference in the uart tty port shutdown function. This can lead to a denial of...

ibc-go: Potential Reentrancy using Timeout Callbacks in ibc-hooks

Name: ASA-2024-007: Potential Reentrancy using Timeout Callbacks in ibc-hooks Component: ibc-go Criticality: Critical ACMv1: I:Critical; L:AlmostCertain Affected versions: v4.6.0, v5.4.0, v6.3.0, v7.4.0, v8.2.0 Affected users: Chain Builders + Maintainers Summary Through the deployment and...

SUSE CVE-2024-26646

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remains...

CVE-2024-26646

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remains...

DEBIAN-CVE-2024-26646

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remains...

UBUNTU-CVE-2023-52627

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC readings...

CVE-2024-26646 thermal: intel: hfi: Add syscore callbacks for system-wide PM

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remains...

CVE-2024-26646 thermal: intel: hfi: Add syscore callbacks for system-wide PM

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remains...

CVE-2024-26646

CVE-2024-26646 : In the Linux kernel, a vulnerability in the HFI (host firmware interface) handling during suspend/hibernate could lead to memory corruption if the second memory buffer (restored kernel) reprograms the HFI location and the image kernel uses a stale buffer. The fix disables HFI whe...

CVE-2024-26646

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remains...

BIT-MEDIAWIKI-2020-26120

XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method, which can cause image callbacks to fire even...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the net module calling asynchronous callbacks twice under certain circumstances. No details of the...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read when callback functions are enabled through the optional WOLFSSLCALLBACKS flag. An attacker can read 5 bytes from the heap via malicious TLS 1.3 connection. Remediation Upgrade wolfssl to version 5.6.6 or higher...

DEBIAN-CVE-2023-6936

In wolfSSL prior to 5.6.6, if callback functions are enabled via the WOLFSSLCALLBACKS flag, then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes WOLFSSLCALLBACKS is only intended for debugging...