762 matches found
ALSA-2023:3082 Moderate: pcs security and bug fix update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 rubygem-rack: denial of service in header parsing CVE-2023-27539 For more details about the security...
Moderate: Red Hat Security Advisory: pcs security and bug fix update
An update for pcs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
SUSE CVE-2006-3628
Multiple format string vulnerabilities in Wireshark aka Ethereal 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the 1 ANSI MAP, 2 Checkpoint FW-1, 3 MQ, 4 XML, and 5 NTP dissectors...
SUSE CVE-2017-18344
The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field, which leads to out-of-bounds access in the showtimer function called when /proc/$PID/timers is read. This allows userspace applications ...
SUSE CVE-2021-29561
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from tf.rawops.LoadAndRemapMatrix. This is because the...
GSD-2022-1007673 nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
nilfs2: replace WARNONs by nilfserror for checkpoint acquisition failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.331 by commit...
GSD-2022-1007613 nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
nilfs2: replace WARNONs by nilfserror for checkpoint acquisition failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.296 by commit...
GSD-2022-1007450 nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
nilfs2: replace WARNONs by nilfserror for checkpoint acquisition failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.218 by commit...
GSD-2022-1007331 nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
nilfs2: replace WARNONs by nilfserror for checkpoint acquisition failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.148 by commit...
GSD-2022-1007157 nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
nilfs2: replace WARNONs by nilfserror for checkpoint acquisition failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.74 by commit...
GSD-2022-1006929 nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
nilfs2: replace WARNONs by nilfserror for checkpoint acquisition failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.2 by commit...
PT-2022-35868 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.296 Description: The issue is related to the nilfs2 file system in the Linux Kernel, where checkpoint acquisition failure is not properly handled, potentially leading to security vulnerabilities. The actua...
PT-2022-35586 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.148 Description: The issue concerns the nilfs2 file system in the Linux Kernel, where checkpoint acquisition failure is not properly handled, potentially leading to security vulnerabilities. The actual...
PT-2022-35412 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.74 Description: The issue concerns the nilfs2 file system in the Linux Kernel, where checkpoint acquisition failure is not properly handled, potentially leading to security vulnerabilities. The actual impa...
PT-2022-35795 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.262 Description: The issue concerns the nilfs2 file system in the Linux Kernel, where checkpoint acquisition failure is not properly handled, potentially leading to security vulnerabilities. The actual...
Wrong values are passed to _checkpoint mess up accounting
Lines of code Vulnerability details Impact The increaseUnlockTime function sends a wrong unlock time to the checkpoint function in the oldLocked variable - the locked variable which is the new LockedBalance is copied into the oldLocked variable which is supposed to be the previous LockedBalance,...
The toLocked.end >= fromLocked.end in delegate function is inconsistent with design.
Lines of code Vulnerability details Impact The condition of toLocked.end = fromLocked.end in function delegate is inconsistent with design in veFDT Checkpoint Math Proof of Concept In VotingEscrow.sol. L589 requiretoLocked.end = fromLocked.end, "Only delegate to longer lock"; But In veFDT...
The _checkpoint function won't be called for a user which is both a delegator and a delegatee in the increaseUnlockTime function
Lines of code Vulnerability details Impact The virtual balance of a user is calculated using 2 values - the amount that is delegated to that user, and his lock period. When calling the increaseUnlockTime function, we want to checkpoint the user's data as long as he doesn't have any funds. This is...
ERROR IN UPDATING **_checkpoint** IN THE **increaseUnlockTime** FUNCTION
Lines of code Vulnerability details Impact The potentiel impact of this error are : Give wrong voting power to a user at a given block. Give wrong total voting power at a given block. Give wrong total voting power. Proof of Concept The error occured in this line : In the increaseUnlockTime functi...
increaseUnlockTime missing _checkpoint for delegated values
Lines of code Vulnerability details PNM-001 increaseUnlockTime missing checkpoint for delegated values. Links Description In the VotingEscrow contract, users can increase their voting power by: Adding more funds to their delegated valule Increasing the time of their lock Being delegated by anothe...