Linux kernel security vulnerabilities

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from a failure of the cachefiles component to properly delay exposing anonymous file descriptors after a successful copytouser function...

Unlimited number of NTS-KE connections can crash ntpd-rs server

Summary Missing limit for accepted NTS-KE connections allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. Details Operating systems have a limit for the number ...

IBM MQ 9.0 <= 9.0.0.26 / 9.1 <= 9.1.0.22 / 9.2 <= 9.2.0.26 / 9.3 < 9.4 CD (7158057)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158057 advisory. - Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cau...

CVE-2022-48771

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fencerep object will lead to a stale entry in the file descriptor table as putunusedfd won't release it. This enables userland to refer to a...

CVE-2022-48771 drm/vmwgfx: Fix stale file descriptors on failed usercopy

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fencerep object will lead to a stale entry in the file descriptor table as putunusedfd won't release it. This enables userland to refer to a...

CVE-2022-48771

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fencerep object will lead to a stale entry in the file descriptor table as putunusedfd won't release it. This enables userland to refer to a...

CVE-2022-48771

The CVE-2022-48771 issue affects the Linux kernel drm/vmwgfx: a failing usercopy of the fence_rep object can leave a stale file descriptor entry because put_unused_fd() isn’t released; this can let userland reference a dangling file descriptor and enable use-after-free scenarios. The fix defers t...

CVE-2022-48771 drm/vmwgfx: Fix stale file descriptors on failed usercopy

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fencerep object will lead to a stale entry in the file descriptor table as putunusedfd won't release it. This enables userland to refer to a...

jetty: stop accepting new connections from valid clients

A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file...

jetty: stop accepting new connections from valid clients

A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file...

CVE-2024-5422 Denial of Service

An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 allows DoS via HTTP.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below...

UBUNTU-CVE-2021-47360

In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BCFREEBUFFER processing, the BINDERTYPEFDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to...

DEBIAN-CVE-2023-52656

In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS This is dead code after we dropped support for passing iouring fds over SCMRIGHTS, get rid of it...

Debian dla-3780 : jetty9 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3780 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3780-1 [email protected] https://www.debian.org/lts/security/...

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

ROS-20240403-03

A vulnerability in the libtirpc package is related to the exhaustion of process file descriptors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

FreeBSD : jenkins -- HTTP/2 denial of service vulnerability in bundled Jetty (2e3bea0c-f110-11ee-bc57-00e081b7aa2d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2e3bea0c-f110-11ee-bc57-00e081b7aa2d advisory. - Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and...

R2Frida - Radare2 And Frida Better Together

This is a self-contained plugin for radare2 that allows to instrument remote processes using frida. The radare project brings a complete toolchain for reverse engineering, providing well maintained functionalities and extend its features with other programming languages and tools. Frida is a...

SUSE CVE-2024-27933

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In version 1.39.0, use of raw file descriptors in opnodeipcpipe leads to premature close of arbitrary file descriptors, allowing standard input to be re-opened as a different resource resulting in permission prompt bypass. Node childproce...

Deno 安全漏洞

Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and built with Rust. A security vulnerability exists in Deno v1.39.0, which can be exploited to bypass permission prompts by closing arbitrary file descriptors via opnodeipcpipe...