protobuf-java: timeout in parser leads to DoS

A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted...

kernel: netfilter: nft_set_rbtree: fix null deref on element insertion

A flaw was found in the Netfilter subsystem in the Linux kernel. A NULL pointer dereference and a use-after-free issue can be triggered due to an improper check and an improper way of iterating a red-black tree during garbage collector operations, potentially resulting in a denial of service and...

CVE-2024-3933

In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage 1, could allow access to a buffer with an incorrect...

CVE-2024-3933 Eclipse Open J9 With -Xgc:concurrentScavenge on IBM Z, could write/read outside of a buffer

In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage 1, could allow access to a buffer with an incorrect...

kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction

A use-after-free flaw was found in the Linux kernel’s nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system due to a missing call to nftsetelemmarkbusy, causing double deactivation of the element...

kernel: netfilter: nf_tables: memory leak when more than 255 elements expired

A use-after-free flaw was found in the Linux kernel’s nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system. This flaw is similar to the previous CVE-2023-4244 but for a different part of the sour...

kernel: netfilter: nf_tables: memory leak when more than 255 elements expired

A use-after-free flaw was found in the Linux kernel’s nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system. This flaw is similar to the previous CVE-2023-4244 but for a different part of the sour...

kernel: ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU

A flaw in the routing table size was found in the ICMPv6 handling of "Packet Too Big". The size of the routing table is regulated by periodic garbage collection. However, with "Packet Too Big Messages" it is possible to exceed the routing table size and garbage collector threshold. A user located...

kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction

A use-after-free flaw was found in the Linux kernel’s nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system due to a missing call to nftsetelemmarkbusy, causing double deactivation of the element...

PT-2024-26472 · Cesanta · Mjs

Name of the Vulnerable Software and Affected Versions: Cesanta mjs version 2.20.0 Description: An issue in Cesanta mjs allows a remote attacker to cause a denial of service via the mjs do gc function in the mjs.c file. Recommendations: For Cesanta mjs version 2.20.0, consider disabling the mjs do...

CVE-2024-35970

A vulnerability was found in the Linux kernel's Unix domain socket afunix implementation, where stale Out-of-Band OOB data is not cleared from the receive queue. This issue arises when OOB data is dequeued but the associated oobskb is not cleared, leading to incorrect behavior in subsequent recv...

CVE-2024-35970 af_unix: Clear stale u->oob_skb.

In the Linux kernel, the following vulnerability has been resolved: afunix: Clear stale u-oobskb. syzkaller started to report deadlock of unixgclock after commit 4090fa373f0e "afunix: Replace garbage collection algorithm.", but it just uncovers the bug that has been there since commit 314001f0bf9...

CVE-2024-35970

The CVE-2024-35970 issue affects the Linux kernel AF_UNIX socket path. The root cause is improper handling of OOB data: when an OOB skb is dequeued, unix_sock(sk)->oob_skb is not cleared, causing incorrect uAPI state and potential deadlocks. Repro shows a socketpair exchange where MSG_OOB is u...

PT-2024-14691

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises when an inode is compressed but not encrypted, and the system fails to call f2fs wait on block writeback to wait for GCed page writeback in the IPU write path. This can...

AZL-40546 CVE-2024-27397 affecting package hyperv-daemons for versions less than 6.6.56.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...

UBUNTU-CVE-2024-27397

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...

SUSE CVE-2024-27397

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...

USN-6747-2: Firefox regressions

USN-6747-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potential...

USN-6747-2 firefox regressions

USN-6747-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potential...

kernel: Linux kernel: Denial of Service in netfilter due to improper garbage collection

A flaw was found in the Linux kernel's netfilter component, specifically within the nftsetrbtree module. A local user with low privileges could exploit an issue where the garbage collection mechanism fails to properly release memory during interval expiration walks. This can lead to a memory leak...