5610 matches found
CVE-2024-53202
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...
GNU GRUB 安全漏洞
GNU GRUB is a Linux system boot program from the GNU community. A security vulnerability exists in GNU GRUB that stems from grubcryptomemcmp not using a constant time algorithm, no details of the vulnerability are provided at this time...
SUSE CVE-2024-53202
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...
AZL-55506 CVE-2024-53202 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...
DEBIAN-CVE-2024-53202
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...
UBUNTU-CVE-2024-53202
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...
CVE-2024-53202 firmware_loader: Fix possible resource leak in fw_log_firmware_info()
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...
CVE-2024-53202 firmware_loader: Fix possible resource leak in fw_log_firmware_info()
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...
CVE-2024-53202
CVE-2024-53202 : In the Linux kernel, a resource leak can occur in the firmware loader path (fw_log_firmware_info) if an alg instance is not released on the exception path. The fix ensures the alg instance is freed with crypto_free_shash when kmalloc fails. Affected area: firmware_loader/kernel, ...
CVE-2024-53202 firmware_loader: Fix possible resource leak in fw_log_firmware_info()
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...
CVE-2024-53202
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a resource leak in the firmwareloader module...
@volpe/astro-utils (>=0.0.1 <=0.0.20), astro-npm-loader (>=0.0.1 <=0.1.2) potentially affected by CVE-2024-56159 via astro (=5.0.0-beta.5)
astro NPM version =5.0.0-beta.5 is affected by a known vulnerability. The following packages have a transitive dependency on astro and may be impacted: - @volpe/astro-utils =0.0.1, =0.0.1, =0.1.2 Source cves: CVE-2024-56159 Source advisory: OSV:GHSA-49W6-73CW-CHJR...
WordPress WP Nice Loader plugin <= 0.1.0.4 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin WP Nice Loader versions = 0.1.0.4...
Important: edk2
Issue Overview: A heap overflow in LzmaUefiDecompressGetInfo function in EDK II. CVE-2021-28211 BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. CVE-2021-28216 A BIOS bug in firmware for a particular PC model...
The vulnerability of the loader for AMD Platform Security Processor processors allows a hacker to execute arbitrary code.
The vulnerability of the loader for AMD Platform Security Processor processors involves incorrect checking of the range in the object header. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks
A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan. Cybersecurity company Securonix, which is tracking the activity under the name FLUXCONSOLE , said it likely starts with a phishing email link or...
Dark web threats and dark market predictions for 2025
Review of last year's predictions The number of services providing AV evasion for malware cryptors will increase We continuously monitor underground markets for the emergence of new "cryptors," which are tools specifically designed to obfuscate the code within malware samples. The primary purpose...
OPENSUSE-SU-2024:14579-1 gdk-pixbuf-loader-libheif-1.19.5-2.1 on GA media
These are all security issues fixed in the gdk-pixbuf-loader-libheif-1.19.5-2.1 package on the GA media of openSUSE Tumbleweed...
Exploit for Deserialization of Untrusted Data in Huggingface Transformers
CVE-2024-11392 Hugging Face Transformers MobileViTV2 Des...