Lucene search
K

717 matches found

SUSE CVE
SUSE CVE
added 2024/05/04 2:23 a.m.1 views

SUSE CVE-2024-27005

In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access reqlist while it's being manipulated The icclock mutex was split into separate icclock and iccbwlock mutexes in 1 to avoid lockdep splats. However, this didn't adequately protect access to...

5.5CVSS6.7AI score0.00178EPSS
Exploits0References16
Debian CVE
Debian CVE
added 2024/05/01 1:4 p.m.21 views

CVE-2024-27072

In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Remove useless locks in usbtvvideofree Remove locks calls in usbtvvideofree because are useless and may led to a deadlock as reported here: https://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000 Also remove...

5.5CVSS7.6AI score0.00213EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/05/01 1:4 p.m.16 views

CVE-2024-27072 media: usbtv: Remove useless locks in usbtv_video_free()

In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Remove useless locks in usbtvvideofree Remove locks calls in usbtvvideofree because are useless and may led to a deadlock as reported here: https://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000 Also remove...

6.7AI score0.00213EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/05/01 1:4 p.m.27 views

CVE-2024-27072 media: usbtv: Remove useless locks in usbtv_video_free()

In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Remove useless locks in usbtvvideofree Remove locks calls in usbtvvideofree because are useless and may led to a deadlock as reported here: https://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000 Also remove...

7.5AI score0.00213EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.2 views

kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion

A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...

5.5CVSS6.8AI score0.00272EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/04/25 12:0 a.m.6 views

PT-2024-28088

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition vulnerability has been resolved in the Linux kernel, specifically in the usb: gadget: u audio component. The issue occurred due to the use of controls after free during...

7.5CVSS5.5AI score0.00174EPSS
Exploits0
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.5 views

Vyper 安全漏洞

Vyper is the Pythonic smart contract language for EVM. A security vulnerability exists in Vyper 0.3.10 and earlier versions, which stems from a default function that does not take into account non-re-entrant keys and does not emit locks...

5.3CVSS6.8AI score0.00415EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/17 3:59 p.m.26 views

CVE-2024-26917 scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock"

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip-ctlrlock" This reverts commit 1a1975551943f681772720f639ff42fbaa746212. This commit causes interrupts to be lost for FCoE devices, since it changed sping locks from "bh" to...

7.7AI score0.00239EPSS
Exploits0References8
Krebs on Security
Krebs on Security
added 2024/04/15 2:51 p.m.26 views

Crickets from Chirp Systems in Smart Lock Key Leak

The U.S. government is warning that "smart locks" securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The locks maker Chirp Systems remains unresponsive, even though it was first notified about the critical...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2024/04/03 10:35 p.m.25 views

CVE-2023-52638

A vulnerability was found in the Linux kernel's Controller Area Network CAN protocol, within the J1939 protocol implementation. This issue occurs due to a potential deadlock caused by a race condition involving three locks: j1939sockslock, activesessionlistlock, and sksessionqueuelock. This issue...

5.5CVSS6.9AI score0.00183EPSS
Exploits0References4
OSV
OSV
added 2024/04/03 3:15 p.m.5 views

DEBIAN-CVE-2023-52638

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by changing j1939sockslock to rwlock The following 3 locks would race against each other, causing the deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/03/29 2:54 p.m.41 views

Dormakaba Locks Used in Millions of Hotel Rooms Could Be Cracked in Seconds

Security vulnerabilities discovered in Dormakaba's Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Carroll, rqu,...

7.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2024/03/27 11:1 a.m.17 views

Security Vulnerability in Saflok’s RFID-Based Keycard Locks

Its pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/22 6:43 p.m.22 views

Canada revisits decision to ban Flipper Zero

In February 2024 the Canadian government announced plans to ban the sale of the Flipper Zero, mainly because of its reported use to steal cars. The Flipper Zero is a portable device that can be used in penetration testing with a focus on wireless devices and access control systems. If that doesnt...

7.2AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2024/03/21 2:0 p.m.16 views

Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds

The company behind the Saflok-brand door locks is offering a fix, but it may take months or years to reach some hotels...

7.2AI score
Exploits0
NVD
NVD
added 2024/03/15 5:15 p.m.14 views

CVE-2023-7017

Sciener locks' firmware update mechanism do not authenticate or validate firmware updates if passed to the lock through the Bluetooth Low Energy service. A challenge request can be sent to the lock with a command to prepare for an update, rather than an unlock request, allowing an attacker to...

9.8CVSS6.8AI score0.00292EPSS
Exploits0References2
CVE
CVE
added 2024/03/15 5:7 p.m.56 views

CVE-2023-7009

CVE-2023-7009 affects Sciener-based locks where plaintext BLE messages are processed as encrypted communications. The issue allows unencrypted commands (less than 16 bytes) to be treated as valid encrypted traffic, potentially compromising lock integrity. Connected sources identify affected compo...

8.2CVSS8.2AI score0.00248EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/15 5:7 p.m.10 views

CVE-2023-7009 CVE-2023-7009

Some Sciener-based locks support plaintext message processing over Bluetooth Low Energy, allowing unencrypted malicious commands to be passed to the lock. These malicious commands, less then 16 bytes in length, will be processed by the lock as if they were encrypted communications. This can be...

7AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/15 5:7 p.m.24 views

CVE-2023-7009 CVE-2023-7009

Some Sciener-based locks support plaintext message processing over Bluetooth Low Energy, allowing unencrypted malicious commands to be passed to the lock. These malicious commands, less then 16 bytes in length, will be processed by the lock as if they were encrypted communications. This can be...

6.9AI score0.00248EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/15 5:7 p.m.11 views

CVE-2023-7017 CVE-2023-7017

Sciener locks' firmware update mechanism do not authenticate or validate firmware updates if passed to the lock through the Bluetooth Low Energy service. A challenge request can be sent to the lock with a command to prepare for an update, rather than an unlock request, allowing an attacker to...

9.5AI score0.00292EPSS
Exploits0References1
Rows per page
Query Builder