6512 matches found
UBUNTU-CVE-2023-52446
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a race condition between btfput and mapfree When running ./testprogs -j in my local vm with latest kernel, I once hit a kasan error like below: 1887.184724 BUG: KASAN: slab-use-after-free in bpfrbrootfree+0x1f8/0x2b0...
CVE-2023-52447 bpf: Defer the free of inner map when necessary
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the...
CVE-2023-52447
CVE-2023-52447 is a Linux kernel issue where deferral of freeing inner BPF maps could lead to use-after-free if an inner map is accessed after removal from the outer map. The fix defers the inner-map free via bpf_map_free_deferred() and enforces two RCUs (RCU grace period and task-RCU grace perio...
CVE-2023-52447 bpf: Defer the free of inner map when necessary
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the...
CVE-2023-52447
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the...
CVE-2023-52447 bpf: Defer the free of inner map when necessary
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between btfput and mapfree...
CVE-2023-52447
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the...
PT-2024-17942 · WordPress · The Directorist: Ai-Powered Wordpress Business Directory Plugin With Classified Ads Listings
Name of the Vulnerable Software and Affected Versions: The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress versions up to, and including, 7.8.4 Description: The issue allows unauthorized modification of data due to a missing capability check on...
PT-2024-9841 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a potential buffer overflow in the map hw resources function. The function was accessing arrays using an index that could potentially be greater than the size o...
Important: kernel
Issue Overview: A flaw has been found in Xen. An unprivileged guest can cause Denial of Service DoS of the host by sending network packets to the backend, causing the backend to crash. CVE-2023-46838 In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in...
Important: kernel
Issue Overview: A flaw has been found in Xen. An unprivileged guest can cause Denial of Service DoS of the host by sending network packets to the backend, causing the backend to crash. CVE-2023-46838 In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in...
PT-2024-7282
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.18.0-372.88.1.el8 6 smartpqi test.x86 64 Description: The vulnerability is related to a blk-mq registration issue in the Linux kernel's scsi: smartpqi driver. When the default PCI IRQ AFFINITY flag is turned...
CVE-2024-0420
The MapPress Maps for WordPress plugin before 2.88.15 does not sanitize and escape the map title when outputting it back in the admin dashboard, allowing Contributors and above roles to perform Stored Cross-Site Scripting attacks...
jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with...
jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with...
jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with...
SUSE CVE-2024-24820
Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request forgery CSRF. It enables attackers to perform changes in the monitoring...
DEBIAN-CVE-2024-24820
Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request forgery CSRF. It enables attackers to perform changes in the monitoring...
UBUNTU-CVE-2024-24820
Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request forgery CSRF. It enables attackers to perform changes in the monitoring...