CVE-2023-53022

CVE-2023-53022 concerns a deadlock in the Linux kernel’s enetc driver. The vulnerability stems from a locking sequence in enetc_tx_onestep_tstamp() where a work item runs in process context with softirqs enabled and holds netif_tx_lock. If a transmission interrupt occurs, the NET_TX softirq can r...

LLaVA 代码问题漏洞

LLaVA is an application by Haotian Liu, a personal developer. A code issue vulnerability exists in LLaVA v1.2.0, which stems from a server-side request forgery in the POST /workergeneratestream API endpoint that could lead to unauthorized network operations...

[SECURITY] Fedora 42 Update: gdcm-3.0.24-8.fc42

Grassroots DiCoM GDCM is a C++ library for DICOM medical files. It supports ACR-NEMA version 1 and 2 huffman compression is not supported, RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. It comes with a super fast scanner implementation to quickly scan hundreds of DICOM files. It...

Linux Distros Unpatched Vulnerability : CVE-2024-56729

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: Initialize cfid-tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak...

Arista EOS 访问控制错误漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista Corporation. A security vulnerability exists in Arista EOS that stems from an unrejected gNOI request that could lead to a data leak...

SUSE CVE-2025-21801

In the Linux kernel, the following vulnerability has been resolved: net: ravb: Fix missing rtnl lock in suspend/resume path Fix the suspend/resume path by ensuring the rtnl lock is held where required. Calls to ravbopen, ravbclose and wol operations must be performed under the rtnl lock to preven...

smb: Initialize cfid->tcon before performing network ops

...

Security Bulletin: IBM Datapower Operations Dashboard could allow a remote attacker to obtain sensitive information CVE-2024-38476

Summary Apache HTTP Server is used by the IBM Datapower Operations Dashboard implementation of network operations Vulnerability Details CVEID:CVE-2024-38476 DESCRIPTION: Apache HTTP Server allow a remote attacker to obtain sensitive information, caused by improper input validation by the backend...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' CVE-2024-36478 In the Linux kernel, the following vulnerability has been resolved: iouring: fix possible deadlock in...

CVE-2025-21231

CVE-2025-21231 documents describe a Denial-of-Service vulnerability in the Windows IP Helper component. The CVE entry lists a network-based attack vector with low attack complexity and no privileges required, resulting in availability impact. Connected records corroborate IP Helper as the affecte...

CVE-2024-56729

In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid-tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cacheddirleasebreak and...

UBUNTU-CVE-2024-56729

In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid-tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cacheddirleasebreak and...

CVE-2024-56729

CVE-2024-56729 concerns the Linux kernel’s SMB/CIFS path. The vulnerability arises from not initializing cfid->tcon before performing network operations, which can cause a leak of a tcon reference when a lease-break races with opening a cached directory. The described root cause is that cached...

CVE-2024-56729

In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid-tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cacheddirleasebreak and...

CVE-2024-56729 smb: Initialize cfid->tcon before performing network ops

In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid-tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cacheddirleasebreak and...

forgejo -- multiple vulnerabilities

Problem Description: Forgejo generates a token which is used to authenticate web endpoints that are only meant to be used internally, for instance when the SSH daemon is used to push a commit with Git. The verification of this token was not done in constant time and was susceptible to timing...

Vulnerabilities in Cellular Packet Cores Part IV: Authentication

Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core AP5GC. The first vulnerability CVE-2024-20685 allows a crafted signaling message to crash the control plane, leading to potential service outages. The second ZDI-CAN-23960 disconnects and replaces attached bas...

Fedora: Security Advisory for gdcm (FEDORA-2024-7a57842ec3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: gdcm-3.0.23-5.fc40

Grassroots DiCoM GDCM is a C++ library for DICOM medical files. It supports ACR-NEMA version 1 and 2 huffman compression is not supported, RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. It comes with a super fast scanner implementation to quickly scan hundreds of DICOM files. It...

[SECURITY] Fedora 38 Update: gdcm-3.0.21-4.fc38

Grassroots DiCoM GDCM is a C++ library for DICOM medical files. It supports ACR-NEMA version 1 and 2 huffman compression is not supported, RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. It comes with a super fast scanner implementation to quickly scan hundreds of DICOM files. It...