1086 matches found
CBL Mariner 2.0 Security Update: kernel (CVE-2024-39485)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39485 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re- initiali...
CVE-2024-39485
...
WordPress Waitlist Woocommerce ( Back in stock notifier ) Plugin <= 2.6 is vulnerable to Broken Access Control
Software Waitlist Woocommerce Back in stock notifier Type Plugin Vulnerable versions = 2.6 Fixed in 2.6.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43134 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 01b4cf6b7218 Credits Abd...
CVE-2024-42109
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unconditionally flush pending work before notifier syzbot reports: KASAN: slab-uaf in nftctxupdate include/net/netfilter/nftables.h:1831 KASAN: slab-uaf in nftcommitrelease net/netfilter/nftablesapi.c:9530...
CVE-2024-42109
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unconditionally flush pending work before notifier syzbot reports: KASAN: slab-uaf in nftctxupdate include/net/netfilter/nftables.h:1831 KASAN: slab-uaf in nftcommitrelease net/netfilter/nftablesapi.c:9530...
CVE-2024-42109 netfilter: nf_tables: unconditionally flush pending work before notifier
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unconditionally flush pending work before notifier syzbot reports: KASAN: slab-uaf in nftctxupdate include/net/netfilter/nftables.h:1831 KASAN: slab-uaf in nftcommitrelease net/netfilter/nftablesapi.c:9530...
Moderate: Red Hat Security Advisory: RHACS 4.5 enhancement and security update
Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features, bug fixes, and updates to patch vulnerabilities. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base...
kernel: KVM: s390: vsie: fix race during shadow creation
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to see gmap-private being zero in kvms390vsiegmapnotifier resulting in a crash. This is due to the fact that we add gmap-private == kvm after creation:...
SUSE CVE-2022-48807
In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEVUNREGISTER handler Currently, the same handler is called for both a NETDEVBONDINGINFO LAG unlink notification as for a NETDEVUNREGISTER call. This is causing a problem though, since the...
CVE-2022-48808 net: dsa: fix panic when DSA master device unbinds on shutdown
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic when DSA master device unbinds on shutdown Rafael reports that on a system with LX2160A and Marvell DSA switches, if a reboot occurs while the DSA master dpaa2-eth is up, the following panic can be seen:...
SUSE CVE-2024-39485
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifierentry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use listdelinit to...
CVE-2024-39485
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifierentry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use listdelinit to...
AZL-43261 CVE-2024-39485 affecting package kernel for versions less than 5.15.162.2-1
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifierentry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use listdelinit to...
DEBIAN-CVE-2024-39485
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifierentry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use listdelinit to...
UBUNTU-CVE-2024-39485
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifierentry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use listdelinit to...
CVE-2024-39485 media: v4l: async: Properly re-initialise notifier entry in unregister
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifierentry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use listdelinit to...
CVE-2024-39485
The CVE-2024-39485 issue affects the Linux kernel media: v4l subsystem, specifically the async notifier: the notifier_entry was not re-initialised after unregister, leaving dangling pointers. The documented fix is to reinitialise the notifier_entry (e.g., via list_del_init()) so the notifier_entr...
CVE-2024-39485 media: v4l: async: Properly re-initialise notifier entry in unregister
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifierentry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use listdelinit to...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from notifierentry of the notifier not being reinitialized after unregistering the notifier, causing a dangling...
SUSE CVE-2024-39464
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix notifier list entry init struct v4l2asyncnotifier has several listhead members, but only waitinglist and donelist are initialized. notifierentry was kept 'zeroed' leading to an uninitialized listhead. This...