kernel: tun: avoid double free in tun_free_netdev

A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the registernetdevice function fails NETDEVREGISTER notifier. This flaw allows a local user to crash or potentially escalate their privileges on the system...

SUSE CVE-2024-26617

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: move mmu notification mechanism inside mm lock Move mmu notification mechanism inside mm lock to prevent race condition in other components which depend on it. The notifier will invalidate memory range. Depending...

UBUNTU-CVE-2024-26617

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: move mmu notification mechanism inside mm lock Move mmu notification mechanism inside mm lock to prevent race condition in other components which depend on it. The notifier will invalidate memory range. Depending...

SUSE CVE-2021-47102

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix incorrect structure access In line: upper = info-upperdev; We access upperdev field, which is related only for particular events e.g. event == NETDEVCHANGEUPPER. So, this line cause invalid memory acce...

PT-2024-28505 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel, where the struct v4l2 async notifier has several list head members, but only waiting list and done list are initialized. The notifier entry is...

GHSA-8FM4-R23P-V68V Jenkins MQ Notifier Plugin exposes sensitive information in build logs

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

Jenkins MQ Notifier Plugin exposes sensitive information in build logs

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

CVE-2024-28154

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

CVE-2024-28154

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

Default credentials

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

CVE-2024-28154

CVE-2024-28154 affects the Jenkins MQ Notifier Plugin (versions 1.4.0 and earlier). The issue is an information disclosure vulnerability where debug logging may record sensitive build parameters in build logs by default. This logging behavior can expose confidential data to users with access to b...

CVE-2024-28154

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

CVE-2024-28154

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

PT-2024-22300 · Jenkins · Jenkins Mq Notifier Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins MQ Notifier Plugin versions 1.4.0 and earlier Description: The issue concerns the logging of potentially sensitive build parameters as part of debug information in build logs by default. Recommendations: For Jenkins MQ Notifier Plugin...

Jenkins MQ Notifier Plugin Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

CVE-2024-26617 fs/proc/task_mmu: move mmu notification mechanism inside mm lock

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: move mmu notification mechanism inside mm lock Move mmu notification mechanism inside mm lock to prevent race condition in other components which depend on it. The notifier will invalidate memory range. Depending...

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to access ‘gluebi-desc’ in gluebiread. ubigluebiinit...

CVE-2023-52449 mtd: Fix gluebi NULL pointer dereference caused by ftl notifier

In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to access ‘gluebi-desc’ in gluebiread. ubigluebiinit...

CVE-2023-52449 mtd: Fix gluebi NULL pointer dereference caused by ftl notifier

In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to access ‘gluebi-desc’ in gluebiread. ubigluebiinit...

Server side request forgery (ssrf)

Medusa is an automatic video library manager for TV shows. Versions prior to 1.0.19 are vulnerable to unauthenticated blind server-side request forgery SSRF. The testDiscord request handler in medusa/server/web/home/handler.py does not validate the user-controlled discordwebhook variable and pass...