CVE-2024-52757

CVE-2024-52757 affects D-LINK DI-8003 (firmware v16.07.16A1). The vulnerability is a buffer overflow in the arp_sys_asp function when processing the notify parameter, which can allow a remote attacker to crash the service or potentially execute arbitrary code, depending on context in different so...

kernel: platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init()

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosusbpdnotify: Fix error handling in crosusbpdnotifyinit The following WARNING message was given when rmmod crosusbpdnotify: Unexpected driver unregister! WARNING: CPU: 0 PID: 253 at drivers/base/driver.c:270...

CVE-2024-49954

...

PT-2024-34416 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCms version 13.1 Description: The issue is related to a code injection vulnerability in the notification module of the member message notification module in the backend user module. This vulnerability occurs due to the unsafe handling of t...

SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version 13.1 that stems from insecure handling of the notify variable in adminnotify.php...

SUSE CVE-2024-49954

In the Linux kernel, the following vulnerability has been resolved: staticcall: Replace pointless WARNON in staticcallmodulenotify staticcallmodulenotify triggers a WARNON, when memory allocation fails in staticcalladdmodule. That's not really justified, because the failure case must be correctly...

DEBIAN-CVE-2024-49954

In the Linux kernel, the following vulnerability has been resolved: staticcall: Replace pointless WARNON in staticcallmodulenotify staticcallmodulenotify triggers a WARNON, when memory allocation fails in staticcalladdmodule. That's not really justified, because the failure case must be correctly...

UBUNTU-CVE-2024-49954

In the Linux kernel, the following vulnerability has been resolved: staticcall: Replace pointless WARNON in staticcallmodulenotify staticcallmodulenotify triggers a WARNON, when memory allocation fails in staticcalladdmodule. That's not really justified, because the failure case must be correctly...

SUSE CVE-2024-47709

In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo-bcmprocread after removeprocentry. syzbot reported a warning in bcmrelease. 0 The blamed change fixed another warning that is triggered when connect is issued again for a socket whose connected device has been...

AZL-51189 CVE-2024-47709 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo-bcmprocread after removeprocentry. syzbot reported a warning in bcmrelease. 0 The blamed change fixed another warning that is triggered when connect is issued again for a socket whose connected device has been...

PT-2024-35554

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc2-build3+ Description The issue is related to lock recursion in the Linux kernel, specifically in the afs wake up async call function. This function can incur lock recursion when called from AF RXRPC whi...

Malicious code in react-use-notify (npm)

--- -= Per source details. Do not edit below this line.=-...

Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651...

The vulnerability of the nilfs2 file system’s nilfs_segctor_notify() function in the Linux operating system’s kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nilfssegctornotify function in the fs/nilfs2/segment.c file of the Linux kernel’s file system nilfs2 is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

kernel: gpiolib: cdev: Fix use after free in lineinfo_changed_notify

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...

kernel: gpiolib: cdev: Fix use after free in lineinfo_changed_notify

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...

kernel: gpiolib: cdev: Fix use after free in lineinfo_changed_notify

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...

AZL-49296 CVE-2024-44947 affecting package kernel for versions less than 6.6.51.1-1

In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fusenotifystore, unlike fusedoreadpage, does not enable page zeroing because it can be used to change partial page contents. So fusenotifystore must be more carefu...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the fusenotifystore function not enabling page clearing...

SUSE CVE-2024-44937

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel-vbtn: Protect ACPI notify handler against recursion Since commit e2ffcda16290 "ACPI: OSL: Allow Notify handlers to run on all CPUs" ACPI notify handlers like the intel-vbtn notifyhandler may run on multiple CP...