297 matches found
kernel: arm64: probes: Remove broken LDR (literal) uprobe support
In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Remove broken LDR literal uprobe support The simulateldrliteral and simulateldrswliteral functions are unsafe to use for uprobes. Both functions were originally written for use with kprobes, and access memory with...
Linux Distros Unpatched Vulnerability : CVE-2021-47275
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bcache: avoid oversized read request in cache missing code path In the cache missing code path of cached device, if a proper location from the internal B+ tree...
PT-2025-28009
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition in the Linux kernel's scheduler can cause crashes, including kernel panics with various crash signatures such as assert failures, page faults, null pointer dereference...
Panics on Malformed Untrusted Input
During a security audit, Radically Open Security discovered several reachable edge cases which allow an attacker to trigger rpgp crashes by providing crafted data. Impact When processing malformed input, rpgp can run into Rust panics which halt the program. This can happen in the following...
kernel: ACPI: CPPC: Use access_width over bit_width for system memory accesses
A vulnerability was found in the ACPI subsystem's CPPC driver in the Linux kernel. This issue occurs due to the mishandling of memory access bit width during performance capability calculations, which can lead to misaligned memory accesses and cause kernel panics on affected platforms...
UBUNTU-CVE-2024-50099
In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Remove broken LDR literal uprobe support The simulateldrliteral and simulateldrswliteral functions are unsafe to use for uprobes. Both functions were originally written for use with kprobes, and access memory with...
CVE-2024-49927
In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irqpinlist -1,0,20 Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can...
CVE-2024-50040
In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 "igb: Fix igbdown hung on surprise removal" changed igbioerrordetected to ignore non-fatal pcie errors in order to avoid hung task that can happen when...
AZL-52944 CVE-2024-49927 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irqpinlist -1,0,20 Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can...
CVE-2024-49927 x86/ioapic: Handle allocation failures gracefully
In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irqpinlist -1,0,20 Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can...
DEBIAN-CVE-2024-47813
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...
CVE-2024-47813
CVE-2024-47813 is a race-condition bug in Wasmtime where concurrent creation/dropping of types (e.g., FuncType, ArrayType) on a shared wasmtime::Engine can cause double-unregistration, potentially corrupting the internal type registry and violating WebAssembly CFI and type safety. The issue arise...
CVE-2024-46790
In the Linux kernel, the following vulnerability has been resolved: codetag: debug: mark codetags for poisoned page as empty When PGhwpoison pages are freed they are treated differently in freepagesprepare and instead of being released they are isolated. Page allocation tag counters are decrement...
Moderate: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 For more details about the...
GO-2022-1062 Nomad Panics On Job Submission With Bad Artifact Stanza Source URL in github.com/hashicorp/nomad
Nomad Panics On Job Submission With Bad Artifact Stanza Source URL in github.com/hashicorp/nomad...
CVE-2023-52899
In the Linux kernel, the following vulnerability has been resolved: Add exception protection processing for vd in axichanhandleerr function Since there is no protection for vd, a kernel panic will be triggered here in exceptional cases. You can refer to the processing of axichanblockxfercomplete...
Rocky Linux 8 : container-tools:rhel8 (RLSA-2024:5258)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5258 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...
kernel: stmmac: Clear variable when destroying workqueue
A vulnerability was found in the stmmac ethernet driver of the Linux kernel, where a workqueue variable was not cleared after being destroyed. This issue could lead to kernel panics if the code later attempted to access or destroy the already-freed workqueue...
SUSE SLED15: cluster-md-kmp-64kb / cluster-md-kmp-default / dlm-kmp-64kb / etc (SUSE-SU-2024:2571-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2571-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The...
CVE-2024-39488 arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY
In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...