DEBIAN-CVE-2024-42301

In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...

Huawei HarmonyOS and EMUI Parallel Vision Module Privilege Control Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI are vulnerable to a privilege...

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI are vulnerable to a privilege...

CVE-2024-42103

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix adding block group to a reclaim list and the unused list during reclaim There is a potential parallel list adding for retrying in btrfsreclaimbgswork and adding to the unused list. Since the block group is removed from...

CVE-2024-42103 btrfs: fix adding block group to a reclaim list and the unused list during reclaim

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix adding block group to a reclaim list and the unused list during reclaim There is a potential parallel list adding for retrying in btrfsreclaimbgswork and adding to the unused list. Since the block group is removed from...

CVE-2024-42103

CVE-2024-42103 applies to the Linux kernel BTRFS subsystem. The issue arises in the reclaim path for block groups: during btrfs_reclaim_bgs_work, a block group removed from the reclaim list can be added in parallel to the unused list, which may then be moved to the reclaim list again and corrupt ...

CVE-2024-42103 btrfs: fix adding block group to a reclaim list and the unused list during reclaim

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix adding block group to a reclaim list and the unused list during reclaim There is a potential parallel list adding for retrying in btrfsreclaimbgswork and adding to the unused list. Since the block group is removed from...

CVE-2024-39919 Capture screenshot of localhost web services (unauthenticated pages) in @jmondi/url-to-png

@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. The package includes an ALLOWLIST where the host can specify which services the user is permitted to capture screenshots of. By...

OPENSUSE-SU-2024:0194-2 Security update for keybase-client

This update for keybase-client fixes the following issues: Update to version 6.2.8 Update client CA Fix incomplete locking in config file handling. - Update the Image dependency to address CVE-2023-29408 / boo1213928. This is done via the new update-image-tiff.patch. - Limit parallel test executi...

TensorFlow has null dereference on ParallelConcat with XLA

...

PT-2024-28055 · Nptd-Rs · Nptd-Rs

Name of the Vulnerable Software and Affected Versions: nptd-rs versions prior to 1.1.3 Description: The issue is related to a missing limit for accepted NTS-KE connections in nptd-rs, a tool for synchronizing computer clocks that implements the NTP and NTS protocols. This allows an unauthenticate...

CVE-2022-48734 btrfs: fix deadlock between quota disable and qgroup rescan worker

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between quota disable and qgroup rescan worker Quota disable ioctl starts a transaction before waiting for the qgroup rescan worker completes. However, this wait can be infinite and results in deadlock because...

CVE-2024-22441

HPE Cray Parallel Application Launch Service PALS is subject to an authentication bypass...

PT-2024-19427 · Hewlett Packard · Hpe Cray Pals

Name of the Vulnerable Software and Affected Versions: HPE Cray Parallel Application Launch Service PALS affected versions not specified Description: The issue is related to an authentication bypass in HPE Cray Parallel Application Launch Service PALS. No information is provided about the estimat...

Hewlett Packard Enterprise Cray Parallel Application Launch Service Security Vulnerability

Hewlett Packard Enterprise Cray Parallel Application Launch Service is a parallel application launch service from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise Cray Parallel Application Launch Service that originates from a susceptibility to...

Exploit for OS Command Injection in Php

CVE-2024-4577 Vulnerability Checker This script is designed t...

SUSE CVE-2024-36949

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfdsuspendallprocesses to evict all processes on all devices, this call takes...

DEBIAN-CVE-2024-36962

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...

CVE-2024-36961 thermal/debugfs: Fix two locking issues with thermal zone debug

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Fix two locking issues with thermal zone debug With the current thermal zone locking arrangement in the debugfs code, user space can open the "mitigations" file for a thermal zone before the zone's debugfs pointe...

AZL-68066 CVE-2024-36949 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfdsuspendallprocesses to evict all processes on all devices, this call takes...