324 matches found
CVE-2024-36925
In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool listhead when SWIOTLBDYNAMIC=y Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash when initialising the...
UBUNTU-CVE-2024-36925
In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool listhead when SWIOTLBDYNAMIC=y Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash when initialising the...
CVE-2024-36925 swiotlb: initialise restricted pool list_head when SWIOTLB_DYNAMIC=y
In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool listhead when SWIOTLBDYNAMIC=y Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash when initialising the...
CVE-2024-36925
CVE-2024-36925 affects the Linux kernel SWIOTLB path. When CONFIG_DMA_RESTRICTED_POOL=y and CONFIG_SWIOTLB_DYNAMIC=y, initialising restricted pool memory could crash due to a NULL mem->pools during add_mem_pool() in rmem_swiotlb_device_init(). The crash arises from a NULL pointer dereference i...
CVE-2024-36925 swiotlb: initialise restricted pool list_head when SWIOTLB_DYNAMIC=y
In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool listhead when SWIOTLBDYNAMIC=y Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash when initialising the...
PT-2024-9020 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the swiotlb component of the Linux kernel. It occurs when using restricted DMA pools in conjunction with dynamic SWIOTLB, leading to a crash at boot-time due to...
PoolParty - A Set Of Fully-Undetectable Process Injection Techniques Abusing Windows Thread Pools
A collection of fully-undetectable process injection techniques abusing Windows Thread Pools. Presented at Black Hat EU 2023 Briefings under the title - injection-techniques-using-windows-thread-pools-35446"The Pool Party You Will Never Forget: New Process Injection Techniques UsingWindows Thread...
SUSE CVE-2022-48690
In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substitute older ones, but...
DEBIAN-CVE-2022-48690
In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substitute older ones, but...
CVE-2022-48690
In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substitute older ones, but...
CVE-2022-48690 ice: Fix DMA mappings leak
In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substitute older ones, but...
CVE-2022-48690
Insight : CVE-2022-48690 refers to a Linux kernel fix in the ice driver for a DMA mappings leak when reallocating RX buffers while changing ring parameters. The leak occurred because kfree on rx_buf freed DMA mappings that were still active, leading to leaked DMA mappings during buffer substituti...
CVE-2022-48690
In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substitute older ones, but...
BIT-APACHE-2020-11993
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...
CVE-2023-50437
An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2...
CVE-2023-50437
An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2...
The new feature "Use existing identity pools to create identities for MCS-provisioned machines"
For quick deploy, it should be 1 to 1 mapping for identity pool to MCS catalog...
Any user can drain the escrow contract by calling decreaseDepositRequest with more amount than they deposited into the escrow while requesting.
Lines of code Vulnerability details Impact In the protocol, users submit deposit requests to the Centrifuge gateway for depositing assets into the Liquidity Pools. There is also a mechanism to decrease this deposit order by calling LiquidityPool::decreaseDepositRequest which decreases their depos...
DEPRECATED POOLS CAN BE USED IN THE CRITICAL TRANSACTION EXECUTIONS OF THE OptionsPositionManager CONTRACT
Lines of code Vulnerability details Impact The PositionManager.getPoolAddresses function is used to get the important address details of the RoePool to be used in the critical function executions of the OptionsPositionManager contract such as executeBuyOptions, executeLiquidation,...
isDeprecated CAN ONLY BE MADE TO true AND CAN NOT BE CHANGED TO false IN THE FUTURE IF THE NEED ARISES
Lines of code Vulnerability details Impact The RoeRouter.deprecatePool function is used to Deprecate a pool. It is a onlyOwner modifier controlled function. A pool can be deprecated via the deprecatePool function as shown below: function deprecatePooluint poolId public onlyOwner...