1255 matches found
CVE-2024-57874
Mode C — Normal (details available) CVE-2024-57874 affects the Linux kernel on arm64 where the function tagged_addr_ctrl_set() uses a temporary variable that is not initialized when performing a zero-length SETREGSET, potentially leaking memory from the kernel stack (up to 64 bits). The issue ari...
CVE-2024-57874 arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL
In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NTARMTAGGEDADDRCTRL Currently taggedaddrctrlset doesn't initialize the temporary 'ctrl' variable, and a SETREGSET call with a length of zero will leave this uninitialized. Consequently...
CVE-2024-57874
In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NTARMTAGGEDADDRCTRL Currently taggedaddrctrlset doesn't initialize the temporary 'ctrl' variable, and a SETREGSET call with a length of zero will leave this uninitialized. Consequently...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in ptrace for the ARM64 architecture that fails to initialize the temporary variable ctrl when processing...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in ptrace for the ARM64 architecture that fails to initialize the temporary variable fpmr when processing...
PT-2025-49794
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the handling of robust list pointers during an exec operation. Specifically, the sys get robust list and compat get robust list functions may...
PT-2025-3603 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's ptrace system call, specifically the arm64 architecture. The problem arises from the fpmr set function not initializing the temporary fpmr...
PT-2025-3602 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's ptrace functionality, specifically with the arm64 architecture. The problem arises when the poe set function does not initialize a temporary...
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-1859)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - Fix unexpected pointer access in mpiecinit When the mpiecctx...
kernel: s390/ptrace: handle setting of fpc register correctly
In the Linux kernel, the following vulnerability has been resolved: s390/ptrace: handle setting of fpc register correctly If the content of the floating point control fpc register of a traced process is modified with the ptrace interface the new value is tested for validity by temporarily loading...
CVE-2024-33901
Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...
CVE-2024-33900
KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...
CVE-2024-35871
A vulnerability was found in the Linux kernel affecting the RISC-V architecture, where the kernel global pointer gp can be leaked to user space. This issue occurs when a user-mode helper thread, such as /sbin/init starts a new process via execve without clearing the kernel registers, allowing...
CVE-2024-35871
In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...
DEBIAN-CVE-2024-35871
In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...
UBUNTU-CVE-2024-35871
In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...
CVE-2024-35871 riscv: process: Fix kernel gp leakage
In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...
CVE-2024-35871 riscv: process: Fix kernel gp leakage
In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...
CVE-2024-35871 riscv: process: Fix kernel gp leakage
In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...
container-selinux bug fix update
An update is available for container-selinux. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The container-selinux package provides SELinux policies for contain...