7527 matches found
SUSE CVE-2024-50081
In the Linux kernel, the following vulnerability has been resolved: blk-mq: setup queue -tagset before initializing hctx Commit 7b815817aa58 "blk-mq: add helper for checking if one CPU is mapped to specified hctx" needs to check queue mapping via tag set in hctx's cpuhp handler. However, q-tagset...
SUSE CVE-2024-50082
In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rqqoswait vs. rqqoswakefunction race We're seeing crashes from rqqoswakefunction that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 PF: supervisor write access in kernel...
UBUNTU-CVE-2024-50081
In the Linux kernel, the following vulnerability has been resolved: blk-mq: setup queue -tagset before initializing hctx Commit 7b815817aa58 "blk-mq: add helper for checking if one CPU is mapped to specified hctx" needs to check queue mapping via tag set in hctx's cpuhp handler. However, q-tagset...
CVE-2024-50081
CVE-2024-50081 is confirmed in connected advisory: the Linux kernel vulnerability in blk-mq was due to race where q->tag_set may not be initialized when the cpuhp handler runs, triggering an oops. The MiracleLinux AXSA advisory (kernel 5.14.0-570.12.1.el9_6) explicitly lists CVE-2024-50081 and...
CVE-2024-50081
In the Linux kernel, the following vulnerability has been resolved: blk-mq: setup queue -tagset before initializing hctx Commit 7b815817aa58 "blk-mq: add helper for checking if one CPU is mapped to specified hctx" needs to check queue mapping via tag set in hctx's cpuhp handler. However, q-tagset...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly setting the tagset of queue before initializing hctx, resulting in kernel oops...
MAL-2024-10248 Malicious code in meso-event-queue (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d79c3ff4f9e728af1f55032123d3c43887f3d0e183e4944c0d9a489c6259759 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in meso-event-queue (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d79c3ff4f9e728af1f55032123d3c43887f3d0e183e4944c0d9a489c6259759 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE CVE-2024-49876
In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix UAF around queue destruction We currently do stuff like queuing the final destruction step on a random system wq, which will outlive the driver instance. With bad timing we can teardown the driver with one or more wor...
SUSE CVE-2024-49863
In the Linux kernel, the following vulnerability has been resolved: vhost/scsi: null-ptr-dereference in vhostscsigetreq Since commit 3f8ca2e115e5 "vhost/scsi: Extract common handling code from control queue handler" a null pointer dereference bug can be triggered when guest sends an SCSI AN...
SUSE CVE-2024-49977
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix zero-division error when disabling tc cbs The commit b8c43360f6e4 "net: stmmac: No need to calculate speed divider when offload is disabled" allows the "porttransmitratekbps" to be set to a value of 0, which is...
SUSE CVE-2024-49891
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths When the HBA is undergoing a reset or is handling an errata event, NULL ptr dereference crashes may occur in routines such as lpfcsliflushiorings,...
PT-2024-35522
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential NULL dereference issue has been identified in the Linux kernel, specifically in the mtk crtc destroy function. This issue arises when the mbox request channel call fails in m...
PT-2024-35621
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been resolved in the Linux kernel. The problem occurs when percpu memory allocation fails during the creation of a new IPC namespace, and the failure is not handl...
The vulnerability of the Substance 3D Stager software lies in its susceptibility to overflowing buffer spaces, allowing attackers to execute arbitrary code.
The vulnerability of the Substance 3D Stager software lies in the overflow of the buffer based on a queue. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
The vulnerability of the mhi component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the mhi component in the Linux operating system’s kernel is related to the bypassing of a lock mechanism before entering the buffer queue. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2024-50025
In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flushwork initialization out of if block After commit 379a58caa199 "scsi: fnic: Move fnicfnicflushtx to a work queue", it can happen that a work item is sent to an uninitialized work queue. This may has the effec...
SUSE CVE-2024-50025
In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flushwork initialization out of if block After commit 379a58caa199 "scsi: fnic: Move fnicfnicflushtx to a work queue", it can happen that a work item is sent to an uninitialized work queue. This may has the effec...
DEBIAN-CVE-2024-50042
In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. This is caused by not reallocating some arrays. Reproducer: modprobe ice echo 0 /sys/bus/pci/devices/$PFPCI/sriovdriversautoprobe...
CVE-2024-50042
In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. This is caused by not reallocating some arrays. Reproducer: modprobe ice echo 0 /sys/bus/pci/devices/$PFPCI/sriovdriversautoprobe...