CVE-2024-38544 RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxecompqueuepkt In rxecompqueuepkt an incoming response packet skb is enqueued to the resppkts queue and then a decision is made whether to run the completer task inline or schedule it. Finally the skb ...

CVE-2024-38544

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxecompqueuepkt In rxecompqueuepkt an incoming response packet skb is enqueued to the resppkts queue and then a decision is made whether to run the completer task inline or schedule it. Finally the skb ...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of a locking mechanism that only protects the concurrency of a given transfer queue between transfer...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from incorrect use of the ptp work queue for the second part of the timestamp, which stops when the port is closed...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a segmentation error in rxecompqueuepkt...

The vulnerability of the Microsoft Message Queuing (MSMQ) queue service on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Message Queuing MSMQ queue service on Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna packages/liberaries.

Summary IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna. This bulletin identifies the steps required to address these vulnerabilities Vulnerability Details CVEID:CVE-2023-6004 DESCRIPTION: libssh could allow a local authenticate...

The vulnerability of the queue_oob() function in socket implementations for kernels AF_UNIX in Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the queueoob function in the net/unix/afunix.c module, which is part of the AFUNIX socket implementation in Linux operating systems, relates to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability can allow an...

Google pixel security breach

Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google pixel, which stems from a post-release reuse in the lwisprocesstransactionsinqueue module of lwistransaction.c. The vulnerability is caused by the presence of the...

SUSE CVE-2024-36972

In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under skreceivequeue lock. Billy Jheng Bing-Jhong reported a race between unixgc and queueoob. unixgc tries to garbage-collect closed inflight sockets, and then if the socket has MSGOOB in...

AZL-48813 CVE-2024-36972 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under skreceivequeue lock. Billy Jheng Bing-Jhong reported a race between unixgc and queueoob. unixgc tries to garbage-collect closed inflight sockets, and then if the socket has MSGOOB in...

DEBIAN-CVE-2024-36972

In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under skreceivequeue lock. Billy Jheng Bing-Jhong reported a race between unixgc and queueoob. unixgc tries to garbage-collect closed inflight sockets, and then if the socket has MSGOOB in...

AZL-48759 CVE-2024-36972 affecting package kernel for versions less than 6.6.64.2-9

In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under skreceivequeue lock. Billy Jheng Bing-Jhong reported a race between unixgc and queueoob. unixgc tries to garbage-collect closed inflight sockets, and then if the socket has MSGOOB in...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention issue with skreceivequeue in afunix...

GHSA-973G-55HP-3FRW Server-Side Request Forgery in gradio

A Server-Side Request Forgery SSRF vulnerability exists in the gradio-app/gradio and was discovered in version 4.21.0, specifically within the /queue/join endpoint and the saveurltocache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is us...

Server-Side Request Forgery in gradio

A Server-Side Request Forgery SSRF vulnerability exists in the gradio-app/gradio and was discovered in version 4.21.0, specifically within the /queue/join endpoint and the saveurltocache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is us...

CVE-2024-4325 Server-Side Request Forgery (SSRF) in gradio-app/gradio

A Server-Side Request Forgery SSRF vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the /queue/join endpoint and the saveurltocache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is used to make an HTTP...

DEBIAN-CVE-2024-33655

The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service resource consumption by arranging for DNS queries to be accumulated for seconds, such that responses are later sent in a pulsing burst which can be considered traffic amplification in some cases, aka the...

kernel: wifi: rt2x00: restart beacon queue when hardware reset

A flaw was found in the Linux kernel. When a hardware reset is triggered, all registers are reset, so all queues are forced to stop in the hardware interface. However, mac80211 will not automatically stop the queue. If the beacon queue is not manually stopped, it will be deadlocked and unable to...

kernel: wifi: iwlwifi: mvm: ensure offloading TID queue exists

A vulnerability was found in the Linux kernel's iwlwifi driver for Intel wireless devices. This issue occurs when the system attempts to sync the TX queue for an offloading TID during resume, but the queue is not allocated if no packets have been sent on TID 0...