kernel: RDMA/qedr: Fix qedr_create_user_qp error flow

In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedrcreateuserqp error flow The Linux kernel CVE team has assigned CVE-2024-26743 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024040301-CVE-2024-26743-6034@gregkh/T...

kernel: wifi: rt2x00: restart beacon queue when hardware reset

A flaw was found in the Linux kernel. When a hardware reset is triggered, all registers are reset, so all queues are forced to stop in the hardware interface. However, mac80211 will not automatically stop the queue. If the beacon queue is not manually stopped, it will be deadlocked and unable to...

kernel: wifi: iwlwifi: mvm: ensure offloading TID queue exists

A vulnerability was found in the Linux kernel's iwlwifi driver for Intel wireless devices. This issue occurs when the system attempts to sync the TX queue for an offloading TID during resume, but the queue is not allocated if no packets have been sent on TID 0...

SUSE CVE-2022-0995

An out-of-bounds OOB memory write flaw was found in the Linux kernel's watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system...

SUSE CVE-2024-36962

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...

PT-2024-31337

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50 Description The issue arises in the net/mlx5e component of the Linux kernel, specifically with the SHAMPO feature. When all strides in a Work Queue Element WQE are consumed, the WQE is unlinked from the Wo...

DEBIAN-CVE-2024-36962

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...

CVE-2024-36962

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919 Bulk Scanner CVE-2024-24919 Check Point Securi...

SUSE CVE-2024-36908

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: do not WARN if iocg was already offlined In iocgpaydebt, warn is triggered if 'activelist' is empty, which is intended to confirm iocg is active when it has debt. However, warn can be triggered during a blkcg or disk...

The vulnerability of the graphical driver of microprogramming software in Qualcomm’s embedded chips allows a hacker to execute arbitrary code.

The vulnerability of the graphical driver of embedded Qualcomm software lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code by destroying the context during the processing of objects in the KGSLGPUAUXCOMMANDTIMELINE queue...

UBUNTU-CVE-2024-36908

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: do not WARN if iocg was already offlined In iocgpaydebt, warn is triggered if 'activelist' is empty, which is intended to confirm iocg is active when it has debt. However, warn can be triggered during a blkcg or disk...

CVE-2023-52882

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change While PLL CPUX clock rate change when CPU is running from it works in vast majority of cases, now and then it causes instability. This leads to system crashes and other...

DRUPAL-CONTRIB-2024-024

The Migrate queue importer module enables you to create cron migrationsconfiguration entities with a reference towards migration entities in order to import them during cron runs. The module doesn't sufficiently protect against Cross Site Request Forgery under specific scenarios allowing an...

SUSE CVE-2023-52774

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...

SUSE CVE-2023-52851

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF In the unlikely event that workqueue allocation fails and returns NULL in mlx5mkeycacheinit, delete the call to mlx5rumrresourcecleanup which frees th...

Drupal Migrate queue importer module < 2.1.1 - Administrator+ Cross Site Request Forgery (CSRF) vulnerability

Administrator+ Cross Site Request Forgery CSRF vulnerability discovered by Pierre Rudloff in WordPress Module Migrate queue importer versions 2.1.1...

Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024

The Migrate queue importer module enables you to create cron migrationsconfiguration entities with a reference towards migration entities in order to import them during cron runs. The module doesn't sufficiently protect against Cross Site Request Forgery under specific scenarios allowing an...

PT-2024-10357 · Drupal · Migrate Queue Importer

Name of the Vulnerable Software and Affected Versions: Migrate queue importer versions 0.0.0 through 2.1.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability in the Migrate queue importer module of the Drupal content management system. This vulnerability allows f...

SUSE CVE-2021-47562

In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi-txqmap sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi-txqmap's size is equal t...