CVE-2024-36021 net: hns3: fix kernel crash when devlink reload during pf initialization

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during pf initialization The devlink reload process will access the hardware resources, but the register operation is done before the hardware is initialized. So, processing the...

CVE-2024-36021 net: hns3: fix kernel crash when devlink reload during pf initialization

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during pf initialization The devlink reload process will access the hardware resources, but the register operation is done before the hardware is initialized. So, processing the...

CVE-2024-36021 net: hns3: fix kernel crash when devlink reload during pf initialization

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during pf initialization The devlink reload process will access the hardware resources, but the register operation is done before the hardware is initialized. So, processing the...

PT-2024-26849

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises when the devlink reload process accesses hardware resources during pf initialization, but the register operation is done before the hardware is initialized, potentially...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a kernel crash when devlink is reloaded during initialization of the net:hns3 module...

PT-2024-40463 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 affected versions not specified Description: The issue arises when creating new backend user accounts in the TYPO3 backend, potentially leading to database records with insecure or empty credentials being persisted. This occurs when the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a kernel crash during devlink reloading during pf initialization of the net:hns3 module...

SUSE CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlinknlcmdreload While preparing my patch series adding netns refcount tracking, I spotted bugs in devlinknlcmdreload Some error paths forgot to release a refcount on a netns. To fix this, we...

Simple Share Buttons Adder < 8.5.1 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed 1. Go to the plugin settings 2. In the "Additional CSS" field, enter the payload 3. Save...

DEBIAN-CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlinknlcmdreload While preparing my patch series adding netns refcount tracking, I spotted bugs in devlinknlcmdreload Some error paths forgot to release a refcount on a netns. To fix this, we...

UBUNTU-CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlinknlcmdreload While preparing my patch series adding netns refcount tracking, I spotted bugs in devlinknlcmdreload Some error paths forgot to release a refcount on a netns. To fix this, we...

systemd security update

239-82.0.1 - Fixed deletion issue for symlink when device is opened Orabug: 36228608 - Fix local-fs and remote-fs targets during system boot replaces old Orabug: 25897792 Orabug: 35871376 - 1A Add 'systemd-fstab-generator-reload-targets.service' file Orabug: 35871376 - 1B Add required rpms for...

kernel: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit...

CVE-2023-52736

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

DEBIAN-CVE-2023-52736

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

UBUNTU-CVE-2023-52736

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

CVE-2023-52736 ALSA: hda: Do not unset preset when cleaning up codec

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

CVE-2021-47371

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix memory leaks in nexthop notification chain listeners syzkaller discovered memory leaks 1 that can be reduced to the following commands: ip nexthop add id 1 blackhole devlink dev reload pci/0000:06:00.0 As part of the...

CVE-2021-47371

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix memory leaks in nexthop notification chain listeners syzkaller discovered memory leaks 1 that can be reduced to the following commands: ip nexthop add id 1 blackhole devlink dev reload pci/0000:06:00.0 As part of the...

CVE-2021-47371 nexthop: Fix memory leaks in nexthop notification chain listeners

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix memory leaks in nexthop notification chain listeners syzkaller discovered memory leaks 1 that can be reduced to the following commands: ip nexthop add id 1 blackhole devlink dev reload pci/0000:06:00.0 As part of the...