6204 matches found
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7019-1)
"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7019-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer...
SUSE CVE-2024-46703
In the Linux kernel, the following vulnerability has been resolved: Revert "serial: 8250omap: Set the console genpd always on if no console suspend" This reverts commit 68e6939ea9ec3d6579eadeab16060339cdeaf940. Kevin reported that this causes a crash during suspend on platforms that dont use PM...
CVE-2024-46937
An improper access control IDOR vulnerability in the /api-selfportal/get-info-token-properties endpoint in MFASOFT Secure Authentication Server SAS 1.8.x through 1.9.x before 1.9.040924 allows remote attackers gain access to user tokens without authentication. The is a brute-force attack on the...
CVE-2024-46937
An improper access control IDOR vulnerability in the /api-selfportal/get-info-token-properties endpoint in MFASOFT Secure Authentication Server SAS 1.8.x through 1.9.x before 1.9.040924 allows remote attackers gain access to user tokens without authentication. The is a brute-force attack on the...
Ubuntu: Security Advisory (USN-7003-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-46937
The CVE-2024-46937 entry concerns MFASOFT Secure Authentication Server (SAS) 1.8.x–1.9.x prior to 1.9.040924, where an improper access control (IDOR) allows remote attackers to access user tokens without authentication via the /api-selfportal/get-info-token-properties endpoint. The root cause is ...
Unspecified vulnerability in Linux kernel (CNVD-2024-39373)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly handle the device busy state when adding a serial port. No details of the vulnerabilit...
USN-7003-3: Linux kernel vulnerabilities
It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service system crash. CVE-2024-40902 Several security issues were discovered in the Linux kernel. An attacker could...
CVE-2024-46706
In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: mark last busy before uartaddoneport With "earlycon initcalldebug=1 loglevel=8" in bootargs, kernel sometimes boot hang. It is because normal console still is not ready, but runtime suspend is called, so...
DEBIAN-CVE-2024-46703
In the Linux kernel, the following vulnerability has been resolved: Revert "serial: 8250omap: Set the console genpd always on if no console suspend" This reverts commit 68e6939ea9ec3d6579eadeab16060339cdeaf940. Kevin reported that this causes a crash during suspend on platforms that dont use PM...
UBUNTU-CVE-2024-46703
In the Linux kernel, the following vulnerability has been resolved: Revert "serial: 8250omap: Set the console genpd always on if no console suspend" This reverts commit 68e6939ea9ec3d6579eadeab16060339cdeaf940. Kevin reported that this causes a crash during suspend on platforms that dont use PM...
CVE-2024-46706
In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: mark last busy before uartaddoneport With "earlycon initcalldebug=1 loglevel=8" in bootargs, kernel sometimes boot hang. It is because normal console still is not ready, but runtime suspend is called, so...
CVE-2024-46706 tty: serial: fsl_lpuart: mark last busy before uart_add_one_port
In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: mark last busy before uartaddoneport With "earlycon initcalldebug=1 loglevel=8" in bootargs, kernel sometimes boot hang. It is because normal console still is not ready, but runtime suspend is called, so...
CVE-2024-46703 Revert "serial: 8250_omap: Set the console genpd always on if no console suspend"
In the Linux kernel, the following vulnerability has been resolved: Revert "serial: 8250omap: Set the console genpd always on if no console suspend" This reverts commit 68e6939ea9ec3d6579eadeab16060339cdeaf940. Kevin reported that this causes a crash during suspend on platforms that dont use PM...
CVE-2024-46703 Revert "serial: 8250_omap: Set the console genpd always on if no console suspend"
In the Linux kernel, the following vulnerability has been resolved: Revert "serial: 8250omap: Set the console genpd always on if no console suspend" This reverts commit 68e6939ea9ec3d6579eadeab16060339cdeaf940. Kevin reported that this causes a crash during suspend on platforms that dont use PM...
DEBIAN-CVE-2024-46674
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undoplatformdevalloc" is entirely bogus. It drops the reference count from...
UBUNTU-CVE-2024-46674
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undoplatformdevalloc" is entirely bogus. It drops the reference count from...
UBUNTU-CVE-2024-46675
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an issue where the USB core could access an invalid event buffer address during runtime suspend, potentially causing SMMU faults and othe...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly handle the device busy state when adding a serial port. No details of the vulnerabilit...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7003-3)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7003-3 advisory. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could us...