DEBIAN-CVE-2024-50231

In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks in iiogtsbuildavailscaletable modprobe iio-test-gts and rmmod it, then the following memory leak occurs: unreferenced object 0xffffff80c810be00 size 64: comm "kunittrycatch", pid 1654, jiffies...

CVE-2024-50235 wifi: cfg80211: clear wdev->cqm_config pointer on free

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear wdev-cqmconfig pointer on free When we free wdev-cqmconfig when unregistering, we also need to clear out the pointer since the same wdev/netdev may get re-registered in another network namespace, then...

ASoC: meson: axg-card: fix 'use-after-free'

...

driver core: bus: Fix double free in driver API bus_register()

...

DEBIAN-CVE-2024-50175

In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: Remove usecount guard in stopstreaming The usecount check was introduced so that multiple concurrent Raw Data Interfaces RDIs could be driven by different virtual channels VCs on the CSIPHY input driving the...

USN-7095-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. CVE-2024-25741 Several security issues were discovered in the Linux kernel. An...

USN-7095-1 linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. CVE-2024-25741 Several security issues were discovered in the Linux kernel. An...

USN-7089-3: Linux kernel vulnerabilities

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. CVE-2024-25741 Several security issues were discovered in the Linux kernel. An...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7095-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7095-1 advisory. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7089-3)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7089-3 advisory. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7088-4)

"The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7088-4 advisory. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local...

CVE-2024-20507

A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of sensitive information within the web-based management interface of...

CVE-2024-20507 Cisco Meeting Management Information Disclosure Vulnerability

A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of sensitive information within the web-based management interface of...

CVE-2024-20507

Cisco CVE-2024-20507 affects Cisco Meeting Management (and related Cisco Meeting Server) where an attacker with authenticated access to the web management interface can view sensitive information stored on the device due to improper storage in the logging subsystem. The issue is identified as an ...

USN-7088-3: Linux kernel vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36402 Several security issues were discovered in the Linux kernel. An attacker could...

UBUNTU-CVE-2024-50103

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix NULL Dereference in asocqcomlpasscpuplatformprobe A devmkzalloc in asocqcomlpasscpuplatformprobe could possibly return NULL pointer. NULL Pointer Dereference may be triggerred without addtional check. Add a NULL...

CVE-2024-50108 drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too Stuart Hayhurst has found that both at bootup and fullscreen VA-API video is leading to black screens for around 1 second and kernel WARNING 1 traces when calling...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ASoC: qcom module's failure to properly handle pointers returned by devmkzalloc in the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing Soundwire runtime stream assignment in the sdm845 sound card driver in the ASoC module...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ASoC: qcom module failing to properly allocate and free a Soundwire stream runtime in the sc7280 sound...