The vulnerability of the QEMU hardware emulation software, related to synchronization errors, allows a hacker to trigger a service failure.

The vulnerability of the QEMU hardware emulation software is related to synchronization errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

The vulnerability of the Samba networking communication package arises from synchronization errors when using a shared resource. This allows attackers to gain access to confidential data and compromise its integrity.

The vulnerability of the Samba networking communication package is related to synchronization errors when using a shared resource due to incorrect metadata processing. Exploiting this vulnerability can allow an attacker to gain access to confidential data and compromise its integrity...

kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge

CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...

PT-2024-6256 · Microsoft · Windows Remote Desktop Licensing Service +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Licensing Service affected versions not specified Description: The issue is related to synchronization errors in the Windows Remote Desktop Licensing Service, specifically a "race condition" scenario. This can be...

PT-2024-7299 · Intel · Intel Uefi Firmware

Name of the Vulnerable Software and Affected Versions: Intel UEFI firmware affected versions not specified Description: A race condition in the UEFI firmware for some Intel processors may allow a privileged user to potentially enable escalation of privilege via local access. This issue is caused ...

ROS-20240906-01

Vulnerability of ip6tnlrcv function in net/ipv6/ip6tunnel.c module of Linux kernel IPv6 protocol implementation is related to use of uninitialized memory. of the Linux operating system is related to the use of uninitialized memory. Exploitation of the vulnerability could allow a remote attacker t...

The vulnerability of TeamViewer’s software for remote control of computers allows unauthorized access to protected information.

The vulnerability of TeamViewer’s remote control software relates to improper control over the synchronization function of the clipboard. Exploiting this vulnerability can allow an intruder operating remotely to gain unauthorized access to protected information...

CVE-2024-44959

In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...

CVE-2024-44959

The CVE-2024-44959 entry concerns the Linux kernel tracefs component. It describes a root cause in the in-kernel memory reclaim path where structure layout randomization of struct inode can cause overlapping or misused RCU fields during freeing, potentially triggering list corruption (list_del) a...

CVE-2024-44959 tracefs: Use generic inode RCU for synchronizing freeing

In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...

FreeBSD-SA-24:14.umtx

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:14.umtx Security Advisory The FreeBSD Project Topic: umtx Kernel panic or Use-After-Free Category: core Module: kern Announced: 2024-09-04 Credits: Synacktiv...

The vulnerability of the configfs component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the configfs component in the Linux operating system’s kernel is related to parallel execution using a shared resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause service failures...

CLSA-2024-1725293298 kernel: Fix of 37 CVEs

tun: add missing verification for short frame CVE-2024-41091 - tap: add missing verification for short frame CVE-2024-41090 - drm/amd/display: Fix potential index out of bounds in color transformation function CVE-2024-38552 - net: fix dstnegativeadvice race CVE-2024-36971 - net: annotate...

Monero: A peer can remotely fill the pending block queue to an extremely high size, with blocks that will never leave the queue.

The pending block queue in the Monero cryptocurrency protocol could be remotely filled to an extremely high size, up to approximately 54 GB, with blocks that would never leave the queue. This was possible due to lax rules in the synchronization code that allowed the queue size limit to be bypasse...

CVE-2024-6053

Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting...

CVE-2024-6053

Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting...

CVE-2024-6053 Improper access control in the clipboard synchronization feature

Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting...

CVE-2024-6053

The CVE-2024-6053 issue affects TeamViewer Full Client versions prior to 15.57 and TeamViewer Meeting versions prior to 15.55.3. The root cause is improper access control in the clipboard synchronization feature, causing unintentional sharing of clipboard contents with the current meeting present...

kernel: vfio/pci: Lock external INTx masking ops

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core interrupt code. In...

SUSE CVE-2024-44935

In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...