CVE-2024-43397

Apollo is a configuration management system. A vulnerability exists in the synchronization configuration feature that allows users to craft specific requests to bypass permission checks. This exploit enables them to modify a namespace without the necessary permissions. The issue was addressed wit...

CVE-2024-43397 Potential unauthorized access issue in apollo-portal

Apollo is a configuration management system. A vulnerability exists in the synchronization configuration feature that allows users to craft specific requests to bypass permission checks. This exploit enables them to modify a namespace without the necessary permissions. The issue was addressed wit...

CVE-2024-43397

CVE-2024-43397 affects Apollo’s synchronization configuration feature in the open-source Apollo configuration management system. The vulnerability allows an attacker to bypass permission checks via crafted requests, enabling modification of a namespace without the required rights. The root cause ...

CVE-2024-43397 Potential unauthorized access issue in apollo-portal

Apollo is a configuration management system. A vulnerability exists in the synchronization configuration feature that allows users to craft specific requests to bypass permission checks. This exploit enables them to modify a namespace without the necessary permissions. The issue was addressed wit...

CVE-2024-43397 Potential unauthorized access issue in apollo-portal

Apollo is a configuration management system. A vulnerability exists in the synchronization configuration feature that allows users to craft specific requests to bypass permission checks. This exploit enables them to modify a namespace without the necessary permissions. The issue was addressed wit...

SUSE-SU-2024:2983-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command bsc1227322 - CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure bsc1229007 nbd/server: Close stray...

PT-2024-30557 · Apollo · Apollo

Name of the Vulnerable Software and Affected Versions: Apollo versions prior to 2.3.0 Description: A vulnerability exists in the synchronization configuration feature that allows users to craft specific requests to bypass permission checks, enabling them to modify a namespace without the necessar...

ROS-20240820-02

Vulnerability of certstorestats and getcacerts functions of ssl module of programming language interpreter Python CPython is related to synchronization errors when using a shared resource. Exploitation The exploitation of the vulnerability may allow a remote intruder to gain unauthorized access t...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of locks during synchronization reset in the net/mlx5 component, which results in a devlink lock...

OESA-2024-1988 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as t...

OESA-2024-1991 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as t...

spi: fix null pointer dereference within spi_sync

...

ROS-20240815-05

A vulnerability in the centralized service for maintaining configuration information, naming, providing Apache ZooKeeper's centralized service for maintaining configuration information and naming, providing distributed synchronization, and providing group services is related to the lack of ACL...

Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6951-2)

"The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6951-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

PT-2024-6179 · Microsoft · Windows Kernel-Mode Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Kernel-Mode Driver affected versions not specified Description: The issue is related to an Elevation of Privilege vulnerability in the Windows Kernel-Mode Driver. It is caused by synchronization errors when using a shared resource,...

SUSE CVE-2024-7409

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

The vulnerability of the DevTools suite for web development in Google Chrome and Microsoft Edge browsers allows a hacker to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the DevTools suite for web development in Google Chrome and Microsoft Edge relates to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execute arbitrary code, or caus...

crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak

...

kernel: drm/ast: Fix soft lockup

CVE-2024-35952 describes an issue in the Linux kernel's AST graphics driver. The problem occurs in the astdpsetonoff function, where a lack of proper synchronization with the DisplayPort Microcontroller Unit DPMCU can result in an infinite loop. This can cause a "soft lockup" in the host system,...

kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge

CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...