CVE-2021-46941

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Do core softreset when switch mode According to the programming guide, to switch mode for DRD controller, the driver needs to do the following. To switch from device to host: 1. Reset controller with...

CVE-2021-46941 usb: dwc3: core: Do core softreset when switch mode

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Do core softreset when switch mode According to the programming guide, to switch mode for DRD controller, the driver needs to do the following. To switch from device to host: 1. Reset controller with...

PT-2024-2978 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the ch ktls component of the Linux kernel and is caused by the lack of synchronization locking. This can lead to a kernel panic when taking page refcount is not...

The vulnerability of the Manageability Engine (ME) in Intel Server Platform Services (SPS) software for Lenovo ThinkSystem servers allows a malicious actor to alter the firmware configuration and trigger a service failure.

The vulnerability of the Manageability Engine ME in Intel Server Platform Services SPS of Lenovo ThinkSystem servers stems from the synchronization failure between BIOS/UEFI and ME states due to the use of non-replicable configurations. Exploiting this vulnerability can allow an attacker to alter...

ROS-20240226-01

A vulnerability in the mustmkdirandopenwithperms function of the snap-confine utility is related to synchronization errors when using a shared resource "Race Situation". Exploitation of the vulnerability could allow an attacker to escalate privileges or execute arbitrary code...

Race Condition

github.com/apache/incubator-answer is vulnerable to a Race Condition. The vulnerability is due to improper synchronization during user registration, specifically when users rapidly submit multiple registrations using scripts. This can lead to the registration of multiple user accounts with the sa...

GHSA-9Q24-HWMC-797X Apache Answer Race Condition vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...

Apache Answer Race Condition vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...

CVE-2024-26578

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...

Race condition

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...

CVE-2024-26578 Apache Answer: Repeated submission at registration created duplicate users with the same name

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...

Fedora: Security Advisory for syncthing (FEDORA-2024-b93312a597)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching already freed data...

UBUNTU-CVE-2024-26583

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching already freed data...

CVE-2024-26583 tls: fix race between async notify and socket close

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching already freed data...

CVE-2024-26583

CVE-2024-26583 affects the Linux kernel TLS path. The issue is a race between async crypto notify completion and socket close, where the submitting thread could exit before the crypto handler finishes, risking touching data after it has been freed. The fix routes around this by reducing complex l...

[SECURITY] Fedora 38 Update: syncthing-1.27.3-1.fc38

Syncthing replaces other file synchronization services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it's transmitted over the Internet. Using syncthing, that control is...

[SECURITY] Fedora 39 Update: syncthing-1.27.3-1.fc39

Syncthing replaces other file synchronization services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it's transmitted over the Internet. Using syncthing, that control is...

UBUNTU-CVE-2023-52433

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path might walk over an alrea...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the netfilter module that could lead to the skipping of the synchronization GC for new elemen...