SUSE CVE-2024-27047

In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...

SUSE CVE-2024-27062

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306 general protection...

CVE-2024-34460

The Tree Explorer tool from Organizer in Zenario before 9.5.60602 is affected by XSS. This component was removed in 9.5.60602...

CVE-2024-34460

The Tree Explorer tool from Organizer in Zenario before 9.5.60602 is affected by XSS. This component was removed in 9.5.60602...

Zenario CMS 跨站脚本漏洞

Zenario CMS is a Zenario open source application. It provides a web-based content management system. A cross-site scripting vulnerability exists in versions of Zenario CMS prior to 9.5.60602, which stems from the Tree Explorer tool in Organizer being susceptible to cross-site scripting...

CVE-2024-34460

The CVE-2024-34460 issue affects Zenario’s Tree Explorer tool from Organizer in Zenario prior to version 9.5.60602, where the XSS vulnerability exists in that component. The Tree Explorer was removed in 9.5.60602, indicating remediation by removal, with later versions no longer exposed to this fl...

PT-2024-25914 · Zenario · Zenario

Name of the Vulnerable Software and Affected Versions: Zenario versions prior to 9.5.60602 Description: The Tree Explorer tool from Organizer in Zenario is affected by a cross-site scripting XSS issue. This component was removed in version 9.5.60602. Recommendations: For versions prior to...

DEBIAN-CVE-2022-48672

In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflattendtnodes Commit 78c44d910d3e "drivers/of: Fix depth when unflattening devicetree" forgot to fix up the depth check in the loop body in unflattendtnodes which makes it possible to overflow...

UBUNTU-CVE-2022-48672

In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflattendtnodes Commit 78c44d910d3e "drivers/of: Fix depth when unflattening devicetree" forgot to fix up the depth check in the loop body in unflattendtnodes which makes it possible to overflow...

SUSE CVE-2024-27004

In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disableunused Doug reported 1 the following hung task: INFO: task swapper/0:1 blocked for more than 122 seconds. Not tainted 5.15.149-21875-gf795ebc40eb8 1 "echo 0...

SUSE CVE-2024-27058

In the Linux kernel, the following vulnerability has been resolved: tmpfs: fix race on handling dquot rbtree A syzkaller reproducer found a race while attempting to remove dquot information from the rb tree. Fetching the rbtree root node must also be protected by the dqopt-dqiosem, otherwise,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a security flaw in the function unwattendtnodes...

CVE-2024-27047

A vulnerability was found in the Linux kernel's net driver phydevice.c in the phygetinternaldelay function, where a lack of proper checks can cause a potential NULL pointer dereference to occur when the function attempts to access an empty array. The error occurs if the driver calls...

CVE-2024-27062

A flaw was found in the nouveau module in the Linux kernel. A missing resource lock can cause a race condition and trigger a general protection fault, resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the...

CVE-2024-27004

In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disableunused Doug reported 1 the following hung task: INFO: task swapper/0:1 blocked for more than 122 seconds. Not tainted 5.15.149-21875-gf795ebc40eb8 1 "echo 0...

AZL-59631 CVE-2024-27062 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306 general protection...

CVE-2024-27062

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306 general protection...

DEBIAN-CVE-2024-27058

In the Linux kernel, the following vulnerability has been resolved: tmpfs: fix race on handling dquot rbtree A syzkaller reproducer found a race while attempting to remove dquot information from the rb tree. Fetching the rbtree root node must also be protected by the dqopt-dqiosem, otherwise,...

DEBIAN-CVE-2024-27062

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306 general protection...

DEBIAN-CVE-2024-27047

In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...