9053 matches found
CVE-2023-52908
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL dereference Fix potential NULL dereference, in the case when "man", the resource manager might be NULL, when/if we print debug information...
CVE-2022-48891
In the Linux kernel, the following vulnerability has been resolved: regulator: da9211: Use irq handler when ready If the system does not come from reset like when it is kexec, the regulator might have an IRQ waiting for us. If we enable the IRQ handler before its structures are ready, we crash...
CVE-2023-52906
In the Linux kernel, the following vulnerability has been resolved: net/sched: actmpls: Fix warning during failed attribute validation The 'TCAMPLSLABEL' attribute is of 'NLAU32' type, but has a validation type of 'NLAVALIDATEFUNCTION'. This is an invalid combination according to the comment abov...
CVE-2024-43878
In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix input error path memory access When there is a misconfiguration of input state slow path KASAN report error. Fix this error. west login: 52.987278 eth1: renamed from veth11 53.078814 eth1: renamed from veth21 53.181355...
CVE-2024-42369
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This...
CVE-2024-38808
In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language SpEL expression that may cause a denial of service DoS condition. Specifically, an application is vulnerable when the following is true:...
CVE-2024-7592
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resourc...
GHSA-XMRP-424F-VFPX vulnerabilities
Vulnerabilities for packages: atuin...
CVE-2024-43858
In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree...
CVE-2024-43844
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: wow: fix GTK offload H2C skbuff issue We mistakenly put skb too large and that may exceed skb-end. Therefore, we fix it. skbuff: skboverpanic: text:ffffffffc09e9a9d len:416 put:204 head:ffff8fba04eca780...
CVE-2024-43853
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow An UAF can happen when /proc/cpuset is read as reported in 1. This can be reproduced by the following methods: 1.add an mdelay1000 before acquiring the cgrouplock In the cgrouppathns...
CVE-2024-42313
In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdecclose There appears to be a possible use after free with vdecclose. The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly...
CVE-2024-42285
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs iwconnreqhandler associates a new struct rdmaidprivate connid with an existing struct iwcmid cmid as follows: connid-cmid.iw = cmid; cmid-context = connid; cmid-cmhandl...
CVE-2024-42299
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Update log-pagemask,bits if log-pagesize changed If an NTFS file system is mounted to another system with different PAGESIZE from the original system, log-pagesize will change in logreplay, but log-pagemask,bits don't...
CVE-2024-42270
In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix null-ptr-deref in iptablenattableinit. We had a report that iptables-restore sometimes triggered null-ptr-deref at boot time. 0 The problem is that iptablenattableinit is exposed to user space before the...
CVE-2024-42278
In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdevloadcalibrateddata This function has a reversed if statement so it's either a no-op or it leads to a NULL dereference...
CVE-2024-42282
In the Linux kernel, the following vulnerability has been resolved: net: mediatek: Fix potential NULL pointer dereference in dummy netdevice handling Move the freeing of the dummy netdevice from mtkfreedev to mtkremove. Previously, if allocnetdevdummy failed in mtkprobe, eth-dummydev would be NUL...
CVE-2024-42291
In the Linux kernel, the following vulnerability has been resolved: ice: Add a per-VF limit on number of FDIR filters While the iavf driver adds a s/w limit 128 on the number of FDIR filters that the VF can request, a malicious VF driver can request more than that and exhaust the resources for...
CVE-2024-42310
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdvintellvdsgetmodes In cdvintellvdsgetmodes, the return value of drmmodeduplicate is assigned to mode, which will lead to a NULL pointer dereference on failure of drmmodeduplicate. Add...
CVE-2024-42309
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psbintellvdsgetmodes In psbintellvdsgetmodes, the return value of drmmodeduplicate is assigned to mode, which will lead to a possible NULL pointer dereference on failure of...