CVE-2024-56754 affecting package kernel for versions less than 6.6.64.2-1

CVE-2024-56754 affecting package kernel for versions less than 6.6.64.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-57940

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfatreaddir If the file system is corrupted so that a cluster is linked to itself in the cluster chain, and there is an unused directory entry in the cluster, 'dentry' will not be incremented,...

ROS-20250120-01

Vulnerability of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers of operating systems Windows is related to leaked video frames from different sources. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information...

CVE-2025-21651

In the Linux kernel, the following vulnerability has been resolved: net: hns3: don't auto enable misc vector Currently, there is a time window between misc irq enabled and service task inited. If an interrupte is reported at this time, it will cause warning like below: 16.324639 Call trace:...

CVE-2024-54031

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsethash: unaligned atomic read on struct nftsetext Access to genmask field in struct nftsetext results in unaligned atomic read: 72.130109 Unable to handle kernel paging request at virtual address ffff0000c2bb708c...

[SECURITY] Fedora 41 Update: perl-Net-OAuth-0.30-1.fc41

Perl implementation of OAuth, an open protocol to allow secure API authentication in a simple and standard method from desktop and web applications. In practical terms, a mechanism for a Consumer to request protected resources from a Service Provider on behalf of a user...

CVE-2024-57659

An issue in the sqlgparalleltsseq component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2024-53682

In the Linux kernel, the following vulnerability has been resolved: regulator: axp20x: AXP717: set rampdelay AXP717 datasheet says that regulator ramp delay is 15.625 us/step, which is 10mV in our case. Add a AXPDESCRANGESDELAY macro and update AXPDESCRANGES macro to expand to AXPDESCRANGESDELAY...

CVE-2024-45337 affecting package telegraf for versions less than 1.29.4-10

CVE-2024-45337 affecting package telegraf for versions less than 1.29.4-10. A patched version of the package is available...

CVE-2024-45338 affecting package telegraf for versions less than 1.29.4-10

CVE-2024-45338 affecting package telegraf for versions less than 1.29.4-10. A patched version of the package is available...

IBM AIX Competitive Conditions Issue Vulnerability

IBM AIX is an open standards-based UNIX operating system developed by International Business Machines IBM for the IBM Power architecture. IBM AIX has a security vulnerability that can be exploited by attackers to cause a denial of service...

CVE-2024-56729

In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid-tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cacheddirleasebreak and...

CVE-2024-56742

In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vfaddmigrationpages Fix an unwind issue in mlx5vfaddmigrationpages. If a set of pages is allocated but fails to be added to the SG table, they need to be freed to prevent a memory leak. Any...

CVE-2024-56712

In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix memory leak on last exportudmabuf error path In exportudmabuf, if dmabuffd fails because the FD table is full, a dmabuf owning the udmabuf has already been created; but the error handling in udmabufcreate will tear...

The vulnerability of the Nix packet manager in Unix operating systems arises from improper restrictions on the path name of the restricted access directory. This allows a malicious user to re-record any files in the system.

The vulnerability of the Nix packet manager in Unix operating systems is related to an improper limitation on the path name of the restricted access directory. Exploiting this vulnerability allows a remote attacker to re-record any files in the system...

CVE-2024-56573

In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdlineptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack. cmdline refers to the pool allocation that should be freed whe...

CVE-2024-56555

In the Linux kernel, the following vulnerability has been resolved: binder: fix OOB in binderaddfreezework In binderaddfreezework we iterate over the proc-nodes with the proc-innerlock held. However, this lock is temporarily dropped to acquire the node-lock first lock nesting order. This can race...

CVE-2024-55919

Improper input validation on generic SSO login...

IBM AIX 操作系统命令注入漏洞

IBM AIX is an open standards-based UNIX operating system developed by International Business Machines IBM for the IBM Power architecture. An operating system command injection vulnerability exists in IBM AIX versions 7.2 and 7.3, which stems from improper neutralization of user input. An attacker...

GHSA-Q59J-VV4J-V33C vulnerabilities

Vulnerabilities for packages: amazon-cloudwatch-agent-operator, pulumi, promxy...