CVE-2024-50279

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing dm-cache checks the dirty bits of the cache blocks to be dropped when shrinking the fast device, but an index bug in bitset iteration causes out-of-bounds acces...

CVE-2024-50301

In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in keytaskpermission KASAN reports an out of bounds read: BUG: KASAN: slab-out-of-bounds in kuidval include/linux/uidgid.h:36 BUG: KASAN: slab-out-of-bounds in uideq include/linux/uidgid.h:63...

CVE-2024-50267

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The "devdbg&urb-dev-dev, ..." which happens after usbfreeurburb is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid...

CVE-2024-50292

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: spdifrx: fix dma channel release in stm32spdifrxremove In case of error when requesting ctrlchan DMA channel, ctrlchan is not null. So the release of the dma channel leads to the following issue: 4.879000...

CVE-2024-52303

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a request produces a MatchInfoError. This was caused by adding an entry to a cache on each request, due to the building of each...

CVE-2024-47533

Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and 3.3.7. utils.getsharedsecret always returns -1, which allows anyone to connect to cobbler...

CVE-2024-48897

A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify...

CVE-2024-52947

A cross-site scripting XSS vulnerability in LemonLDAP::NG before 2.20.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter of the upgrade session confirmation page upgradeSession / forceUpgrade if the "Upgrade session" plugin has been enabled by an admin...

CVE-2024-41679

GLPI is a free asset and IT management software package. An authenticated user can exploit a SQL injection vulnerability from the ticket form. Upgrade to 10.0.17...

CVE-2024-49395

In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info...

CVE-2024-52531

GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soupheaderparseparamliststrict. There is a plausible way to reach this remotely via soupmessageheadersgetcontenttype e.g., an application may want to retrieve the content type of a request or...

CVE-2024-51490

Ampache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu, where users can change "Custom URL - Logo". This section is not properly sanitized, allowing for the input of strings that can execute JavaScript. Thi...

CVE-2024-50226

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In support of investigating an initialization failure report 1, cxltest was updated to register mock memory-devices after the mock root-port/bus device had been...

CVE-2024-50213

In the Linux kernel, the following vulnerability has been resolved: drm/tests: hdmi: Fix memory leaks in drmdisplaymodefromceavic modprobe drmhdmistatehelpertest and then rmmod it, the following memory leak occurs. The mode allocated in drmmodeduplicate called by drmdisplaymodefromceavic is not...

CVE-2024-50237

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: do not pass a stopped vif to the driver in .gettxpower Avoid potentially crashing in the driver because of uninitialized private data...

CVE-2024-50192

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE Kunkun Jiang reported that there is a small window of opportunity for userspace to force a change of affinity for a VPE while the VPE has already been unmapped, but the...

CVE-2024-50141

In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFIMEMORYRUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue arises because the PRMT is finding a block of type...

CVE-2024-50152

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2setea Clang static checkerscan-build warning： fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory. 1304 | kfreeea; | ^ There is a double free in such case: 'ea is initializ...

CVE-2024-50165

In the Linux kernel, the following vulnerability has been resolved: bpf: Preserve param-string when parsing mount options In bpfparseparam, keep the value of param-string intact so it can be freed later. Otherwise, the kmalloc area pointed to by param-string will be leaked as shown below:...

CVE-2024-50162

In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect rxq contains a pointer to the device from where the redirect happened. Currently, the BPF program that was executed after a redirect via BPFMAPTYPEDEVMAP does not have it set. This is...