CVE-2024-50166

In the Linux kernel, the following vulnerability has been resolved: fsl/fman: Fix refcount handling of fman-related devices In macprobe there are multiple calls to offinddevicebynode, fmanbind and fmanportbind which takes references to ofdev-dev. Not all references taken by these calls are releas...

CVE-2024-50139

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix shift-out-of-bounds bug Fix a shift-out-of-bounds bug reported by UBSAN when running VM with MTE enabled host kernel. UBSAN: shift-out-of-bounds in arch/arm64/kvm/sysregs.c:1988:14 shift exponent 33 is too large f...

CVE-2024-50146

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5enetdevchangeprofile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not calling profile-cleanup...

CVE-2024-50154

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0 in reqsktimerhandler. """ We are seeing a use-after-free from a bpf prog attached to tracetcpretransmitsynack. The program passes th...

CVE-2024-50156

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msmdispstateprintregs If the allocation in msmdispstatedumpregs failed then block-state can be NULL. The msmdispstateprintregs function does have code to try to handle it with: if reg dumpaddr =...

CVE-2024-38286

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. The following versions were EOL at the time the CVE was created but are known to be...

CVE-2024-50345

symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The Request class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the Request class...

CVE-2024-50110

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in copytoiter+0x598/0x2a30 copytoiter+0x598/0x2a30 skbdatagramiter+0x168/0x1060...

CVE-2024-50090

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix overflow in oa batch buffer By default xebbcreatejob appends a MIBATCHBUFFEREND to batch buffer, this is not a problem if batch buffer is only used once but oa reuses the batch buffer for the same metric and at eac...

CVE-2024-51744

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

CVE-2024-50076

In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in confontget font.data may not initialize all memory spaces depending on the implementation of vc-vcsw-confontget. This may cause info-leak, so to prevent this, it is safest to modify it to initialize...

CVE-2024-50075

In the Linux kernel, the following vulnerability has been resolved: xhci: tegra: fix checked USB2 port number If USB virtualizatoin is enabled, USB2 ports are shared between all Virtual Functions. The USB2 port number owned by an USB2 root hub in a Virtual Function may be less than total USB2 phy...

CVE-2024-21219 affecting package mysql for versions less than 8.0.40-1

CVE-2024-21219 affecting package mysql for versions less than 8.0.40-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-49015

In the Linux kernel, the following vulnerability has been resolved: net: hsr: Fix potential use-after-free The skb is delivered to netifrx which may free it, after calling this, dereferencing skb may trigger use-after-free...

CVE-2022-49028

In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevfinitmodule ixgbevfinitmodule won't destroy the workqueue created by createsinglethreadworkqueue when pciregisterdriver failed. Add destroyworkqueue in fail path to prevent the resource leak...

CVE-2022-49029

In the Linux kernel, the following vulnerability has been resolved: hwmon: ibmpex Fix possible UAF when ibmpexregisterbmc fails Smatch report warning as follows: drivers/hwmon/ibmpex.c:509 ibmpexregisterbmc warn: '&data-list' not removed from list If ibmpexfindsensors fails in ibmpexregisterbmc,...

CVE-2022-48989

In the Linux kernel, the following vulnerability has been resolved: fscache: Fix oops due to race with cookielru and usecookie If a cookie expires from the LRU and the LRUDISCARD flag is set, but the state machine has not run yet, it's possible another thread can call fscacheusecookie and begin t...

CVE-2022-49022

In the Linux kernel, the following vulnerability has been resolved: wifi: mac8021: fix possible oob access in ieee80211getrateduration Fix possible out-of-bound access in ieee80211getrateduration routine as reported by the following UBSAN report: UBSAN: array-index-out-of-bounds in...

CVE-2024-50022

In the Linux kernel, the following vulnerability has been resolved: device-dax: correct pgoff align in daxsetmapping pgoff should be aligned using ALIGNDOWN instead of ALIGN. Otherwise, vmf-address not aligned to faultsize will be aligned to the next alignment, that can result in memory failure...

CVE-2022-49025

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the assignment in...