CVE-2024-8946

A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mpvfsumount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit...

CVE-2024-46686

In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid dereferencing rdata=NULL in smb2newreadreq This happens when called from SMB2read while using rdma and reaching the rdmareadwritethreshold...

CVE-2024-46713

In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event-mmapmutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. Note that in the lock order comment the perfevent::mmapmutex...

CVE-2024-45027

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check for xhci-interrupters being allocated in xhcimemclearup If xhcimeminit fails, it calls into xhcimemcleanup to mop up the damage. If it fails early enough, before xhci-interrupters is allocated but after...

CVE-2024-8654

MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This issue affected MongoDB Server v6.0 version 6.0.3...

CVE-2024-45296

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event...

CVE-2023-30583

fs.openAsBlob can bypass the experimental permission model when using the file system read restriction with the --allow-fs-read flag in Node.js 20. This flaw arises from a missing check in the fs.openAsBlob API. Please note that at the time this CVE was issued, the permission model is an...

CVE-2024-45003

In the Linux kernel, the following vulnerability has been resolved: vfs: Don't evict inode under the inode lru traversing context The inode reclaiming processSee function pruneicachesb collects all reclaimable inodes and mark them with IFREEING flag at first, at that time, other processes will be...

CVE-2024-44962

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading When unload the btnxpuart driver, its associated timer will be deleted. If the timer happens to be modified at this moment, it leads to the kernel ca...

CVE-2024-42285 affecting package kernel for versions less than 6.6.47.1-1

CVE-2024-42285 affecting package kernel for versions less than 6.6.47.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-52897

In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: do not warn on record without oldroots populated BUG There are some reports from the mailing list that since v6.1 kernel, the WARNON inside btrfsqgroupaccountextent gets triggered during rescan: WARNING: CPU: 3 PID...

CVE-2022-48872

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free race condition for maps It is possible that in between calling fastrpcmapget until map-fl-lock is taken in fastrpcfreemap, another thread can call fastrpcmaplookup and get a reference to a map th...

CVE-2024-43873

In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacketallow There are two issues around seqpacketallow: 1. seqpacketallow is not initialized when socket is created. Thus if features are never set, it will be read uninitialized. 2. if...

CVE-2024-42224 affecting package kernel for versions less than 5.15.163.1-1

CVE-2024-42224 affecting package kernel for versions less than 5.15.163.1-1. A patched version of the package is available...

libreoffice security update

7.1.8.1-14.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Added the --with-hamcrest option to configure. 7.1.8.1 - Remove Red Hat branding - Change vendor to RESF 1:7.1.8.1-14 - Fix CVE-2024-6472 remove ability to trust not validated macro signatures in high security...

CVE-2024-36009 affecting package hyperv-daemons for versions less than 6.6.35.1-1

CVE-2024-36009 affecting package hyperv-daemons for versions less than 6.6.35.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-42367

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions on the 3.10 branch prior to version 3.10.2, static routes which contain files with compressed variants .gz or .br extension are vulnerable to path traversal outside the root directory if those variants are...

CVE-2024-6873

It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited to what is available within a 256-byte range of memory at the time o...

CVE-2024-42074

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: add a null check for chippdev structure When acp platform device creation is skipped, chip-chippdev value will remain NULL. Add NULL check for chip-chippdev structure in sndacpresume function to avoid null pointer...

CVE-2024-41083

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix netfspagemkwrite to check folio-mapping is valid Fix netfspagemkwrite to check that folio-mapping is valid once it has taken the folio lock as filemappagemkwrite does. Without this, generic/247 occasionally oopses with...