CVE-2021-47424 i40e: Fix freeing of uninitialized misc IRQ vector

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40eprobe as part of PF switch set up driver was trying to free misc IRQ vectors in i40eclearinterruptscheme and produced a kernel Oops: Trying to free...

CVE-2021-47424

The CVE-2021-47424 issue affects the Linux kernel i40e driver. When VSI setup fails during PF switch in i40e_probe(), the code attempted to free misc IRQ vectors in i40e_clear_interrupt_scheme, potentially freeing an IRQ that had not been allocated yet, leading to a kernel Oops (example trace sho...

DoS (Denial of Service) com.google.code.gson:gson Dependency in Crucible Data Center and Server

This High severity com.google.code.gson:gson Dependency vulnerability was introduced in version 4.8.0 of Crucible Data Center and Server. This com.google.code.gson:gson Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

SUSE CVE-2024-35873

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...

SUSE CVE-2024-35911

In the Linux kernel, the following vulnerability has been resolved: ice: fix memory corruption bug with suspend and rebuild The ice driver would previously panic after suspend. This is caused from the driver only calling the icevsifreeqvectors function by itself, when it is suspending. Since comm...

CVE-2024-35873

A vulnerability was found in the Linux kernel, affecting the RISC-V architecture. It arises during the restoration of the vector state in the rtsigreturn syscall after a signal handler is executed. The bug occurs when the live vector state is discarded and marked as "dirty," leading to corruption...

CVE-2024-35873

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...

DEBIAN-CVE-2024-35873

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...

CVE-2024-35873

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...

UBUNTU-CVE-2024-35873

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...

CVE-2024-35873 riscv: Fix vector state restore in rt_sigreturn()

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...

CVE-2024-35873 riscv: Fix vector state restore in rt_sigreturn()

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...

CVE-2024-35873 riscv: Fix vector state restore in rt_sigreturn()

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...

CVE-2024-35873

CVE-2024-35873 is a Linux kernel vulnerability affecting the RISC-V vector state handling during rt_sigreturn. A bug in the restoration path with vector state discard could cause the live vector state and vstate to diverge, and when the vectorized path of user_from_copy() is chosen (CONFIG_RISCV_...

PT-2024-26766 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises when a userland application is executing vector code and receives a signal. Upon returning from the signal handler using the rt sigreturn syscall, the live vector stat...

Nix 安全漏洞

Nix is a powerful package manager from the Nix open source. It is used for making packages. A security vulnerability exists in Nix 2.22.1 and earlier versions that stems from mishandling certain uses of the hash cache, making it easier for an attacker to replace current source code with...

DoS (Denial of Service) com.thoughtworks.xstream:xstream Dependency in Jira Software Data Center and Server

This High severity com.thoughtworks.xstream:xstream Dependency vulnerability was introduced in versions 8.20.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, and 9.7.0 of Jira Software Data Center and Server. This com.thoughtworks.xstream:xstream Dependency vulnerability, with a CVSS Score of...

The vulnerability of the Glib library, related to buffer overflows in dynamic memory, allows attackers to execute arbitrary code.

The vulnerability of the Glib library is related to overflowing buffers in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

SUSE CVE-2024-29895

Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...

kernel: untrusted VMM can trigger int80 syscall handling

A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side...