81 matches found
kernel: jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
A flaw was found in the jbd2 module in the Linux kernel. An assertion failure can be triggered when a specific sequence of transactions and operations is performed due to incorrect synchronization, potentially resulting in a denial of service...
kernel: drm/amdgpu: drop redundant sched job cleanup when cs is aborted
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: drop redundant sched job cleanup when cs is aborted Once command submission failed due to userptr invalidation in amdgpucssubmit, legacy code will perform cleanup of scheduler job. However, it's not needed at all, as...
CVE-2024-26644 btrfs: don't abort filesystem when attempting to snapshot deleted subvolume
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction aborted error -2 WARNIN...
CVE-2023-32977
Jenkins Pipeline: Job Plugin does not escape the display name of the build that caused an earlier build to be aborted, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to set build display names immediately...
SUSE CVE-2005-2794
store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service crash via certain aborted requests that trigger an assert error related to STOREPENDING...
SUSE CVE-2005-2970
Memory leak in the worker MPM worker.c for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service memory consumption via aborted connections, which prevents the memory for the transaction pool from being reused for other connections...
SUSE CVE-2014-0230
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service thread consumption via a series of aborted uploa...
Mozilla: Use-after-free in Garbage Collection
The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash...
Mozilla: Use-after-free in Garbage Collection
The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash...
Mozilla: Use-after-free in Garbage Collection
The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash...
Mozilla: Use-after-free in Garbage Collection
The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash...
SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:4085-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4085-1 advisory. - A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result ...
GSD-2022-1006142 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...
GSD-2022-1005839 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.137 by commit...
PT-2024-11815
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue occurs during the driver initialization process in the Linux kernel, specifically in the drm/i915/gt module, where some engines may be fully set up while others are not, leadin...
GSD-2022-1004510 scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted
scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.49 by commit...
GHSA-PXCX-CXQ8-4MMW Uncontrolled Resource Consumption in Apache Tomcat
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service thread consumption via a series of aborted uploa...
mariadb: save_window_function_values triggers an abort during IN subquery
savewindowfunctionvalues in MariaDB before 10.6.3 allows an application crash because of incorrect handling of withwindowfunc=true for a subquery...
GSD-2022-1000539 scsi: pm8001: Fix use-after-free for aborted TMF sas_task
scsi: pm8001: Fix use-after-free for aborted TMF sastask This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.11 by commit...
GSD-2022-1000538 scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
scsi: pm8001: Fix use-after-free for aborted SSP/STP sastask This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.11 by commit...