1401 matches found
CVE-2024-35814
In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling Commit bbb73a103fbb "swiotlb: fix a braino in the alignment check fix", which was a fix for commit 0eee5ae10256 "swiotlb: fix slot alignment checks", causes...
UBUNTU-CVE-2024-35814
In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling Commit bbb73a103fbb "swiotlb: fix a braino in the alignment check fix", which was a fix for commit 0eee5ae10256 "swiotlb: fix slot alignment checks", causes...
CVE-2024-35814 swiotlb: Fix double-allocation of slots due to broken alignment handling
In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling Commit bbb73a103fbb "swiotlb: fix a braino in the alignment check fix", which was a fix for commit 0eee5ae10256 "swiotlb: fix slot alignment checks", causes...
CVE-2024-35814 swiotlb: Fix double-allocation of slots due to broken alignment handling
In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling Commit bbb73a103fbb "swiotlb: fix a braino in the alignment check fix", which was a fix for commit 0eee5ae10256 "swiotlb: fix slot alignment checks", causes...
OESA-2024-1541 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd numbers, the zone size will become ...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-52620 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attrallocatefra...
SUSE CVE-2024-26926
In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in bindergetobject Commit 6d98eb95b450 "binder: avoid potential data leakage when copying txn" introduced changes to how binder objects are copied. In doing so, it unintentionally removed an offset...
CLSA-2024-1714073581 Fix of 16 CVEs
Jammy update: v5.15.81 upstream stable release LP: 2003130 // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipcconnalloc - tipc: add an extra connget in tipcconnalloc CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with lega...
CLSA-2024-1714065191 Fix of 9 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of...
CLSA-2024-1714065005 Fix of 9 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of...
DEBIAN-CVE-2024-26926
In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in bindergetobject Commit 6d98eb95b450 "binder: avoid potential data leakage when copying txn" introduced changes to how binder objects are copied. In doing so, it unintentionally removed an offset...
CVE-2024-26926
In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in bindergetobject Commit 6d98eb95b450 "binder: avoid potential data leakage when copying txn" introduced changes to how binder objects are copied. In doing so, it unintentionally removed an offset...
UBUNTU-CVE-2024-26926
In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in bindergetobject Commit 6d98eb95b450 "binder: avoid potential data leakage when copying txn" introduced changes to how binder objects are copied. In doing so, it unintentionally removed an offset...
CVE-2024-26926 binder: check offset alignment in binder_get_object()
In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in bindergetobject Commit 6d98eb95b450 "binder: avoid potential data leakage when copying txn" introduced changes to how binder objects are copied. In doing so, it unintentionally removed an offset...
CVE-2024-26926
CVE-2024-26926 : The Linux kernel vulnerability concerns the binder subsystem. After commit 6d98eb95, an offset alignment check was removed from binder_alloc_copy_from_buffer()/check_buffer(), and answers were copied in binder_get_object() via copy_from_user(), which now requires an explicit offs...
CVE-2024-26926 binder: check offset alignment in binder_get_object()
In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in bindergetobject Commit 6d98eb95b450 "binder: avoid potential data leakage when copying txn" introduced changes to how binder objects are copied. In doing so, it unintentionally removed an offset...
CISO Perspectives on Complying with Cybersecurity Regulations
Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance i...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the removal of an offset alignment check done by calling binderalloccopyfrombuffer - checkbuffer...
CVE-2024-2650
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the alignment parameter in the Woo Product Carousel widget in all versions up to, and including, 5.9.10 due to insufficient inp...
CVE-2024-1458
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘textalignment’ attribute of the Animated Text widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for...