CVE-2024-57806

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction atomicity bug when enabling simple quotas Set squota incompat bit before committing the transaction that enables the feature. With the config CONFIGBTRFSASSERT enabled, an assertion failure occurs regarding...

PT-2025-3682 · Ember · Ember Znet Stack

Name of the Vulnerable Software and Affected Versions: Ember ZNet stack affected versions not specified Description: A malformed packet can cause a buffer overflow in the APS layer of the Ember ZNet stack and lead to an assert. Recommendations: At the moment, there is no information about a newer...

Silicon Labs Ember ZNet 安全漏洞

Silicon Labs Ember ZNet is a protocol stack software from Silicon Labs, Inc. A security vulnerability exists in Silicon Labs Ember ZNet that originates from a buffer overflow that occurs during the processing of malformed packets at the APS layer, which may result in an assertion failure...

SUSE CVE-2024-57806

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction atomicity bug when enabling simple quotas Set squota incompat bit before committing the transaction that enables the feature. With the config CONFIGBTRFSASSERT enabled, an assertion failure occurs regarding...

CVE-2024-57806

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction atomicity bug when enabling simple quotas Set squota incompat bit before committing the transaction that enables the feature. With the config CONFIGBTRFSASSERT enabled, an assertion failure occurs regarding...

CVE-2024-57806 btrfs: fix transaction atomicity bug when enabling simple quotas

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction atomicity bug when enabling simple quotas Set squota incompat bit before committing the transaction that enables the feature. With the config CONFIGBTRFSASSERT enabled, an assertion failure occurs regarding...

CVE-2024-57806

CVE-2024-57806 relates to a Linux kernel btrfs quota (SIMPLE_QUOTA) atomicity bug. The fix ensures the BTRFS_FEATURE_INCOMPAT_SIMPLE_QUOTA flag is set immediately after enabling SIMPLE_MODE, so both the quota status flag and the incompat flag are flushed in the same transaction. Without this, a s...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the Btrfs file system not setting the squota incompatibility bit before committing a transaction when simple...

Silicon Simplicity SDK 安全漏洞

The Silicon Simplicity SDK is an embedded software development platform from Silicon, Inc. for building Internet of Things IoT products based on our Series 2 and upcoming Series 3 wireless and MCU devices. A security vulnerability exists in Silicon Simplicity SDK versions prior to 2024.12.0, whic...

CVE-2024-8361

In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, which subsequently causes a Denial of Service DoS. If a watchdog is implemented, device will restart after watch dog expires. If watchdog is not...

CVE-2024-8361 DoS caused due to wrong hash length returned for SHA2/224 algorithm

In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, which subsequently causes a Denial of Service DoS. If a watchdog is implemented, device will restart after watch dog expires. If watchdog is not...

CVE-2024-8361

In SiWx91x devices, CVE-2024-8361 describes a DoS caused by SHA2/224 producing a 256-bit hash instead of 224 bits, triggering a software assertion. The issue is documented across multiple sources (NVD, Red Hat, CVE listing). Affected component is the SHA2/224 implementation; root cause is incorre...

Silicon SiWx91x 安全漏洞

The Silicon SiWx91x is a radio board from Silicon Technology Silicon. A security vulnerability exists in the Silicon SiWx91x that stems from an incorrect hash length triggering a software assertion, which could lead to a denial of service DoS...

CVE-2024-20152

In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00389047 / ALPS09136505; Issue...

libreswan: IKEv1 default AH/ESP responder can crash and restart

A flaw was found in Libreswan, where it was identified to contain an assertion failure issue in the computeprotokeymat function. The vulnerability can be exploited when an IKEv1 connection is loaded with an AH/ESP default setting when no esp= line is present in the connection. This flaw allows an...

libreswan: Invalid IKEv2 REKEY proposal causes restart

An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...

PT-2025-34937

Name of the Vulnerable Software and Affected Versions: Kea versions 2.7.1 through 2.7.9 Kea version 3.0.0 Kea version 3.1.0 Description: If a DHCPv4 client sends a request with specific options and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an...

CVE-2024-56705

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Add check for rgbydata memory allocation failure In iacss3astatisticsallocate, there is no check on the allocation result of the rgbydata memory. If rgbydata is not successfully allocated, it may trigger the...

UBUNTU-CVE-2024-56705

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Add check for rgbydata memory allocation failure In iacss3astatisticsallocate, there is no check on the allocation result of the rgbydata memory. If rgbydata is not successfully allocated, it may trigger the...

UBUNTU-CVE-2024-56635

In the Linux kernel, the following vulnerability has been resolved: net: avoid potential UAF in defaultoperstate syzbot reported an UAF in defaultoperstate 1 Issue is a race between device and netns dismantles. After calling rtnlunlock from netdevruntodo, we can not assume the netns of each devic...