CVE-2024-50614

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

CVE-2024-44331

A flaw was found in GStreamer RTSP server. In certain versions, specially-crafted requests may trigger an assertion failure in the server, which can lead to a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...

SUSE SLES15: qemu / qemu-SLOF / qemu-accel-tcg-x86 / qemu-audio-alsa / etc (SUSE-SU-2024:3744-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3744-1 advisory. Security fixes: - CVE-2024-8354: Fixed assertion failure in usbepget bsc1230834 - CVE-2024-8612: Fixed information leak in virtio devices...

CVE-2024-49932

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't readahead the relocation inode on RST On relocation we're doing readahead on the relocation inode, but if the filesystem is backed by a RAID stripe tree we can get ENOENT e.g. due to preallocated extents not being...

AZL-51159 CVE-2024-50041 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix macvlan leak by synchronizing access to macfilterhash This patch addresses a macvlan leak issue in the i40e driver caused by concurrent access to vsi-macfilterhash. The leak occurs when multiple threads attempt to modif...

CVE-2024-49932

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't readahead the relocation inode on RST On relocation we're doing readahead on the relocation inode, but if the filesystem is backed by a RAID stripe tree we can get ENOENT e.g. due to preallocated extents not being...

AZL-52938 CVE-2024-49932 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't readahead the relocation inode on RST On relocation we're doing readahead on the relocation inode, but if the filesystem is backed by a RAID stripe tree we can get ENOENT e.g. due to preallocated extents not being...

CVE-2024-49932

CVE-2024-49932 affects the Linux kernel’s btrfs relocation path. The issue arises when relocating data extents on RAID stripe trees: readahead on the relocation inode may receive ENOENT from a RAID-based lookup, but the code does not handle the error, leading to invalid reads and a kernel bug in ...

CVE-2024-49932 btrfs: don't readahead the relocation inode on RST

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't readahead the relocation inode on RST On relocation we're doing readahead on the relocation inode, but if the filesystem is backed by a RAID stripe tree we can get ENOENT e.g. due to preallocated extents not being...

CVE-2024-45795 Suricata detect/datasets: reachable assertion with unimplemented rule option

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service...

CVE-2024-45795 Suricata detect/datasets: reachable assertion with unimplemented rule option

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service...

GHSA-XGFV-XPX8-QHCR Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak

A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Referen...

UBUNTU-CVE-2024-45403

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, th...

CVE-2024-45396 Quicly assertion failures

Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using quicly. The vulnerability is addressed with commit...

PT-2024-31600 · Quicly · Quicly

Name of the Vulnerable Software and Affected Versions: Quicly versions up to commtit d720707 Description: Quicly is an IETF QUIC protocol implementation. It is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes the...

quicly 安全漏洞

quicly is a H2O open source implementation of the IETF QUIC protocol. A security vulnerability exists in quicly that stems from vulnerability to denial-of-service attacks, which can be exploited by a remote attacker to trigger an assertion failure that can lead to a process crash...

EulerOS 2.0 SP12 : bind (EulerOS-SA-2024-2520)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded...

EulerOS 2.0 SP11 : bind (EulerOS-SA-2024-2571)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded...

EulerOS 2.0 SP12 : bind (EulerOS-SA-2024-2496)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded...

EulerOS 2.0 SP11 : bind (EulerOS-SA-2024-2545)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded...