kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed

In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...

kernel: tipc: force a dst refcount before doing decryption

A vulnerability was found in the Linux kernel's TIPC module, where a reference count on the destination entry was not enforced before decryption. This issue arises due to potential asynchronous returns from crypto requests, which could lead to crash...

kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed

In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...

CVE-2024-33032

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it...

kernel: ovl: fix use after free in struct ovl_aio_req

A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 "ovl: fix use...

The vulnerability of the ASGI framework for web development in Starlette, related to the allocation of unlimited memory, allows attackers to trigger a service failure.

The vulnerability of the ASGI framework for web development in Starlette is related to the allocation of unlimited memory. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

PT-2024-38738 · WordPress · The Fileorganizer

Name of the Vulnerable Software and Affected Versions: The FileOrganizer – Manage WordPress and Website Files plugin for WordPress versions up to, and including, 1.0.9 Description: The issue is related to arbitrary file uploads due to missing file type validation in the fileorganizer ajax handler...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2714)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-2614)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2731)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2024-2766)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-9584

The Image Map Pro plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the AJAX functions in versions up to, and including, 6.0.20. This makes it possible for authenticated attackers with contributor-level privileges or abov...

WordPress plugin Image Map Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

ROS-20241021-10

The vulnerability of the SI library for asynchronous DNS c-ares queries is related to failure to take measures to protect the structure of a web page. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to sensitive data, compromis...

DEBIAN-CVE-2024-50047

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption large read crashes with a slab-use-after-free way down in the crypto API. Reproducer: mount.cifs -o ...,seal,esize=1 //srv/share /mnt dd if=/mnt/largefile...

AZL-51111 CVE-2024-50035 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...

AZL-51242 CVE-2024-50035 affecting package kernel for versions less than 6.6.57.1-1

In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...

DEBIAN-CVE-2024-50035

In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...

DEBIAN-CVE-2024-49974

In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimited number of 4MB...

AZL-52116 CVE-2024-49974 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimited number of 4MB...