OpenStack: malicious qcow2/vmdk images

An input validation flaw was discovered in how multiple OpenStack services validate images with backing file references. An authenticated attacker could provide a malicious image via upload, or by creating and modifying an image from an existing volume. Validation of images can be triggered durin...

SUSE CVE-2024-38306

In the Linux kernel, the following vulnerability has been resolved: btrfs: protect folio::private when attaching extent buffer folios BUG Since v6.8 there are rare kernel crashes reported by various people, the common factor is bad page status error messages like this: BUG: Bad page state in...

SUSE CVE-2024-38664

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpdpsub: Always register bridge We must always register the DRM bridge, since zynqmpdphpdworkfunc calls drmbridgehpdnotify, which in turn expects hpdmutex to be initialized. We do this before zynqmpdpsubdrminit since tha...

AZL-42919 CVE-2024-38664 affecting package kernel for versions less than 5.15.160.1-1

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpdpsub: Always register bridge We must always register the DRM bridge, since zynqmpdphpdworkfunc calls drmbridgehpdnotify, which in turn expects hpdmutex to be initialized. We do this before zynqmpdpsubdrminit since tha...

SUSE CVE-2024-38564

In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...

SUSE CVE-2021-47583

In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported, that mxl111sfctrlmsg uses uninitialized mutex. The problem was in wrong mutexinit location. Previous mutexinit&state-msglock call was in -init function, but dvbusbv2init...

Unspecified Vulnerability in JetBrains YouTrack (CNVD-2025-16877)

JetBrains YouTrack is a project management tool that supports cloud hosting and local deployment, and is primarily geared towards team collaboration management, especially suitable for software development, human resources, marketing, and other scenarios. JetBrains YouTrack suffers from a securit...

DEBIAN-CVE-2021-47583

In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported, that mxl111sfctrlmsg uses uninitialized mutex. The problem was in wrong mutexinit location. Previous mutexinit&state-msglock call was in -init function, but dvbusbv2init...

UBUNTU-CVE-2021-47583

In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported, that mxl111sfctrlmsg uses uninitialized mutex. The problem was in wrong mutexinit location. Previous mutexinit&state-msglock call was in -init function, but dvbusbv2init...

CVE-2024-38564

In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...

AZL-68606 CVE-2024-38564 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...

CVE-2024-38564

CVE-2024-38564 relates to the Linux kernel BPF subsystem: a missing attach_type enforcement for BPF_PROG_TYPE_CGROUP_SKB in BPF_LINK_CREATE could allow CGROUP_SKB programs to attach to inappropriate cgroup hooks. The patch adds enforcement in link_create and uses bpf_prog_attach_check_attach_type...

CVE-2024-38564 bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE

In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...

CVE-2024-38564 bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE

In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...

CVE-2024-38506

In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows...

CVE-2024-38506

In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows...

CVE-2024-38504

In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articles...

CVE-2024-38506

In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows...

CVE-2024-38506

In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows...

CVE-2024-38506

JetBrains YouTrack (affected: versions before 2024.2.34646) contains a vulnerability where a user without appropriate permissions could enable the auto-attach option for workflows. The issue is documented in CVE-2024-38506; the available sources describe the affected product/version and the misco...