8517 matches found
CVE-2021-47632
In the Linux kernel, the following vulnerability has been resolved: powerpc/setmemory: Avoid spinlock recursion in changepageattr Commit 1f9ad21c3b38 "powerpc/mm: Implement setmemory routines" included a spinlock to changepageattr in order to safely perform the three step operations. But then...
UBUNTU-CVE-2021-47632
In the Linux kernel, the following vulnerability has been resolved: powerpc/setmemory: Avoid spinlock recursion in changepageattr Commit 1f9ad21c3b38 "powerpc/mm: Implement setmemory routines" included a spinlock to changepageattr in order to safely perform the three step operations. But then...
CVE-2022-49406
In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blkiarangesysfsshow When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. As a result, in blkiarangesysfsshow, there is no need to...
CVE-2022-49406
The CVE-2022-49406 entry is active in Linux kernel and concerns a deadlock in blk_ia_range_sysfs_show() caused by unnecessary use of the queue sysfs lock during reads. The fix, as described in the sources, is to remove the mutex_lock()/mutex_unlock() calls from blk_ia_range_sysfs_show(), since th...
CVE-2022-49406 block: Fix potential deadlock in blk_ia_range_sysfs_show()
In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blkiarangesysfsshow When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. As a result, in blkiarangesysfsshow, there is no need to...
CVE-2022-49406 block: Fix potential deadlock in blk_ia_range_sysfs_show()
In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blkiarangesysfsshow When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. As a result, in blkiarangesysfsshow, there is no need to...
CVE-2022-49374
In the Linux kernel, the following vulnerability has been resolved: tipc: check attribute length for bearer name syzbot reported uninit-value: ===================================================== BUG: KMSAN: uninit-value in stringnocheck lib/vsprintf.c:644 inline BUG: KMSAN: uninit-value in...
CVE-2022-49374 tipc: check attribute length for bearer name
In the Linux kernel, the following vulnerability has been resolved: tipc: check attribute length for bearer name syzbot reported uninit-value: ===================================================== BUG: KMSAN: uninit-value in stringnocheck lib/vsprintf.c:644 inline BUG: KMSAN: uninit-value in...
CVE-2022-49374 tipc: check attribute length for bearer name
In the Linux kernel, the following vulnerability has been resolved: tipc: check attribute length for bearer name syzbot reported uninit-value: ===================================================== BUG: KMSAN: uninit-value in stringnocheck lib/vsprintf.c:644 inline BUG: KMSAN: uninit-value in...
CVE-2022-49374
CVE-2022-49374 affects the Linux kernel TIPC bearer path. The root cause is improper validation of the TIPC_NLA_BEARER_NAME attribute length in the bearer enable flow (net/tipc/bearer.c), with fixes implemented in the kernel (referenced commits in the advisory). The connected docs describe the sy...
CVE-2022-49374 tipc: check attribute length for bearer name
In the Linux kernel, the following vulnerability has been resolved: tipc: check attribute length for bearer name syzbot reported uninit-value: ===================================================== BUG: KMSAN: uninit-value in stringnocheck lib/vsprintf.c:644 inline BUG: KMSAN: uninit-value in...
CVE-2022-49329
In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...
CVE-2022-49329 vduse: Fix NULL pointer dereference on sysfs access
In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...
CVE-2022-49329 vduse: Fix NULL pointer dereference on sysfs access
In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from seg6hmacinit being marked as init and exported, which could cause the kernel to crash...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from spin-lock recursion in the changepageattr function...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mdiobusinit being marked as init and exported, which could cause the kernel to crash...
389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in logentryattr...
WordPress plugin Simple Signup Form SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A SQL injection...
WordPress plugin aBlocks 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...