468 matches found
PT-2025-4847 · Boltdb +2 · Boltdb +2
Name of the Vulnerable Software and Affected Versions: zot versions prior to 2.1.2 Description: The issue arises from the way group data is stored for users in the boltdb database, specifically as an append-list. This leads to group revocations or removals being ignored in the API. When a user lo...
SUSE CVE-2024-43098
In the Linux kernel, the following vulnerability has been resolved: i3c: Use i3cdev-desc-info instead of calling i3cdevicegetinfo to avoid deadlock A deadlock may happen since the i3cmasterregister acquires &i3cbus-lock twice. See the log below. Use i3cdev-desc-info instead of calling i3cdevicein...
AZL-56321 CVE-2024-43098 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: i3c: Use i3cdev-desc-info instead of calling i3cdevicegetinfo to avoid deadlock A deadlock may happen since the i3cmasterregister acquires &i3cbus-lock twice. See the log below. Use i3cdev-desc-info instead of calling i3cdevicein...
PT-2024-37062 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel, specifically with the erofs file system. It has been resolved by adjusting sb-s blocksize, bits directly for file-backed mounts when the file syste...
CVE-2024-56685
Technical details about CVE-2024-56685 are not provided in the connected documents. Public information and exact affected components/versions, exploitation status, and fixes are not available here; monitor for updates and official advisories.
DEBIAN-CVE-2024-53180
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Add sanity NULL check for the default mmap fault handler A driver might allow the mmap access before initializing its runtime-dmaarea properly. Add a proper NULL check before passing to virttopage for avoiding a panic...
UBUNTU-CVE-2024-56544
In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGESIZE 4096, MAXPAGEORDER 10, 64bit machine, pagealloc only support 4MB. If above this, trigger this warn and return NULL. udmabuf can change size limit, if change it t...
kernel: powerpc/eeh: avoid possible crash when edev->pdev changes
In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: avoid possible crash when edev-pdev changes If a PCI device is removed during eehpereportedev, edev-pdev will change and can cause a crash, hold the PCI rescan/remove lock while taking a copy of edev-pdev-bus...
kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...
KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock
...
AZL-53450 CVE-2024-50169 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: vsock: Update rxbytes on readskb Make sure virtiotransportincrxpkt and virtiotransportdecrxpkt calls are balanced i.e. virtiovsocksock::rxbytes doesn't lie after vsocktransport::readskb. While here, also inform the peer that we'v...
kernel: drm/amdgpu: avoid using null object of framebuffer
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state-fb-obj0 directly, get object from framebuffer by calling drmgemfbgetobj and return error code when object is null to avoid using null object of framebuffer...
SUSE-SU-2024:3547-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48911: kabi: add nfqueuegetrefs for kabi compliance. bsc1229633. - CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment bsc1229662 -...
Malicious Package
Overview juno-composer is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...
CVE-2024-46989 Multiple caveats on resources of the same type can result in no permission when permission is expected
spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Multiple caveats over the same indirect subject type on the same relation can result in no permission being returned when permission is expected. If the resourc...
DEBIAN-CVE-2024-46694
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid using null object of framebuffer Instead of using state-fb-obj0 directly, get object from framebuffer by calling drmgemfbgetobj and return error code when object is null to avoid using null object of...
f2fs: fix to remove unnecessary f2fs_bug_on() to avoid panic
...
How to avoid election related scams
With the US election campaigns at full throttle, scammers have taken a renewed interest in the ways this can be used to defraud people, often using the same tactics legitimate campaigns leverage for support emails, text messages, phone calls, and social media pleas. The lure that we have seen the...
CVE-2022-48877
In the Linux kernel, the following vulnerability has been resolved: f2fs: let's avoid panic if extenttree is not created This patch avoids the below panic. pc : lookupextenttree+0xd8/0x760 lr : f2fsdowritedatapage+0x104/0x87c sp : ffffffc010cbb3c0 x29: ffffffc010cbb3e0 x28: 0000000000000000 x27:...
DEBIAN-CVE-2022-48877
In the Linux kernel, the following vulnerability has been resolved: f2fs: let's avoid panic if extenttree is not created This patch avoids the below panic. pc : lookupextenttree+0xd8/0x760 lr : f2fsdowritedatapage+0x104/0x87c sp : ffffffc010cbb3c0 x29: ffffffc010cbb3e0 x28: 0000000000000000 x27:...