DEBIAN-CVE-2023-52969

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

AZL-58082 CVE-2023-52969 affecting package mariadb for versions less than 10.11.15-1

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

CVE-2023-52969

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

CVE-2023-52969

Disclaimer: This data contains information about vulnerable...

CVE-2023-52969

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

CVE-2023-52969

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

CVE-2022-49308 extcon: Modify extcon device to be created after driver data is set

In the Linux kernel, the following vulnerability has been resolved: extcon: Modify extcon device to be created after driver data is set Currently, someone can invoke the sysfs such as stateshow intermittently before devsetdrvdata is done. And it can be a cause of kernel Oops because of edev is Nu...

CVE-2024-53118 vsock: Fix sk_error_queue memory leak

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix skerrorqueue memory leak Kernel queues MSGZEROCOPY completion notifications on the error queue. Where they remain, until explicitly recved. To prevent memory leaks, clean up the queue when the socket is destroyed...

CVE-2024-53047 mptcp: init: protect sched with rcu_read_lock

In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcureadlock Enabling CONFIGPROVERCULIST with its dependence CONFIGRCUEXPERT creates this splat when an MPTCP socket is created: ============================= WARNING: suspicious RCU usage 6.12.0-rc...

CVE-2024-53042 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()

In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. Fix by using...

CVE-2024-50252 mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for encapsulation in linear memory that is managed by the driver. Changing the remote address of an ip6gre net...

CVE-2022-49013

CVE-2022-49013 affects the Linux kernel SCTP path: a memory leak in sctp_stream_outq_migrate() where the object pointed by prio_head is not released when releasing stream out resources. The description includes a concrete memory-leak instance and a backtrace showing allocation paths, indicating r...

CVE-2022-48975 gpiolib: fix memory leak in gpiochip_setup_dev()

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix memory leak in gpiochipsetupdev Here is a backtrace report about memory leak detected in gpiochipsetupdev: unreferenced object 0xffff88810b406400 size 512: comm "python3", pid 1682, jiffies 4295346908 age 24.090s...

CVE-2022-48975 gpiolib: fix memory leak in gpiochip_setup_dev()

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix memory leak in gpiochipsetupdev Here is a backtrace report about memory leak detected in gpiochipsetupdev: unreferenced object 0xffff88810b406400 size 512: comm "python3", pid 1682, jiffies 4295346908 age 24.090s...

CVE-2022-48975

CVE-2022-48975 concerns a memory leak in Linux kernel GPIO handling. The backtrace shows the leak occurs during gpiochip_setup_dev() when registering GPIO devices, with resources allocated in device_private_init() not released on error paths. The fix moves the release logic to use put_device() to...

CVE-2024-47713 wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211dostop Since 'devqueuexmit' should be called with interrupts enabled, the following backtrace: ieee80211dostop ... spinlockirqsave&local-queuestopreasonlock, flags...

CVE-2024-46830

CVE-2024-46830 affects the Linux kernel KVM for x86. The vulnerability arises when acquiring kvm->srcu while handling KVM_SET_VCPU_EVENTS, because KVM will forcibly leave nested VMX/SVM during SMM toggling and leaving nested VMX can read guest memory. The described fix: grab SRCU unconditional...

CVE-2024-44980

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix opregion leak Being part o the display, ideally the setup and cleanup would be done by display itself. However this is a bigger refactor that needs to be done on both i915 and xe. For now, just fix the leak:...

QNAP NAS/NVR Administrator Hash Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNAP NAS/NVR Administrator Hash Disclosure', 'Description' = %q This module exploits combined heap and stack buffer overflows for QNAP NAS and NV...

CVE-2024-43876

In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN to devwarnratelimited in rcarpciewakeup Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is in need of maintenance, or t...