2321 matches found
UBUNTU-CVE-2021-47406
In the Linux kernel, the following vulnerability has been resolved: ext4: add error checking to ext4extreplaysetiblocks If the call to ext4mapblocks fails due to an corrupted file system, ext4extreplaysetiblocks can get stuck in an infinite loop. This could be reproduced by running generic/526 wi...
SUSE CVE-2024-35932
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane-state-fb == state-fb Currently, when using non-blocking commits, we can see the following kernel warning: 110.908514 ------------ cut here ------------ 110.908529 refcountt: underflow; use-after-free...
DEBIAN-CVE-2024-35932
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane-state-fb == state-fb Currently, when using non-blocking commits, we can see the following kernel warning: 110.908514 ------------ cut here ------------ 110.908529 refcountt: underflow; use-after-free...
AZL-67691 CVE-2024-35932 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane-state-fb == state-fb Currently, when using non-blocking commits, we can see the following kernel warning: 110.908514 ------------ cut here ------------ 110.908529 refcountt: underflow; use-after-free...
UBUNTU-CVE-2024-35932
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane-state-fb == state-fb Currently, when using non-blocking commits, we can see the following kernel warning: 110.908514 ------------ cut here ------------ 110.908529 refcountt: underflow; use-after-free...
CVE-2024-35932
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane-state-fb == state-fb Currently, when using non-blocking commits, we can see the following kernel warning: 110.908514 ------------ cut here ------------ 110.908529 refcountt: underflow; use-after-free...
CVE-2024-35932 drm/vc4: don't check if plane->state->fb == state->fb
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane-state-fb == state-fb Currently, when using non-blocking commits, we can see the following kernel warning: 110.908514 ------------ cut here ------------ 110.908529 refcountt: underflow; use-after-free...
OESA-2024-1575 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox 84,...
OESA-2024-1574 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox 84,...
Site Reviews < 7.0.0 - IP Spoofing
Description The plugin retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based blocking PoC Request sent to the server to add review: POST /wordpress/wp-admin/admin-ajax.php HTTP/1.1 Host: localhost:8888...
The vulnerability of the PowerPanel Business’s monitoring and control system regarding authentication procedures allows unauthorized access by intruders to protected information.
The vulnerability of the PowerPanel Business monitoring and power source management system is related to deficiencies in authentication procedures, due to the absence of blocking mechanisms for substitution signs. Exploiting this vulnerability could allow an attacker operating remotely to gain...
Oracle Linux 9 : mod_http2 (ELSA-2024-2368)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2368 advisory. 2.0.26-1 - Resolves: RHEL-14691 - modhttp2 rebase to 2.0.26 Tenable has extracted the preceding description block directly from the Oracle Linux securi...
PT-2024-25900 · Mullvad · Mullvad Vpn
Name of the Vulnerable Software and Affected Versions: Mullvad VPN versions through 2024.1 Description: The issue allows DNS traffic to leave the device when Mullvad VPN on Android fails to create a tunnel and does not set a DNS server in the blocking state. This can result in sensitive DNS...
Moderate: Red Hat Security Advisory: pam security update
An update for pam is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
CVE-2023-52725
CVE-2023-52725 affects Open Networking Foundation ONOS onos-kpimon 0.4.7. The vulnerability arises from blocking the errCh channel inside the Start function of the monitoring package, causing resource exhaustion as the indication-processing goroutine cannot accept new messages. Public documents c...
[SECURITY] Fedora 39 Update: squid-6.9-1.fc39
Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...
[SECURITY] Fedora 39 Update: nodejs18-18.20.2-1.fc39
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 40 Update: nodejs18-18.20.2-1.fc40
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 40 Update: nodejs20-20.12.2-1.fc40
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
GHSA-6G7W-8WPP-FRHJ Denial of Service Vulnerability in Rustls Library
Summary rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. Details Verified at 0.22 and 0.23 rustls, but 0.21 and 0.20 release lines are also affected. tokio-rustls and rustls-ffi do not call completeio and are not affected. rustls::Stream and...