2321 matches found
UBUNTU-CVE-2024-53232
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug iommugroupsetdomainnofail attaching the default domain fails when the platform no...
CVE-2024-56532
CVE-2024-56532 affects the Linux kernel’s ALSA us122l code path. The USB disconnect callback previously waited for all fds to close due to snd_card_free(), which could block upper-layer USB ioctls and trigger a soft lockup. The cited fixes switch to snd_card_free_when_closed(), enabling asynchron...
CVE-2024-53232 iommu/s390: Implement blocking domain
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug iommugroupsetdomainnofail attaching the default domain fails when the platform no...
CVE-2024-53232
CVE-2024-53232 refers to a Linux kernel vulnerability in the IOMMU code for s390, where during surprise hot-unplug of a PCI device, attaching the default domain could fail and lead to a NULL domain pointer and a use-after-free. The fix introduces a blocking domain to handle devices that were alre...
CVE-2024-53232 iommu/s390: Implement blocking domain
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug iommugroupsetdomainnofail attaching the default domain fails when the platform no...
CVE-2024-53232 iommu/s390: Implement blocking domain
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug iommugroupsetdomainnofail attaching the default domain fails when the platform no...
PT-2024-35654 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.8.0-2024-03-19-intel-next-iLS-24ww14 Description: The issue is related to possible deadlocks in the Bluetooth management MGMT component of the Linux kernel, caused by the hci cmd sync dequeue function. This ca...
The vulnerability of the `__bch2_ioctl_subvolume_create()` function in the `fs/bcachefs/fs-ioctl.c` module of the bcachefs component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the bch2ioctlsubvolumecreate function in the fs/bcachefs/fs-ioctl.c module of the bcachefs component of the Linux operating system is related to a crash due to repeated resource blocking. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the md component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the md component in the Linux operating system’s kernel is related to improper blocking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the HDMI component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the HDMI core component in the Linux operating system is related to incorrect blocking in the hdmigetmodes function. Exploiting this vulnerability can allow an attacker to cause a service failure...
Major Enhancements to Akamai API Security, Q4 2024
The Akamai API Security updates 3.38, 3.39, and 3.40 include configurable blocking, the automatic creation of posture findings from runtime incidents, and more...
OESA-2024-2579 undertow security update
Java web server using non-blocking IO Security Fixes: Description: Product Security received a report that Undertow might incorrectly re-use an HTTP request header value from a previous stream for a request associated with a subsequent stream on the same HTTP/2 connection. The issue is linked to...
The vulnerability of the cdc-wdm component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the cdc-wdm component in the Linux operating system’s kernel is related to incorrect blocking in the wdmintcallback function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Linux operating system’s kernel component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s kernel component is related to incorrect blocking in the ueventshow function. Exploiting this vulnerability can allow an attacker to cause a service failure...
Bitcoin Core 安全漏洞
Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in Bitcoin Core 27.2 and earlier versions that stems from allowing transaction relay blocking via an offline protocol attack...
The vulnerability of the epoll kernel component in the Linux operating system, which allows a hacker to trigger a service failure
The vulnerability of the epoll kernel component in the Linux operating system is related to improper blocking in the epeventpollpoll function. Exploiting this vulnerability can allow an attacker to cause a service failure...
Regular Expression Denial of Service (ReDoS)
Overview tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to inefficient cookie parsing that results in quadratic performance. An attacker...
CVE-2024-53052
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: fix missing NOWAIT check for ODIRECT start write When iouring starts a write, it'll call kiocbstartwrite to bump the super block rwsem, preventing any freezes from happening while that write is in-flight. The freeze...
The vulnerability of the tls component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the tls component in the Linux operating system’s kernel is related to improper blocking of resources in the tlsswrecvmsg function. Exploiting this vulnerability can allow an attacker to cause a service failure...
openSUSE Security Advisory (SUSE-SU-2024:4036-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...