11 matches found
Unbreakable Enterprise kernel security update
6.12.0-1.23.3.1 - x86/bhi: Do not set BHIDISS in 32-bit mode Pawan Gupta Orabug: 37920680 - x86/bpf: Add IBHF call at end of classic BPF Daniel Sneddon Orabug: 37920680 - x86/bpf: Call branch history clearing sequence on exit Daniel Sneddon Orabug: 37920680 - selftest/x86/bugs: Add selftests for...
CVE-2024-50061 i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition
In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdnsi3cmaster Driver Due to Race Condition In the cdnsi3cmasterprobe function, &master-hjwork is bound with cdnsi3cmasterhj. And cdnsi3cmasterinterrupt can call...
CVE-2021-47429
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unrecoverable MCE calling async handler from NMI The machine check handler is not considered NMI on 64s. The early handler is the true NMI handler, and then it schedules the machinecheckexception handler to run...
CVE-2024-36009
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The devtracker is added to ax25cb in ax25bind. When the ax25 device is detaching, the devtracker of ax25cb should be deallocated in ax25killbydevice instead of the devtracker of ax25dev. The log...
CVE-2024-36009 ax25: Fix netdev refcount issue
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The devtracker is added to ax25cb in ax25bind. When the ax25 device is detaching, the devtracker of ax25cb should be deallocated in ax25killbydevice instead of the devtracker of ax25dev. The log...
CVE-2023-52629
In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The original code puts flushwork before timershutdownsync in switchdrvremove. Although we use flushwork to stop the worker, it could be rescheduled in...
Hyperledger: Fix : (Security) Mitigate Path Traversal Bug
Unsanitized input from arg0 argument flows into java.io.FileOutputStream, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files. Impact Being able to access and manipulate an arbitrary path leads to vulnerabilities when a...
How a simple Linux kernel memory corruption bug can lead to complete system compromise
An analysis of current and potential kernel security mitigations Posted by Jann Horn, Project Zero Introduction This blog post describes a straightforward Linux kernel locking bug and how I exploited it against Debian Buster's 4.19.0-13-amd64 kernel. Based on that, it explores options for securit...
Depth counting error in guard() leading to multiple potential security issues in aioxmpp
Impact Possible remote Denial of Service or Data Injection. Patches Patches are available in https://github.com/horazont/aioxmpp/pull/268. They have been backported to the 0.10 release series and 0.10.3 is the first release to contain the fix. Workarounds To make the bug exploitable, an error...
Exploit for Out-of-bounds Write in Sudo_Project Sudo
CVE-2019-18634 :warning: This code has only been tested on...
CGI bugs
No description provided...