GHSA-HVP4-VRV2-8WRQ Kinto Attachment's attachments can be replaced on read-only records

Impact The attachment file of an existing record can be replaced if the user has "read" permission on one of the parent collection or bucket. And if the "read" permission is given to "system.Everyone" on one of the parent, then the attachment can be replaced on a record using an anonymous request...

CVE-2023-6356

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...

CVE-2024-0911

A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash...

CVE-2024-24859

A race condition was found in the Linux kernel's net/bluetooth in sniffmin,maxintervalset function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service...

CVE-2024-24855

A race condition was found in the Linux kernel's scsi device driver in lpfcunregisterfcfrescan function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue...

CVE-2024-1085

A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The nftsetelemcatchalldeactivate function checks whether the catch-all set element is active in the current generation instead of the next generation before...

CVE-2023-46838

Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts are directly translate...

CVE-2023-52340

The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c maxsize threshold that can be consumed easily, e.g., leading to a denial of service network is unreachable errors when IPv6 packets are sent in a loop via a raw socket...

CVE-2024-23307

Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM md, raid, raid5 modules allows Forced Integer Overflow...

CVE-2023-39197

An out-of-bounds read vulnerability was found in Netfilter Connection Tracking conntrack in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol...

CVE-2023-46343

In the Linux kernel before 6.5.9, there is a NULL pointer dereference in sendacknowledge in net/nfc/nci/spi.c...

CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

CVE-2024-23850

In btrfsgetrootref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation...

CVE-2024-23848

In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c...

CVE-2024-0775

A use-after-free flaw was found in the ext4remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free...

CVE-2023-6531

A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unixstreamreadgeneric on the socket that the SKB is queued on...

CVE-2024-0639

A denial of service vulnerability due to a deadlock was found in sctpautoasconfinit in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system...

CVE-2024-0646

An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CVE-2023-45236

EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...

CVE-2023-45231

EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...