5 matches found
vm2 is Vulnerable to Host File Path Disclosure via Stack Trace Information Leak
Summary vm2's CallSite wrapper class intended as a safe wrapper for V8's native CallSite blocks getThis and getFunction to prevent host object leakage, but allows getFileName to return unsanitized host absolute paths. Any sandboxed code can extract the full directory structure, library paths, and...
CVE-2023-54073 tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
In the Linux kernel, the following vulnerability has been resolved: tpm: Add !tpmamdisrngdefective to the hwrngunregister call site The following crash was reported: 1950.279393 listdel corruption, ffff99560d485790-next is NULL 1950.279400 ------------ cut here ------------ 1950.279401 kernel BUG...
Linux kernel 安全漏洞
Linux kernel is a product of the United States, etc. It is a product of the United States Linux Foundation. Linux kernel is the kernel used by the open-source operating system Linux. freeBSD ctl, etc. It is a product of the FreeBSD Foundation. ctl is a tool. LangGenius dify, etc. It is an...
SUSE CVE-2022-49350
In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a free...
kernel: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUGON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the code asserts a BUGON, a...