3975 matches found
kernel: cpufreq: exit() callback is optional
In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freqtable pointer even if the exit callback isn't present...
kernel: cpufreq: exit() callback is optional
In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freqtable pointer even if the exit callback isn't present...
EulerOS 2.0 SP11 : glibc (EulerOS-SA-2024-2099)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's nscd fixed size cache is exhausted by client requests then a...
EulerOS 2.0 SP11 : glibc (EulerOS-SA-2024-2082)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's nscd fixed size cache is exhausted by client requests then a...
CVE-2024-42239
CVE-2024-42239 affects the Linux kernel BPF timer cancellation path. The fix adds an atomic counter (cancelling) in bpf_hrtimer to track in-flight cancellation requests and prevents deadlocks when two callbacks attempt to cancel each other in parallel. The patch ensures that if a cancellation is ...
CVE-2024-41062
In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hcirxwork, where the former releases the sock and the latter accesses it without lock protection. CPU0 CPU1 ---- ----...
CVE-2024-41023
In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix taskstruct reference leak During the execution of the following stress test with linux-rt: stress-ng --cyclic 30 --timeout 30 --minimize --quiet kmemleak frequently reported a memory leak concerning the...
DEBIAN-CVE-2024-41062
In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hcirxwork, where the former releases the sock and the latter accesses it without lock protection. CPU0 CPU1 ---- ----...
UBUNTU-CVE-2024-41062
In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hcirxwork, where the former releases the sock and the latter accesses it without lock protection. CPU0 CPU1 ---- ----...
CVE-2024-41023 sched/deadline: Fix task_struct reference leak
In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix taskstruct reference leak During the execution of the following stress test with linux-rt: stress-ng --cyclic 30 --timeout 30 --minimize --quiet kmemleak frequently reported a memory leak concerning the...
CVE-2024-41023 sched/deadline: Fix task_struct reference leak
In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix taskstruct reference leak During the execution of the following stress test with linux-rt: stress-ng --cyclic 30 --timeout 30 --minimize --quiet kmemleak frequently reported a memory leak concerning the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a race condition between closing a socket and receiving a callback because the former releases the socket and th...
PT-2024-40824 · Flac · Flac
Name of the Vulnerable Software and Affected Versions: FLAC affected versions not specified Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the FLAC replaygain synthesis apply gain function, which is called from the write callback and...
RockOA cross-site scripting vulnerability (CNVD-2024-33675)
RockOA Xinhuo is an open source office OA system. A cross-site scripting vulnerability exists in RockOA 2.6.3, which originates from a callback parameter in the /webmain/public/upload/tplupload.html file containing cross-site scripting. No details of the vulnerability are available at this time...
CVE-2024-6939
A vulnerability was found in Xinhu RockOA 2.6.3 and classified as problematic. Affected by this issue is the function okla of the file /webmain/public/upload/tplupload.html. The manipulation of the argument callback leads to cross site scripting. The attack may be launched remotely. The exploit h...
PT-2024-37977 · Unknown · Xinhu Rockoa
Name of the Vulnerable Software and Affected Versions: Xinhu RockOA version 2.6.3 Description: A vulnerability was found in the function okla of the file /webmain/public/upload/tpl upload.html. The manipulation of the argument callback leads to cross site scripting. The attack may be launched...
RockOA 跨站脚本漏洞
RockOA Xinhuo is an open source office OA system. A cross-site scripting vulnerability exists in RockOA 2.6.3, which originates from a callback parameter in the /webmain/public/upload/tplupload.html file containing cross-site scripting. No details of the vulnerability are available at this time...
Acronis: Potential XSS Vulnerability in Acronis Login Callback URL
The Acronis login callback URL was found to be vulnerable to cross-site scripting XSS attacks. The redirectUrl parameter in the URL was not properly sanitized, allowing an attacker to inject arbitrary JavaScript code. This could have been exploited to steal user session cookies...
SUSE CVE-2022-48780
In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. But if the fallback happens more than once, then the copies of these callback...
CVE-2022-48780
In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. But if the fallback happens more than once, then the copies of these callback...