3975 matches found
CVE-2021-47518
In the Linux kernel, the following vulnerability has been resolved: nfc: fix potential NULL pointer deref in nfcgenldumpsesdone The done netlink callback nfcgenldumpsesdone should check if received argument is non-NULL, because its allocation could fail earlier in dumpit nfcgenldumpses...
DEBIAN-CVE-2021-47506
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfssetlease. A delegation break runs a callback which immediately in nfsd4cbrecallprepare adds the delegation to delrecalllru...
CVE-2021-47518
In the Linux kernel, the following vulnerability has been resolved: nfc: fix potential NULL pointer deref in nfcgenldumpsesdone The done netlink callback nfcgenldumpsesdone should check if received argument is non-NULL, because its allocation could fail earlier in dumpit nfcgenldumpses...
CVE-2021-47506
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfssetlease. A delegation break runs a callback which immediately in nfsd4cbrecallprepare adds the delegation to delrecalllru...
CVE-2021-47556
CVE-2021-47556 concerns a NULL-deref in ethtool_set_coalesce() on the legacy ioctl path when a device driver implements only one of get_coalesce() or set_coalesce() and the availability check is buggy. The issue could crash with a NULL pointer when changing coalescing settings if both callbacks a...
CVE-2021-47506 nfsd: fix use-after-free due to delegation race
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfssetlease. A delegation break runs a callback which immediately in nfsd4cbrecallprepare adds the delegation to delrecalllru...
CVE-2021-47506
CVE-2021-47506 – Linux kernel: nfsd delegation use-after-free fix Affected component: Linux kernel NFS server (nfsd) delegation handling. The vulnerability arises when a delegation break is processed after a call to vfs_setlease. A callback (nfsd4_cb_recall_prepare) adds the delegation to del_rec...
CVE-2022-48707
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...
Improper Callback Validation
omero-web is vulnerable to Improper Callback Validation. The vulnerability is due to a lack of sanitization or validation of callback parameters in JSONP-enabled endpoints, which allows an attacker to execute arbitrary JavaScript code in the browser...
RHEL 8 : glibc (RHSA-2024:3309)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3309 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...
kernel: s390/vfio-ap: fix memory leak in vfio_ap device driver
In the s390 VFIO-AP driver, memory allocated for the vfiomatrixdev structure is never released during device cleanup. The release callback incorrectly uses devgetdrvdata to locate the object, but since it was never stored there, the function returns NULL and kfree silently accepts it. The correct...
PT-2024-15570 · WordPress · Ai Chatbot
Name of the Vulnerable Software and Affected Versions: AI ChatBot plugin for WordPress versions up to, and including, 5.3.4 Description: The issue is related to unauthorized access of data due to a missing capability check on the openai file list callback function. This allows authenticated...
PT-2024-15572 · WordPress · Ai Chatbot
Name of the Vulnerable Software and Affected Versions: AI ChatBot plugin for WordPress versions up to, and including, 5.3.4 Description: The issue allows authenticated attackers with subscriber-level access and above to delete files from a linked OpenAI account due to a missing capability check o...
CVE-2023-52825
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix a race condition of vram buffer unref in svm code prange-svmbo unref can happen in both mmu callback and a callback after migrate to system ram. Both are async call in different tasks. Sync svmbo unref operation t...
DEBIAN-CVE-2023-52825
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix a race condition of vram buffer unref in svm code prange-svmbo unref can happen in both mmu callback and a callback after migrate to system ram. Both are async call in different tasks. Sync svmbo unref operation t...
CVE-2022-48707
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...
DEBIAN-CVE-2022-48707
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...
UBUNTU-CVE-2023-52825
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix a race condition of vram buffer unref in svm code prange-svmbo unref can happen in both mmu callback and a callback after migrate to system ram. Both are async call in different tasks. Sync svmbo unref operation t...
CVE-2022-48707
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...
CVE-2023-52859
In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, the pmu context may not been allocated. The error handing will call cpuhpstateremoveinstance to call uncore pmu offline callback, whi...