57 matches found
AZL-50806 CVE-2024-50061 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdnsi3cmaster Driver Due to Race Condition In the cdnsi3cmasterprobe function, &master-hjwork is bound with cdnsi3cmasterhj. And cdnsi3cmasterinterrupt can call...
UBUNTU-CVE-2024-50061
In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdnsi3cmaster Driver Due to Race Condition In the cdnsi3cmasterprobe function, &master-hjwork is bound with cdnsi3cmasterhj. And cdnsi3cmasterinterrupt can call...
CVE-2024-50061
CVE-2024-50061 affects the Linux kernel’s i3c: master cdns_i3c_master driver. The root cause is a use-after-free race: cdns_i3c_master_hj_work scheduled in cdns_i3c_master_probe can run after cdns_i3c_master_remove frees master->base via i3c_master_unregister. The documented fix is to cancel t...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the cdns driver in the i3c subsystem due to a contention condition during modu...
PT-2024-7567
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58 Description The issue is related to a use-after-free vulnerability in the cdns i3c master driver due to a race condition. This vulnerability can be exploited to impact the confidentiality, integrity, and...
Trojanized jQuery Infiltrates npm, GitHub, and CDNs: Thousands of Packages at Risk
Phylum uncovers large-scale trojanized jQuery attacks targeting npm, GitHub, and CDNs. Malicious actors steal user form data through…...
SUSE CVE-2024-38548
In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdnsmhdpatomicenable, the return value of drmmodeduplicate is assigned to mhdpstate-currentmode, and there is a dereference of it in drmmodesetname, which will...
Polyfill Detected
The polyfill.js file is a popular open-source library to ensure old browsers compatibility when evaluating JavaScript code. Starting February 2024, the domain polyfill.io and the related GitHub account have been purchased by a malicious threat actor to inject malwares in all web applications...
CVE-2024-38548
In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdnsmhdpatomicenable, the return value of drmmodeduplicate is assigned to mhdpstate-currentmode, and there is a dereference of it in drmmodesetname, which will...
DEBIAN-CVE-2024-38548
In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdnsmhdpatomicenable, the return value of drmmodeduplicate is assigned to mhdpstate-currentmode, and there is a dereference of it in drmmodesetname, which will...
CVE-2024-38548
In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdnsmhdpatomicenable, the return value of drmmodeduplicate is assigned to mhdpstate-currentmode, and there is a dereference of it in drmmodesetname, which will...
UBUNTU-CVE-2024-38548
In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdnsmhdpatomicenable, the return value of drmmodeduplicate is assigned to mhdpstate-currentmode, and there is a dereference of it in drmmodesetname, which will...
CVE-2024-38548
The CVE-2024-38548 issue is in the Linux kernel’s drm: bridge: cdns-mhdp8546 path. The root cause is a potential NULL pointer dereference in cdns_mhdp_atomic_enable() after drm_mode_duplicate() returns NULL, which is dereferenced in drm_mode_set_name(). The fix adds a check for mhdp_state->cur...
CVE-2024-38548 drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdnsmhdpatomicenable, the return value of drmmodeduplicate is assigned to mhdpstate-currentmode, and there is a dereference of it in drmmodesetname, which will...
CVE-2024-38548
In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdnsmhdpatomicenable, the return value of drmmodeduplicate is assigned to mhdpstate-currentmode, and there is a dereference of it in drmmodesetname, which will...
CVE-2024-38548 drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdnsmhdpatomicenable, the return value of drmmodeduplicate is assigned to mhdpstate-currentmode, and there is a dereference of it in drmmodesetname, which will...
CVE-2024-38548 drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdnsmhdpatomicenable, the return value of drmmodeduplicate is assigned to mhdpstate-currentmode, and there is a dereference of it in drmmodesetname, which will...
Enjin: Cloudflare /cdn-cgi/ path allows resizing images from unauthorised sources on enjinusercontent.com
The Cloudflare /cdn-cgi/ path on enjinusercontent.com was discovered to allow resizing and rendering of images from unauthorized sources without restriction. This behavior could have led to HTML injection, SSRF, and portal scanning attacks, as well as the unrestricted display of external resource...
User-Agent Reduction
Chrome is rolling out changes to the browser’s User-Agent string that will affect how web servers, applications, and CDNs like Akamai gather information about the current user agent such as the browser’s version, device, and platform information...
Multicloud, Multi-CDNs (Content Delivery Networks) Architecture – A Deceptive Future of the Internet
The last two years stood witness to multiple internet outages that caused massive disruptions across the globe. One prevalent theory is that multicloud, multi-CDNs content delivery networks are the inevitable future of the internet. This article conducts a litmus test on this theory and tries to...