go-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishment

Impact The issue only occurs when the CLIENT SETINFO command times out during connection establishment. The following circumstances can cause such a timeout: 1. The client is configured to transmit its identity. This can be disabled via the DisableIndentity flag. 2. There are network connectivity...

The vulnerability of the i40e component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the i40e component in the Linux operating system is related to the improper release of the client instance, followed by the removal of the i40e module. Exploiting this vulnerability can allow an attacker to cause a service failure...

Malicious code in prpc-client-instance.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 890706b9c002912e24d6ea56d82d7736b12c82d91cc8dc4e7a2bc97e4c1d6d9e The OpenSSF Package Analysis project identified 'prpc-client-instance.js' @ 69.69.69 npm as malicious. It is considered malicious because: - The...

SUSE CVE-2022-48688

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately by another one host...

CVE-2022-48688 i40e: Fix kernel crash during module removal

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately by another one host...

CVE-2022-48688

CVE-2022-48688 covers a Linux kernel i40e driver issue where removing modules after an offline ethtool test could crash the kernel. The root cause reported is that the driver frees the client instance incorrectly; during recursive removal (e.g., irdma removing i40e), i40e_lan_del_device dereferen...

CVE-2022-48688 i40e: Fix kernel crash during module removal

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately by another one host...