Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching...

SUSE CVE-2024-4767

If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

AZL-40562 CVE-2024-32610 affecting package hdf5 for versions less than 1.14.4.3-1

HDF5 Library through 1.14.3 has a SEGV in H5Tclosereal in H5T.c, resulting in a corrupted instruction pointer...

AZL-40727 CVE-2024-32607 affecting package hdf5 for versions less than 1.14.4-1

HDF5 Library through 1.14.3 has a SEGV in H5Aclose in H5Aint.c, resulting in the corruption of the instruction pointer...

UBUNTU-CVE-2024-32610

HDF5 Library through 1.14.3 has a SEGV in H5Tclosereal in H5T.c, resulting in a corrupted instruction pointer...

SUSE CVE-2024-32607

HDF5 Library through 1.14.3 has a SEGV in H5Aclose in H5Aint.c, resulting in the corruption of the instruction pointer...

PT-2024-6209 · Hdf5 +4 · Hdf5 +4

Name of the Vulnerable Software and Affected Versions: HDF5 library versions prior to 1.14.4 Description: The issue is related to memory corruption in the H5A close function of the HDF5 library, resulting in the corruption of the instruction pointer. This can cause denial of service or potential...

PT-2024-6210 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to a buffer overflow in the heap, caused by the H5A close function in the H5Aint.c file of the HDF5 library, leading to corruption of the instruction pointer. This can be...

PT-2024-6207 · Unknown +4 · Hdf5 Library +4

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions 1.14.3 and earlier Description: The issue is related to a corrupted instruction pointer due to a SEGV in the H5T close real function in the H5T.c file. This is caused by a buffer overflow in memory, which can lead to a...

CVE-2024-1930 No Limit on Number of Open Sessions / Bad Session Close Behaviour

No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the opensession D-Bus method. For each...

CVE-2022-48688 i40e: Fix kernel crash during module removal

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately by another one host...

PT-2024-4090

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a slab-use-after-free vulnerability in the msft do close function. This vulnerability is caused by a race condition where the msft-data is freed in hci release de...

CVE-2024-27057

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the sofipc4pcmhwfree is invoked to reset the pipelines since during suspend the DSP is turned off, streams...

CVE-2024-26959

CVE-2024-26959 affects the Linux kernel Bluetooth subsystem (btnxpuart). The issue is a scheduling while atomic BUG in btnxpuart_close that could leave the transmit queue unpurged and skb release unsafe. The fixed path is in btnxpuart_close, with related call chain through tty/serdev/uart during ...

kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

kernel: tls: race between tx work scheduling and socket close

A race condition vulnerability was found in the tls subsystem of the Linux kernel. The submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete, which could lead to undefined behavior and a denial of service...