WordPress Open Close WooCommerce Store plugin <= 4.9.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Open Close WooCommerce Store versions = 4.9.1...

An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition.

...

SUSE CVE-2024-26703

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimerinit to timerlatfd open Currently, the timerlat's hrtimer is initialized at the first read of timerlatfd, and destroyed at close. It works, but it causes an error if the user program open and close t...

DEBIAN-CVE-2024-27983

An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a T...

net/http, x/net/http2: close connections when receiving too many headers

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-39232 CVE-2023-45288 affecting package kata-containers for versions less than 3.2.0.azl2-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

DEBIAN-CVE-2023-45288

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

CVE-2024-26687

In the Linux kernel, the following vulnerability has been resolved: xen/events: close evtchn after mapping cleanup shutdownpirq and startuppirq are not taking the irqmappingupdatelock because they can't due to lock inversion. Both are called with the irqdesc-lock being taking. The lock order,...

UBUNTU-CVE-2024-26703

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimerinit to timerlatfd open Currently, the timerlat's hrtimer is initialized at the first read of timerlatfd, and destroyed at close. It works, but it causes an error if the user program open and close t...

CVE-2024-26703 tracing/timerlat: Move hrtimer_init to timerlat_fd open()

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimerinit to timerlatfd open Currently, the timerlat's hrtimer is initialized at the first read of timerlatfd, and destroyed at close. It works, but it causes an error if the user program open and close t...

EulerOS Virtualization 2.11.1 : httpd (EulerOS-SA-2024-1400)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...

tls: fix race between async notify and socket close

...

tls: fix race between tx work scheduling and socket close

...

CVE-2024-26629

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is nonsense and harmful. Revert to using checkforlocks, changing that to not sleep. First: harmful. As is documented in the kdoc comment for...

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2024-1273)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 - When a...

CVE-2023-52513

A NULL dereference vulnerability was found in the Linux kernel, which is caused when the siwcmworkhandler function attempts to dereference a NULL listener that may be created when immediate MPA request processing fails and the newly created endpoint unlinks the listening endpoint ready to be...

Important: less

Issue Overview: closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. CVE-2022-48624 Affected Packages: less Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories...

CVE-2023-52513

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled correctly by the co...

CVE-2023-52513

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled correctly by the co...