CVE-2022-49416

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free in chanctx code In ieee80211vifusereservedcontext, when we have an old context and the new context's replacestate is set to IEEE80211CHANCTXREPLACENONE, we free the old context in...

CVE-2024-48881 bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again

In the Linux kernel, the following vulnerability has been resolved: bcache: revert replacing ISERRORNULL with ISERR again Commit 028ddcac477b "bcache: Remove unnecessary NULL point check in node allocations" leads a NULL pointer deference in cachesetflush. 1721 if !ISERRORNULLc-root 1722...

CVE-2024-56683

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Avoid hang with debug registers when suspended Trying to read /sys/kernel/debug/dri/1/hdmi1regs when the hdmi is disconnected results in a fatal system hang. This is due to the pm suspend code disabling the dvp...

CVE-2024-56562

In the Linux kernel, the following vulnerability has been resolved: i3c: master: Fix miss free initdynaddr at i3cmasterputi3caddrs if dev-boardinfo && dev-boardinfo-initdynaddr ^^^ here check "initdynaddr" i3cbussetaddrslotstatus&master-bus, dev-info.dynaddr, ... ^^^^ free "dynaddr" Fix copy/past...

CVE-2024-56562

CVE-2024-56562 relates to the Linux kernel i3c master code. The issue was a copy-paste error that freed the wrong pointer: it freed the dyn_addr instead of init_dyn_addr in i3c_master_put_i3c_addrs(), leading to a mismanagement of the init_dyn_addr resource when boardinfo is present. The patch re...

CVE-2024-50156

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msmdispstateprintregs If the allocation in msmdispstatedumpregs failed then block-state can be NULL. The msmdispstateprintregs function does have code to try to handle it with: if reg dumpaddr =...

Fedora 41 : webkitgtk (2024-b142cc07d0)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b142cc07d0 advisory. Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent fi...

UBUNTU-CVE-2024-50156

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msmdispstateprintregs If the allocation in msmdispstatedumpregs failed then block-state can be NULL. The msmdispstateprintregs function does have code to try to handle it with: if reg dumpaddr =...

DEBIAN-CVE-2024-47756

In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix if-statement expression in kspciequirk This code accidentally uses && where || was intended. It potentially results in a NULL dereference. Thus, fix the if-statement expression to use the correct condition...

CVE-2024-47717 RISC-V: KVM: Don't zero-out PMU snapshot area before freeing data

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Don't zero-out PMU snapshot area before freeing data With the latest Linux-6.11-rc3, the below NULL pointer crash is observed when SBI PMU snapshot is enabled for the guest and the guest is forcefully powered-off...

CVE-2024-46799

A vulnerability was found in the Linux kernel's net: ethernet: ti: am65-cpsw driver, which caused a NULL pointer dereference when Express Data Path XDP traffic was transmitted with only one TX queue configured. This issue occurred due to the incorrect use of the maximum number of TX queues instea...

CVE-2022-48922

In the Linux kernel, the following vulnerability has been resolved: riscv: fix oops caused by irqsoff latency tracer The tracehardirqson,off require the caller to setup frame pointer properly. This because these two functions use macro 'CALLERADDR1' aka. builtinreturnaddress1 to acquire caller...

CVE-2024-42275

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix error code in drmclientbuffervmaplocal This function accidentally returns zero/success on the failure path. It leads to locking issues and an uninitialized mapcopy in the caller...

CVE-2022-48762

In the Linux kernel, the following vulnerability has been resolved: arm64: extable: fix loadunalignedzeropad reg indices In exhandlerloadunalignedzeropad we erroneously extract the data and addr register indices from ex-type rather than ex-data. As ex-type will contain EXTYPELOADUNALIGNEDZEROPAD...

CVE-2021-47496

In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tlserrabort calls sk-skerr appears to expect a positive value, a convention that ktls doesn't always follow and that leads to memory corruption in other code. For instance, kworker tlsencryptdone...,...

CVE-2021-47348

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid HDCP over-read and corruption Instead of reading the desired 5 bytes of the actual target field, the code was reading 8. This could result in a corrupted value if the trailing 3 bytes were non-zero, so...

Passbolt Api Tabnabbing when opening URI with menu "Open URI in a new tab"

Description A user could create and share a resource with a malicious URI. When the victim opens with menu “Open URI in a new tab” function, the malicious page has access to the window.opener object. Impact of issue The newly opened malicious page can for example change the window.opener.location...

CVE-2024-4067

The NPM package micromatch prior to 4.0.8 is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability occurs in micromatch.braces in index.js because the pattern . will greedily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the...

CVE-2024-32985

Stellar-core is a reference implementation for the peer-to-peer agent that manages the Stellar network. Prior to 20.4.0, core nodes could be randomly crashed due to a race condition with a 3rd party library. The likelihood of affecting the network is low since crashed nodes come back up online...

CVE-2024-32985

Stellar-core prior to v20.4.0 is affected by a race-condition in a 3rd-party library that could cause core nodes to crash randomly. The issue is mitigated by a code fix included in Stellar-core v20.4.0. Public descriptions note the impact is limited because crashed nodes recover quickly; no explo...