2565 matches found
PT-2025-41369
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s IOMMU subsystem for s390 architectures. Specifically, when a PCI device is unexpectedly removed surprise hotplug, attempts to attach the device to the...
SUSE CVE-2024-56540
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...
CVE-2024-56660
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, prevent potential error pointer dereference The drdomainaddvportcap function generally returns NULL on error but sometimes we want it to return ERRPTR-EBUSY so the caller can retry. The problem here is that "ret" ca...
CVE-2024-56540
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...
CVE-2024-56540
The CVE-2024-56540 entry concerns the Linux kernel, affecting the acceleration driver path for ivpu. It patches IPC send/receive flows to avoid triggering recovery during probe/resume by exposing ivpu_send_receive_internal() and adjusting ivpu_probe() and ivpu_resume() paths to propagate errors g...
CVE-2024-56540 accel/ivpu: Prevent recovery invocation during probe and resume
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...
RPD:bmc-rpd (=1.1), aendter.jenkins.plugins:filesystem-list-parameter-plugin (>=0.0.1 <=0.0.6) +25434 more potentially affected by CVE-2024-38819 via org.springframework:spring-webmvc (>=1.2.1 <=5.3.39)
org.springframework:spring-webmvc MAVEN version =1.2.1, =0.0.1, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =4.4.0.0, =0.0.12, =0.1.15 and more Source cves: CVE-2024-38819 Source advisory: OSV:GHSA-G5VR-RGQM-VF78...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-49878)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49878 advisory. - In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs...
CVE-2024-47541
A flaw was found in the GStreamer library. An out-of-bounds write in the SSA subtitle parser can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash...
AZL-54288 CVE-2024-47541 affecting package gstreamer1-plugins-base 1.20.0-3
GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...
DEBIAN-CVE-2024-47541
GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...
ALPINE-CVE-2024-47541
GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...
UBUNTU-CVE-2024-47541
GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...
CVE-2024-47541
GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...
CVE-2024-47541 GHSL-2024-228: GStreamer has an out-of-bounds write in SSA subtitle parser
GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...
CVE-2024-47541
GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...
CVE-2024-47541
GStreamer base plugins contain an OOB write in the SSA subtitle parser (gst_ssa_parse_remove_override_codes in gstssaparse.c) when a '}' precedes '{', causing memmove to duplicate substrings and write beyond allocated memory. Fixed in 1.24.10. Affected: gstreamer1-plugins-base (and related packag...
GStreamer 缓冲区错误漏洞
GStreamer is the GStreamer open source set of frameworks for processing streaming media. GStreamer suffers from a buffer error vulnerability that stems from an out-of-bounds write vulnerability found in the gstssaparseremoveoverridecodes function in the gstssaparse.c file...
Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering
The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. "Users within the target environment will be email bombed by the threat actor, whic...
Updated zbar packages fix security vulnerabilities
A heap-based buffer overflow exists in the qrreadermatchcenters function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be...