CVE-2024-47751

CVE-2024-47751 affects the Linux kernel PCI Kirin driver, where kirin_pcie_parse_port() could access beyond pcie->gpio_id_reset/MAX_PCI_SLOTS due to num_slots handling. The fix changes the condition to pcie->num_slots + 1 >= MAX_PCI_SLOTS and moves the increment of num_slots below the ch...

CVE-2024-43824

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Make use of cached 'epcfeatures' in pciepftestcoreinit Instead of getting the epcfeatures from pciepcgetfeatures API, use the cached pciepftest::epcfeatures value to avoid the NULL check. Since the NU...

CVE-2024-43824 PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init()

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Make use of cached 'epcfeatures' in pciepftestcoreinit Instead of getting the epcfeatures from pciepcgetfeatures API, use the cached pciepftest::epcfeatures value to avoid the NULL check. Since the NU...

Node.js third-party modules: [last-commit-log] Command Injection

I would like to report Command Injection in last-commit-log It allows execution of arbitrary commands Module module name: last-commit-log version: [email protected] npm page: https://www.npmjs.com/package/last-commit-log Module Description Node.js module to get the last git commit information...