CVE-2024-6389 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab

An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. An attacker as a guest user was able to access commit information via the release Atom endpoint, contrary to permissions...

PT-2024-37586 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab-CE/EE versions 17.0 through 17.1.7 GitLab-CE/EE versions 17.2 through 17.2.5 GitLab-CE/EE versions 17.3 through 17.3.2 Description: An issue was discovered in GitLab-CE/EE where an attacker, as a guest user, was able to access commit...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab CE/EE versions prior to 17.0 to...

CVE-2024-45017

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix IPsec RoCE MPV trace call Prevent the call trace below from happening, by not allowing IPsec creation over a slave, if master device doesn't support IPsec. WARNING: CPU: 44 PID: 16136 at kernel/locking/rwsem.c:240...

kernel: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again"

A vulnerability was found in the wbdirtylimits function in the Linux kernel, where a removed u64 cast in the dtc-wbthresh dtc-bgthresh operation can result in multiplication overflow on 32-bit architectures. This issue could lead to memory corruption or performance issues...

CVE-2024-43828

...

CVE-2024-8096

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

SUSE-SU-2024:3186-1 Security update for buildah

This update for buildah fixes the following issues: Update to version 1.35.4: CVE-2024-3727 updates bsc1224117 Bump go-jose CVE-2024-28180 Bump ocicrypt and go-jose CVE-2024-28180 Update to version 1.35.3: correctly configure /etc/hosts and resolv.conf buildah: refactor resolv/hosts setup. rename...

CVE-2024-45040

CVE-2024-45040 affects gnark’s Groth16 proofs that use commitments to private witnesses. The issue breaks zero-knowledge properties when commitments are used with Groth16 (PLONK is not affected). Attacks could enumerate possible witness values if small, compromising privacy; completeness and soun...

CVE-2023-52915 media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035i2cmasterxfer In af9035i2cmasterxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally...

SUSE-SU-2024:3151-1 Security update for buildah

This update for buildah fixes the following issues: Update to version 1.35.4: Bump to Buildah v1.35.4 CVE-2024-3727 updates bsc1224117 integration test: handle new labels in 'bud and test --unsetlabel' Bump go-jose CVE-2024-28180 Bump ocicrypt and go-jose CVE-2024-28180 Update to version 1.35.3:...

SUSE CVE-2024-44992

In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid possible NULL dereference in cifsfreesubrequest Clang static checker scan-build warning: cifsglob.h:line 890, column 3 Access to field 'ops' results in a dereference of a null pointer. Commit 519be989717c "cifs:...

CVE-2024-44992

In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid possible NULL dereference in cifsfreesubrequest Clang static checker scan-build warning: cifsglob.h:line 890, column 3 Access to field 'ops' results in a dereference of a null pointer. Commit 519be989717c "cifs:...

CVE-2024-44978

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Free job before xeexecqueueput Free job depends on job-vm being valid, the last xeexecqueueput can destroy the VM. Prevent UAF by freeing job before xeexecqueueput. cherry picked from commit...

CVE-2024-44992

In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid possible NULL dereference in cifsfreesubrequest Clang static checker scan-build warning: cifsglob.h:line 890, column 3 Access to field 'ops' results in a dereference of a null pointer. Commit 519be989717c "cifs:...

CVE-2024-44979

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing workqueue destroy in xegtpagefault On driver reload we never free up the memory for the pagefault and access counter workqueues. Add those destroy calls here. cherry picked from commit...

CVE-2024-44992

In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid possible NULL dereference in cifsfreesubrequest Clang static checker scan-build warning: cifsglob.h:line 890, column 3 Access to field 'ops' results in a dereference of a null pointer. Commit 519be989717c "cifs:...

CVE-2024-44992

CVE-2024-44992 affects the Linux kernel CIFS/SMB client. A NULL dereference could occur in add_credits() when rdata->credits.value != 0 and rdata->server == NULL, due to missing server pointer checks. The fix (commit 519be989717c) adds a guard for rdata->server to prevent dereferencing s...

CVE-2024-44987 ipv6: prevent UAF in ip6_send_skb()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6sendskb syzbot reported an UAF in ip6sendskb 1 After ip6localout has returned, we no longer can safely dereference rt, unless we hold rcureadlock. A similar issue has been fixed in commit a688caa34beb "ipv...

CVE-2024-44979

CVE-2024-44979 affects the Linux kernel: drm/xe component (xe_gt_pagefault) mishandled workqueue destruction, leading to potential memory retention on driver reload. A fix was applied to destroy the pagefault and access-counter workqueues, cherry-picked from commit 7586fc52b14e0b8edd0d1f8a434e0de...