CVE-2022-48925

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.srcaddr outside state checks If the state is not idle then resolvepreparesrc should immediately fail and no change to global state should happen. However, it unconditionally overwrites the srcad...

UBUNTU-CVE-2022-48920

In the Linux kernel, the following vulnerability has been resolved: btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transaction commit we trigger a warning from writebackinodessbnr: $ cat fs/fs-writeback.c:...

CVE-2022-48920

CVE-2022-48920: In the Linux kernel, the btrfs flushoncommit path could trigger a warning in __writeback_inodes_sb_nr() during transaction commits. The fix avoids deadlock risks by replacing writeback_inodes_sb() with try_to_writeback_inodes_sb(), which reads sb->s_umount and only calls writeb...

CVE-2022-48920 btrfs: get rid of warning on transaction commit when using flushoncommit

In the Linux kernel, the following vulnerability has been resolved: btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transaction commit we trigger a warning from writebackinodessbnr: $ cat fs/fs-writeback.c:...

CVE-2022-48920 btrfs: get rid of warning on transaction commit when using flushoncommit

In the Linux kernel, the following vulnerability has been resolved: btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transaction commit we trigger a warning from writebackinodessbnr: $ cat fs/fs-writeback.c:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an early return in the btrfscommittransaction function, causing a relocation crash...

CVE-2024-43867

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveauboref on a nouveaubo without initializing it and hence the backing ttmbo leads to a refcount underflow. Instead of calling nouveauboref in the unwind path of...

CVE-2023-52911

In the Linux kernel, the following vulnerability has been resolved: drm/msm: another fix for the headless Adreno GPU Fix another oops reproducible when rebooting the board with the Adreno GPU working in the headless mode e.g. iMX platforms. Unable to handle kernel NULL pointer dereference at...

CVE-2022-48892

CVE-2022-48892 : Linux kernel sched/core fix for a use-after-free in dup_user_cpus_ptr(). The vulnerability existed due to dup_user_cpus_ptr() accessing user_cpus_ptr without proper locking, racing with fork() and the clearing of user_cpus_ptr during set_cpus_allowed_ptr_locked(), primarily affec...

CVE-2024-43867 drm/nouveau: prime: fix refcount underflow

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveauboref on a nouveaubo without initializing it and hence the backing ttmbo leads to a refcount underflow. Instead of calling nouveauboref in the unwind path of...

CVE-2024-43408

CVE-2024-43408 concerns the Discourse Placeholder Forms feature. The issue arises from unsanitized and stored user input being injected into the HTML of a post, enabling vulnerable dynamic content rendering. The vulnerability is associated with the placeholder forms component and is described as ...

CVE-2024-43408 Discourse Placeholder Forms has a XSS stopped by CSP

Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f342d52932cb6221672e7...

CVE-2024-43408 Discourse Placeholder Forms has a XSS stopped by CSP

Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f342d52932cb6221672e7...

CVE-2024-42574

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php...

CVE-2024-42566

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the password parameter at login.php...

CVE-2024-42563

An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file...

CVE-2024-42564

ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/inventory/delete?action=delete...

CVE-2024-42563

An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file...

CVE-2024-42554

Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the roomtype parameter at adminroomadded.php...

CVE-2024-42555

A Cross-Site Request Forgery CSRF in the component adminroomremoved.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges...