kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion

This CVE involves a flaw in the Linux kernel's nftables component, part of the Netfilter framework used for packet filtering and firewall functionalities. The vulnerability arises when a table's dormant flag is updated while there's a pending deletion of a base chain. In such cases, the...

kernel: atl1c: Work around the DMA RX overflow issue

In the Linux kernel, the following vulnerability has been resolved: atl1c: Work around the DMA RX overflow issue This is based on alx driver commit 881d0327db37 "net: alx: Work around the DMA RX overflow issue". The alx and atl1c drivers had RX overflow error which was why a custom allocator was...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab, which stems from the fact that the...

CVE-2024-42245 Revert "sched/fair: Make sure to try to detach at least one movable task"

In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec changed the load balancing logic to ignore env.maxloop if all tasks examined to...

CVE-2024-42244 USB: serial: mos7840: fix crash on resume

In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 "USB: serial: use generic method if no alternative is provided in usb serial layer", USB serial core calls the generic resume implementation when the driver has...

CVE-2024-42244 USB: serial: mos7840: fix crash on resume

In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 "USB: serial: use generic method if no alternative is provided in usb serial layer", USB serial core calls the generic resume implementation when the driver has...

CVE-2024-42241 mm/shmem: disable PMD-sized page cache if needed

In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray. For example, 512MB page cache on ARM64 when the base page size is 64KB can't be supported by...

CVE-2024-42241 mm/shmem: disable PMD-sized page cache if needed

In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray. For example, 512MB page cache on ARM64 when the base page size is 64KB can't be supported by...

CVE-2024-42241 mm/shmem: disable PMD-sized page cache if needed

In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray. For example, 512MB page cache on ARM64 when the base page size is 64KB can't be supported by...

CVE-2024-42233 filemap: replace pte_offset_map() with pte_offset_map_nolock()

In the Linux kernel, the following vulnerability has been resolved: filemap: replace pteoffsetmap with pteoffsetmapnolock The vmf-ptl in filemapfaultrecheckptenone is still set from handleptefault. But at the same time, we did a pteunmapvmf-pte. After a pteunmapvmf-pte unmap and rcureadunlock, th...

CVE-2024-42233 filemap: replace pte_offset_map() with pte_offset_map_nolock()

In the Linux kernel, the following vulnerability has been resolved: filemap: replace pteoffsetmap with pteoffsetmapnolock The vmf-ptl in filemapfaultrecheckptenone is still set from handleptefault. But at the same time, we did a pteunmapvmf-pte. After a pteunmapvmf-pte unmap and rcureadunlock, th...

kernel: ext4: regenerate buddy after block freeing failed if under fc replay

A flaw was found in the Linux kernel's ext4 filesystem related to the fast commit replay process. During this process, blocks that are already marked as free can be incorrectly marked as free again, leading to the corruption of the buddy bitmap, which is used to track free and allocated blocks...

kernel: ext4: regenerate buddy after block freeing failed if under fc replay

A flaw was found in the Linux kernel's ext4 filesystem related to the fast commit replay process. During this process, blocks that are already marked as free can be incorrectly marked as free again, leading to the corruption of the buddy bitmap, which is used to track free and allocated blocks...

gotortc Cross-site Scripting vulnerability

gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The links page links.html appends the src GET parameter 0 in all of its links for 1-click previews. The context in which src is being appended is innerHTML 1, which will insert th...

CVE-2024-6873

It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited to what is available within a 256-byte range of memory at the time o...

CVE-2024-6873 Specially crafted request could caused undefined behaviour which may lead to Remote Code Execution.

It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited to what is available within a 256-byte range of memory at the time o...

CVE-2024-41961

Summary of CVE-2024-41961 (Elektra) : Elektra, a Ruby on Rails-based OpenStack dashboard, contains a code injection vulnerability in its live search functionality. An authenticated user can provide a search term that includes Ruby code, which flows to an eval sink and can execute arbitrary code. ...

CVE-2024-41961 Elektra vulnerable to remote code execution in universal search

Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...

CVE-2024-41961 Elektra vulnerable to remote code execution in universal search

Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...

GHSA-GC5H-6JX9-Q2QH eZ Platform Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget

Impact The file upload widget is vulnerable to XSS payloads in filenames. Access permission to upload files is required. As such, in most cases only authenticated editors and administrators will have the required permission. It is not persistent, i.e. the payload is only executed during the uploa...