GHSA-33GP-GMG3-HFPQ XWiki Platform vulnerable to document deletion and overwrite from edit

Impact When a user has edit but not view right on a page in XWiki, that user can delete the page and replace it by a page with new content without having delete right. The previous version of the page is moved into the recycle bin and can be restored from there by an admin. As the user is recorde...

TensorFlow has segfault in array_ops.upper_bound

Impact arrayops.upperbound causes a segfault when not given a rank 2 tensor. Patches We have patched the issue in GitHub commit 915884fdf5df34aaedd00fc6ace33a2cfdefa586. The fix will be included in TensorFlow 2.13. We will also cherrypick this commit in TensorFlow 2.12.1. For more information...

RUSTSEC-2024-0362 Stack overflow when parsing specially crafted JSON ABI strings

Affected versions of the alloy-json-abi crate did not properly handle parsing of malformatted JSON ABI strings. The JsonAbi::parse method can be tricked into a stack overflow when processing specially crafted input. This stack overflow can lead to a crash of the application using this crate,...

CVE-2024-42109

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unconditionally flush pending work before notifier syzbot reports: KASAN: slab-uaf in nftctxupdate include/net/netfilter/nftables.h:1831 KASAN: slab-uaf in nftcommitrelease net/netfilter/nftablesapi.c:9530...

UBUNTU-CVE-2024-42114

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211ATTRTXQQUANTUM values syzbot is able to trigger softlockups, setting NL80211ATTRTXQQUANTUM to 2^31. We had a similar issue in schfq, fixed with commit d9e15a273306 "pktsched: fq: do not accept sill...

CVE-2024-42136

In the Linux kernel, the following vulnerability has been resolved: cdrom: rearrange lastmediachange check to avoid unintentional overflow When running syzkaller with the newly reintroduced signed integer wrap sanitizer we encounter this splat: 366.015950 UBSAN: signed-integer-overflow in...

CVE-2024-42224 net: dsa: mv88e6xxx: Correct check for empty list

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 "net: dsa: mv88e6xxx: Support multiple MDIO busses" mv88e6xxxdefaultmdiobus has checked that the return value of listfirstentry is non-NULL. This appears...

CVE-2024-42136

CVE-2024-42136 affects the Linux kernel cdrom subsystem. The issue stems from an arithmetic path in last_media_change that could trigger a signed integer overflow under UBSAN when running syzkaller; the issue is resolved by rearranging the check to avoid any arithmetic, preventing the overflow. T...

CVE-2024-42111 btrfs: always do the basic checks for btrfs_qgroup_inherit structure

In the Linux kernel, the following vulnerability has been resolved: btrfs: always do the basic checks for btrfsqgroupinherit structure BUG Syzbot reports the following regression detected by KASAN: BUG: KASAN: slab-out-of-bounds in btrfsqgroupinherit+0x42e/0x2e20 fs/btrfs/qgroup.c:3277 Read of si...

CVE-2024-42109 netfilter: nf_tables: unconditionally flush pending work before notifier

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unconditionally flush pending work before notifier syzbot reports: KASAN: slab-uaf in nftctxupdate include/net/netfilter/nftables.h:1831 KASAN: slab-uaf in nftcommitrelease net/netfilter/nftablesapi.c:9530...

PT-2024-40916 · Unknown · Alloy-Json-Abi

Name of the Vulnerable Software and Affected Versions: alloy-json-abi versions prior to the version containing commit 4790c47 Description: The issue arises from improper handling of malformatted JSON ABI strings by the alloy-json-abi crate. Specifically, the JsonAbi::parse method can be exploited...

CVE-2024-42081

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xedevcoredump: Check NULL before assignments Assign 'xedevcoredumpsnapshot ' and 'xedevice ' only if 'coredump' is not NULL. v2 - Fix commit messages. v3 - Define variables before code.Ashutosh/Jose v4 - Drop return check...

CVE-2024-42081

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xedevcoredump: Check NULL before assignments Assign 'xedevcoredumpsnapshot ' and 'xedevice ' only if 'coredump' is not NULL. v2 - Fix commit messages. v3 - Define variables before code.Ashutosh/Jose v4 - Drop return check...

CVE-2024-42081

CVE-2024-42081 affects the Linux kernel component drm/ xe/ xe_devcoredump. The root cause was assigning xe_devcoredump_snapshot* and xe_device* unconditionally; the fix adds a NULL check and only assigns these pointers when coredump is not NULL. CVSS: Low-Privilege Local access with Medium overal...

CVE-2024-41024

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability due to incomplete USB endpoint checking that could result in the wrong endpoint type being use...

CVE-2024-41118

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 47 of pages/7📦WebMapService.py takes user input, which is passed to getlayers function, in which url is used with getwmslayer method...

CVE-2024-41116

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 1254 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 1345, leading to remote code...

CVE-2024-41119

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 80 in 8🏜️RasterDataVisualization.py takes user input, which is later used in the eval function on line 86, leading to remote code...

CVE-2024-41120

Affected software: streamlit-geospatial (a Streamlit multipage geospatial app). Technical issue: the url variable in pages/9_🔲_Vector_Data_Visualization.py accepts user input and passes it to gpd.read_file, which can trigger requests to arbitrary destinations. Impact described as blind server-sid...