CVE-2021-47282

In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: Fix out-of-bounds access with more than 4 slaves Commit 571e31fa60b3 "spi: bcm2835: Cache CS register value for -preparemessage" limited the number of slaves to 3 at compile-time. The limitation was necessitated by ...

CVE-2023-52834

In the Linux kernel, the following vulnerability has been resolved: atl1c: Work around the DMA RX overflow issue This is based on alx driver commit 881d0327db37 "net: alx: Work around the DMA RX overflow issue". The alx and atl1c drivers had RX overflow error which was why a custom allocator was...

SUSE CVE-2021-47322

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix an Oops in pnfsmarkrequestcommit when doing ODIRECT Fix an Oopsable condition in pnfsmarkrequestcommit when we're putting a set of writes on the commit list to reschedule them after a failed pNFS attempt...

openSUSE 15 Security Update : gitui (openSUSE-SU-2024:0135-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0135-1 advisory. - update to version 0.26.2: respect configuration for remote when fetching also applies to pulling add : character to sign-off trailer to comply with...

openSUSE Security Advisory (openSUSE-SU-2024:0135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RUSTSEC-2024-0350 Traversal outside working tree enables arbitrary code execution

Summary During checkout, gitoxide does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. Details Although gix-worktree-state checks for collisions with existing files, it does not...

CVE-2021-47444

In the Linux kernel, the following vulnerability has been resolved: drm/edid: In connectorbadedid cap numofext by numblocks read In commit e11f5bd8228f "drm: Add support for DP 1.4 Compliance edid corruption test" the function connectorbadedid started assuming that the memory for the EDID passed ...

CVE-2021-47462

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...

UBUNTU-CVE-2021-47441

In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: cat /sys/class/thermal/thermalzone2/cdev0/type mlxswfan cat...

OPENSUSE-SU-2024:0135-1 Security update for gitui

This update for gitui fixes the following issues: - update to version 0.26.2: respect configuration for remote when fetching also applies to pulling add : character to sign-off trailer to comply with Conventional Commits standard support overriding builddate for reproducible builds - update...

CVE-2021-47462

CVE-2021-47462 affects the Linux kernel mempolicy/memory policy handling. The root cause was an invalid combination check for MPOL_MODE_FLAGS: MPOL_F_NUMA_BALANCING may only pair with MPOL_BIND, but the check existed only in do_set_mempolicy(). The patch moves this validation into sanitize_mpol_f...

CVE-2021-47462 mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...

CVE-2021-47460 ocfs2: fix data corruption after conversion from inline format

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 "fs: Don't invalidate page buffers in blockwritefullpage" uncovered a latent bug in ocfs2 conversion from inline inode format to a normal inode...

CVE-2021-47436

CVE-2021-47436 – Linux kernel USB Musb DSPS probe error path fix . The connected Astra/Unity advisories confirm a root cause in the Musb DSPS driver where dsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() were inverted in the error path, leaving a platform device registered but not unreg...

NorthStar C2 Cross Site Scripting / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NorthStar C2 XSS to Agent RCE', 'Description' = %q NorthStar C2, prior to commit 7674a44 on March 11 2024, contains a vulnerability where the log...

DEBIAN-CVE-2023-52834

In the Linux kernel, the following vulnerability has been resolved: atl1c: Work around the DMA RX overflow issue This is based on alx driver commit 881d0327db37 "net: alx: Work around the DMA RX overflow issue". The alx and atl1c drivers had RX overflow error which was why a custom allocator was...

DEBIAN-CVE-2023-52739

In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in freepages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca page:0000000022261c...

CVE-2023-52700

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... 13.396352 RIP: 0010:copyfromiter+0xb4/0x550 ... 13.398494 Call Trace: 13.398630 13.398630 ? allocskb+0xed/0x1a...

CVE-2023-52701

In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb-mark syzbot found arm64 builds would crash in sockrecvmark when CONFIGHARDENEDUSERCOPY=y x86 and powerpc are not detecting the issue because they define useraccessbegin. This will be handl...

CVE-2023-52704

In the Linux kernel, the following vulnerability has been resolved: freezer,umh: Fix callusermodehelperexec vs SIGKILL Tetsuo-San noted that commit f5d39b020809 "freezer,sched: Rewrite core freezer logic" broke callusermodehelperexec for the KILLABLE case. Specifically it was missed that the...