2567 matches found
Denial Of Service (DOS)
github.com/mattermost/mattermost-plugin-channel-export is vulnerable to Denial Of Service DOS. The vulnerability is caused due to a failure to restrict concurrent runs of the /export command. The can allow an attacker to consume excessive resource by running the /export command multiple times at...
DEBIAN-CVE-2024-44935
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...
AZL-48662 CVE-2024-43892 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to memcgroupidr Commit 73f576c04b94 "mm: memcontrol: fix cgroup creation failure after many small jobs" decoupled the memcg IDs from the CSS ID space to fix the cgroup creation failures. It...
CVE-2024-44935
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...
CVE-2024-43892
In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to memcgroupidr Commit 73f576c04b94 "mm: memcontrol: fix cgroup creation failure after many small jobs" decoupled the memcg IDs from the CSS ID space to fix the cgroup creation failures. It...
UBUNTU-CVE-2024-44935
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...
UBUNTU-CVE-2024-43892
In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to memcgroupidr Commit 73f576c04b94 "mm: memcontrol: fix cgroup creation failure after many small jobs" decoupled the memcg IDs from the CSS ID space to fix the cgroup creation failures. It...
CVE-2024-43892
The CVE-2024-43892 entry concerns a race in the Linux kernel memcg subsystem: concurrent idr_remove() calls for mem_cgroup_idr could race with idr_alloc()/idr_replace() and lead to multiple memcgs obtaining the same ID, which in turn can destabilize memcg-related structures and trigger crashes in...
The vulnerability of the Garbage Collector component of the Mozilla Firefox browser, which allows a hacker to execute arbitrary code.
The vulnerability of the Garbage Collector component in the Mozilla Firefox browser is related to the use of memory after it is freed, as a result of the simultaneous loading of the browser’s own global execution environment and the “garbage collection” process. Exploiting this vulnerability can...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unprotected concurrent access when accessing memcgroupidr, leading to a potentially competitive condition...
CVE-2024-43105
Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...
CVE-2024-43105
Mattermost Plugin Channel Export versions =1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once...
CVE-2024-43105
Mattermost Plugin Channel Export (github.com/mattermost/mattermost-plugin-channel-export) is affected: versions ≤ 1.0.0 do not correctly restrict concurrent /export executions, enabling a user to initiate multiple simultaneous runs and cause resource exhaustion. Root cause: lack of concurrency co...
Mattermost plugin Channel Export 安全漏洞
Mattermost Plugin Channel Export is a plugin from Mattermost USA. A security vulnerability exists in Mattermost plugin Channel Export version 1.0.0 and prior versions, which stems from an inability to limit concurrent runs of the /export command. An attacker can use this vulnerability to consume...
PT-2024-30297 · Mattermost · Mattermost Plugin Channel Export
Name of the Vulnerable Software and Affected Versions: Mattermost Plugin Channel Export versions = 1.0.0 Description: The issue allows a user to consume excessive resources by running the /export command multiple times at once, due to the failure to restrict concurrent runs of the command. This c...
CVE-2022-48941
In the Linux kernel, the following vulnerability has been resolved: ice: fix concurrent reset and removal of VFs Commit c503e63200c6 "ice: Stop processing VF messages during teardown" introduced a driver state flag, ICEVFDEINITINPROGRESS, which is intended to prevent some issues with concurrently...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that if snapshot deletion and balancing operations are run concurrently in a production environment...
SUSE CVE-2024-42302
In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpchandler awaits readiness of the seconda...
UBUNTU-CVE-2024-43856
In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent dmamfreecoherent frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devresdestroy to remove and free the data structure used to track the DMA allocation...
UBUNTU-CVE-2024-43849
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locatoraddr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locatoraddr fields concurrently. Protect them by placing modification of those fields under the...