2566 matches found
PT-2024-28452
Name of the Vulnerable Software and Affected Versions Eclipse OpenJ9 versions 0.13.0 through 0.43.0 Description The issue occurs when running Eclipse OpenJ9 with the JVM option -Xgc:concurrentScavenge on the IBM Z platform, which has hardware and software support for guarded storage. This allows...
CVE-2021-47281
A vulnerability was found in the Linux kernel's ALSA sequencer, where the sndseqtimeropen function fails to properly manage concurrent access to timer instances, which could allow multiple calls to override the timer, leading to a potential use-after-free issue if a timer continues running after...
CVE-2023-52774
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
SUSE CVE-2021-47247
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...
Apache Tomcat 8.5.0 < 8.5.58
The version of Tomcat installed on the remote host is prior to 8.5.58. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.58security-8 advisory. - If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57...
kernel: RDMA/srpt: Add a check for valid 'mad_agent' pointer
A flaw was addressed in the Linux kernel’s RDMA SRPT SCSI RDMA Protocol Target subsystem. When unregistering a MAD Management Datagram agent, the SRPT module previously performed a non-NULL check on the madagent pointer before invoking ibunregistermadagent. Under rare timing...
kernel: scsi: target: Fix multiple LUN_RESET handling
A race condition flaw was found in the Linux kernel SCSI target subsystem's LUNRESET handling. When multiple remote initiator sessions send concurrent LUNRESET commands, one session's reset can incorrectly drain commands from another session, causing the second session to receive a successful res...
kernel: net/mlx5e: Check for NOT_READY flag state after locking
A race condition was found in the Linux kernel Mellanox mlx5 network driver's traffic control offload flow management. A local user with privileges to configure traffic control flower filters can trigger concurrent flow deletion operations where the NOTREADY flag is checked before acquiring the...
kernel: bnxt_en: Avoid order-5 memory allocation for TPA data
In the Linux kernel, the following vulnerability has been resolved: bnxten: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA GRO/LRO completions on the aggregation ring. On P5 chips, the maximum number of concurrent TPA is 256 and the...
DEBIAN-CVE-2023-52855
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In dwc2hcdurbenqueue, "urb-hcpriv = NULL" is executed without holding the lock "hsotg-lock". In dwc2hcdurbdequeue: spinlockirqsave&hsotg-lock, flags;...
CVE-2023-52774
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
DEBIAN-CVE-2023-52774
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
CVE-2023-52774
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
UBUNTU-CVE-2023-52774
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
CVE-2023-52774 s390/dasd: protect device queue against concurrent access
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
CVE-2023-52774 s390/dasd: protect device queue against concurrent access
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
CVE-2023-52774
CVE-2023-52774 : In the Linux kernel (s390/dasd), the device queue could be accessed concurrently in dasd_profile_start(), allowing the queue to change while it is being read; this could trigger a kernel panic due to invalid pointer accesses when I/O is highly parallel (aliases). The root cause i...
CVE-2023-52774
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
CVE-2023-52774 s390/dasd: protect device queue against concurrent access
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
CVE-2023-52737
CVE-2023-52737: In the Linux kernel, when using Btrfs, fiemap could deadlock with an in-flight fsync due to not taking the inode lock (i_mutex) before fiemap operations. The root cause is that fiemap_fill_next_extent() could fault while accessing user space buffers, which creates a lock-order cyc...