15 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: spi: Fixed a use-after-free issue during controller registration failures. Be sure to also deregister from the driver core in case the per-cpu statistics allocation fails during controller registration, in order to avoid...
CVE-2022-50646
CVE-2022-50646 affects the Linux kernel SCSI HPSA path. The vulnerability is due to a memory leak in hpsa_init_one() where, on alloc_percpu() failure, the code frees the allocated structure but leaks h->reply_map. The patch fixes this by calling hpda_free_ctlr_info() to release h->reply_map...
EUVD-2024-0390
Malicious code in bioql PyPI...
EUVD-2023-59748
Malicious code in bioql PyPI...
BIT-JENKINS-2021-43859 Denial of Service by injecting highly recursive collections or maps in XStream
XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulatin...
PT-2025-18606 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel's tracing subsystem has been resolved. The issue arises when the number of listed CPUs exceeds the actual number of existing CPUs. The tracing...
CVE-2023-52942
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Fix wrong check in updateparentsubpartscpumask It was found that the check to see if a partition could use up all the cpus from the parent cpuset in updateparentsubpartscpumask was incorrect. As a result, it is...
CVE-2023-52942
CVE-2023-52942 affects the Linux kernel’s cgroup/cpuset subsystem. The root cause was an incorrect check in update_parent_subparts_cpumask() that could allow a parent cpuset to be left with no effective CPUs even when there are tasks in it, potentially causing a system panic. The fix alters the e...
CVE-2023-52942 cgroup/cpuset: Fix wrong check in update_parent_subparts_cpumask()
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Fix wrong check in updateparentsubpartscpumask It was found that the check to see if a partition could use up all the cpus from the parent cpuset in updateparentsubpartscpumask was incorrect. As a result, it is...
CVE-2024-44975 cgroup/cpuset: fix panic caused by partcmd_update
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: fix panic caused by partcmdupdate We find a bug as below: BUG: unable to handle page fault for address: 00000003 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOPTI CPU: 3 PID: 358 Comm: bash Tainted: G W I 6.6.0-10893-g60d...
CVE-2021-46964
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Reserve extra IRQ vectors Commit a6dcfe08487e "scsi: qla2xxx: Limit interrupt vectors to number of CPUs" lowers the number of allocated MSI-X vectors to the number of CPUs. That breaks vector allocation assumptions...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in XStream
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of XStream. Vulnerability Details CVEID: CVE-2021-43859 DESCRIPTION: XStream is vulnerable to a denial of service, caused by improper input validation. By injecting highly recursive collections or maps, a remote...
Oracle Linux 7 : xstream (ELSA-2021-3956)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3956 advisory. - Resolves: CVE-2021-39148 - Resolves: CVE-2021-39139 - Resolves: CVE-2021-39140 - Resolves: CVE-2021-39141 - Resolves: CVE-2021-39144 - Resolves:...
CVE-2021-21341 XStream can cause a Denial of Service
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of...
Issues that are fixed in System Center 2012 R2 Operations Manager Update Rollup 1
Issues that are fixed in System Center 2012 R2 Operations Manager Update Rollup 1 Introduction This article describes the issues that are fixed in Update Rollup 1 for Microsoft System Center 2012 R2 Operations Manager. Additionally, this article contains the installation instructions for Update...