CVE-2024-49992

CVE-2024-49992 affects the Linux kernel DRM STM path. Specifically, ltdc_load() calls drm_crtc_init_with_planes(), drm_universal_plane_init(), and drm_encoder_init() with devm_kzalloc()-allocated resources, which can lead to use-after-free in CRTC/plane handling. Root cause: allocations not manag...

Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information

Cybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sites that have been found susceptible to leaking sensitive customer information. "A potential issue in NetSuite's SuiteCommerce platform could allow attackers to access sensitiv...