CVE-2024-49868 btrfs: fix a NULL pointer dereference when failed to start a new trasacntion

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion BUG Syzbot reported a NULL pointer dereference with the following crash: FAULTINJECTION: forcing a failure. starttransaction+0x830/0x1670...

FreeBSD : FreeBSD -- Multiple issues in ctl(4) CAM Target Layer (9bd5e47b-6b50-11ef-9a62-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 9bd5e47b-6b50-11ef-9a62-002590c1f29c advisory. Several vulnerabilities were found in the ctl subsystem. The function ctlwritebuffer incorrect...

CVE-2024-42416

The ctlreportsupportedopcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel help memory. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on...

CVE-2024-8178

The ctlwritebuffer and ctlreadbuffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which...

CVE-2024-43110

The ctlrequestsense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note th...

CVE-2024-45063 Multiple issues in ctl(4) CAM Target Layer

The function ctlwritebuffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process,...

CVE-2024-43110 Multiple issues in ctl(4) CAM Target Layer

The ctlrequestsense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note th...

CVE-2024-8178 Multiple issues in ctl(4) CAM Target Layer

The ctlwritebuffer and ctlreadbuffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from the ctlreportsupportedopcodes function not adequately validating user-space-supplied fields, allowing arbitrary writes to a limited amount of kernel helper memor...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD, which stems from the ctlwritebuffer and ctlreadbuffer functions allocating memory for return to user space without initializing it...

FreeBSD 缓冲区错误漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD suffers from a buffer error vulnerability that stems from the ctlrequestsense function exposing up to three bytes of kernel heap to user space...

PT-2024-8608 · Bhyve +1 · Bhyve +1

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue is related to the ctl request sense function in the ctl subsystem of FreeBSD operating systems, which can lead to a buffer overflow in memory. This can allow an attacker to execut...

FreeBSD-SA-24:11.ctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:11.ctl Security Advisory The FreeBSD Project Topic: Multiple issues in ctl4 CAM Target Layer Category: core Module: ctl Announced: 2024-09-04 Credits:...

FreeBSD -- Multiple issues in ctl(4) CAM Target Layer

Problem Description: Several vulnerabilities were found in the ctl subsystem. The function ctlwritebuffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing CVE-2024-45063. The ctlwritebuffer and ctlreadbuffer functions allocated memory to be...

kernel: s390/ptrace: handle setting of fpc register correctly

In the Linux kernel, the following vulnerability has been resolved: s390/ptrace: handle setting of fpc register correctly If the content of the floating point control fpc register of a traced process is modified with the ptrace interface the new value is tested for validity by temporarily loading...

DEBIAN-CVE-2023-52680

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error checks to ctlget The ctlget functions which call scarlett2update were not checking the return value. Fix to check the return value and pass to the caller...

AZL-34880 CVE-2024-23851 affecting package kernel for versions less than 6.6.35.1-4

copyparams in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INTMAX bytes, and crash, because of a missing paramkernel-datasize check. This is related to ctlioctl...

CVE-2022-4290

The CVE-2022-4290 entry concerns the WordPress plugin Cyr to Lat. It is affected up to version 3.5; the root cause is insufficient escaping and lack of proper SQL query preparation in ctl_sanitize_title, enabling authenticated users to append malicious SQL and potentially read sensitive data. A p...

WordPress Plugin Cyr to Lat SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

SUSE CVE-2008-4552

The goodclient function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions...