197 matches found
DEBIAN-CVE-2024-57874
In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NTARMTAGGEDADDRCTRL Currently taggedaddrctrlset doesn't initialize the temporary 'ctrl' variable, and a SETREGSET call with a length of zero will leave this uninitialized. Consequently...
DEBIAN-CVE-2024-49569
In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: unquiesce adminq before destroy it Kernel will hang on destroy adminq while we create ctrl failed, such as following calltrace: PID: 23644 TASK: ff2d52b40f439fc0 CPU: 2 COMMAND: "nvme" 0 ff61d23de260fb78 schedule at...
CVE-2024-53134
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i onecelldata.numdomains', not 'bc-onecelldata.numdomains' which will make the look never finish and cause kernel panic. Also disable runtime to address...
CVE-2024-53134
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i onecelldata.numdomains', not 'bc-onecelldata.numdomains' which will make the look never finish and cause kernel panic. Also disable runtime to address...
CVE-2024-53134 pmdomain: imx93-blk-ctrl: correct remove path
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i onecelldata.numdomains', not 'bc-onecelldata.numdomains' which will make the look never finish and cause kernel panic. Also disable runtime to address...
CVE-2024-53134 pmdomain: imx93-blk-ctrl: correct remove path
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i onecelldata.numdomains', not 'bc-onecelldata.numdomains' which will make the look never finish and cause kernel panic. Also disable runtime to address...
CVE-2024-53134 pmdomain: imx93-blk-ctrl: correct remove path
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i onecelldata.numdomains', not 'bc-onecelldata.numdomains' which will make the look never finish and cause kernel panic. Also disable runtime to address...
SUSE CVE-2024-50292
In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: spdifrx: fix dma channel release in stm32spdifrxremove In case of error when requesting ctrlchan DMA channel, ctrlchan is not null. So the release of the dma channel leads to the following issue: 4.879000...
CVE-2024-10241 Private channel names leaked with Ctrl+K when ElasticSearch is enabled
Mattermost versions 9.5.x = 9.5.9 fail to properly filter the channel data when ElasticSearch is enabled which allows a user to get private channel names by using cmd+K/ctrl+K...
PT-2024-16133 · Mattermost +2 · Mattermost +2
Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.5.x through 9.5.9 Description: The issue arises when ElasticSearch is enabled, and Mattermost fails to properly filter channel data. This allows a user to obtain private channel names by using the cmd+K/ctrl+K shortcut...
OESA-2024-2238 xterm security update
The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals. Security Fixes: xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nftables: nftsetrbtree skip end interval element from gc CVE-2024-26581 kernel: netfilter: nftlimit: reject configurations that cause integer overflow CVE-2024-26668 kernel: vfio/pci: Loc...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-42152)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42152 advisory. - In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy ...
CVE-2024-42152
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...
AZL-47685 CVE-2024-42152 affecting package kernel for versions less than 5.15.164.1-1
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...
AZL-47660 CVE-2024-42152 affecting package kernel for versions less than 6.6.43.1-7
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...
UBUNTU-CVE-2024-42152
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...
CVE-2024-42152 nvmet: fix a possible leak when destroy a ctrl during qp establishment
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...
CVE-2024-42152 nvmet: fix a possible leak when destroy a ctrl during qp establishment
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...
CVE-2024-41082 nvme-fabrics: use reserved tag for reg read/write command
In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...