kernel: s390/dcssblk: fix kernel crash with list_add corruption

A kernel crash vulnerability was found in the Linux kernel's s390 dcssblk driver. Missing daxremovehost calls in the device removal path, combined with broken error handling in the device add path, cause stale xarray entries and listadd corruption. When a previously used gendisk pointer is reused...

CVE-2020-11722

Dungeon Crawl Stone Soup aka DCSS or crawl before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file...

CVE-2020-11722

Dungeon Crawl Stone Soup aka DCSS or crawl before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file...

Code injection

Dungeon Crawl Stone Soup aka DCSS or crawl before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file...

CVE-2020-11722

CVE-2020-11722 affects Dungeon Crawl Stone Soup (crawl) before 0.25. According to linked advisories, remote attackers could execute arbitrary code by embedding Lua bytecode in an uploaded .crawlrc file. OpenVAS/Nessus entries corroborate a vulnerability in crawl with CVE-2020-11722 and note the i...