Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debughandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions, and so is called when a probed function executes. If...

OpenClaw 安全漏洞

OpenClaw is a command line tool for rights management. An improper access control vulnerability exists in OpenClaw versions prior to 2026.3.12, which stems from a lack of owner-level permission checking in the /config and /debug command handlers. An attacker can use this vulnerability to read or...

SUSE CVE-2022-49888

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debughandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions, and so is called when a probed function executes. If...

DEBIAN-CVE-2022-49888

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debughandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions, and so is called when a probed function executes. If...

CVE-2022-49888

CVE-2022-49888 affects the ARM64 Linux kernel entry path. The Cortex-A76 erratum workaround (cortex_a76_erratum_1463225_debug_handler) was not inlined due to a patch, allowing a kprobe to probe the function and potentially trigger recursive exceptions and a stack overflow when a probed function e...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not marking cortexa76erratum1463225debughandler as NOKPROBE, which could result in a recursive exception...

kernel: x86/bhi: Avoid warning in #DB handler due to BHI mitigation

A denial of service vulnerability was found in the Linux kernel. When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set, then entrySYSENTERcompat uses CLEARBRANCHHISTORY and calls the clearbhbloop before the TF flag is cleared. This causes the DB handler excdebugkernel to iss...

kernel: x86/bhi: Avoid warning in #DB handler due to BHI mitigation

A denial of service vulnerability was found in the Linux kernel. When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set, then entrySYSENTERcompat uses CLEARBRANCHHISTORY and calls the clearbhbloop before the TF flag is cleared. This causes the DB handler excdebugkernel to iss...

kernel: x86/bhi: Avoid warning in #DB handler due to BHI mitigation

A denial of service vulnerability was found in the Linux kernel. When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set, then entrySYSENTERcompat uses CLEARBRANCHHISTORY and calls the clearbhbloop before the TF flag is cleared. This causes the DB handler excdebugkernel to iss...

kernel: x86/bhi: Avoid warning in #DB handler due to BHI mitigation

A denial of service vulnerability was found in the Linux kernel. When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set, then entrySYSENTERcompat uses CLEARBRANCHHISTORY and calls the clearbhbloop before the TF flag is cleared. This causes the DB handler excdebugkernel to iss...

kernel: x86/bhi: Avoid warning in #DB handler due to BHI mitigation

A denial of service vulnerability was found in the Linux kernel. When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set, then entrySYSENTERcompat uses CLEARBRANCHHISTORY and calls the clearbhbloop before the TF flag is cleared. This causes the DB handler excdebugkernel to iss...

OpenAFS Denial of Service Vulnerability (CNVD-2019-43378)

OpenAFS is a set of open source distributed file system , allowing systems to share files and resources through the local area and wide area network . A denial of service vulnerability exists in OpenAFS. An attacker could exploit this vulnerability by making a series of VOTEDebug RPC calls to cau...

UBUNTU-CVE-2019-18601

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data access because remote attackers can make a series of VOTEDebug RPC calls to crash a database server within the SVOTEDebug RPC handler...

Design/Logic Flaw

DISPUTED The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /debugbar/open?op=get URI. NOTE: the vendor's position is that this is no...

CVE-2017-18343

The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /debugbar/open?op=get URI. NOTE: the vendor's position is that this is not a...

DEBIAN-CVE-2017-18343

The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /debugbar/open?op=get URI. NOTE: the vendor's position is that this is not a...

CVE-2017-18343

The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /debugbar/open?op=get URI. NOTE: the vendor's position is that this is not a...

UBUNTU-CVE-2017-18343

DISPUTED The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /debugbar/open?op=get URI. NOTE: the vendor's position is that this is no...

PT-2018-6840 · Symfony +1 · Symfony +1

Name of the Vulnerable Software and Affected Versions: Symfony versions 2.7.x through 2.7.32 Symfony versions 2.8.x through 2.8.25 Symfony versions 3.x through 3.2.12 Symfony versions 3.3.x through 3.3.5 Description: The issue concerns a problem with the debug handler in Symfony, where there is a...

CVE-2017-18343

The CVE-2017-18343 issue concerns Symfony Debug component (symfony/debug) with an XSS in the debug/exception pretty printing path. Affected versions are Symfony 2.x/3.x prior to the listed fixed points (2.7.33, 2.8.26, 3.2.13, 3.3.6). The vulnerability arises in the debug handler via an array key...