Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Tracing: The “Drain deferred trigger” operation is freed if kthread creation fails. Registration of boot-time triggers may fail before the trigger-data cleanup is completed. If a kthread exists, deferring the “Drain deferred...

EUVD-2024-17447

Malicious code in bioql PyPI...

CVE-2024-1713

A user who can create objects in a database with plv8 3.2.1 installed is able to cause deferred triggers to execute as the Superuser during autovacuum...

CVE-2024-1713

A user who can create objects in a database with plv8 3.2.1 installed is able to cause deferred triggers to execute as the Superuser during autovacuum...

CVE-2024-1713

A user who can create objects in a database with plv8 3.2.1 installed is able to cause deferred triggers to execute as the Superuser during autovacuum...

CVE-2024-1713

Summary of CVE-2024-1713 (Plv8 Deferred Trigger Privilege Escalation) Affects plv8 version 3.2.1. If a user can create objects in a database, they can cause deferred triggers to execute as the Superuser during autovacuum. This is a privilege-escalation scenario with impact on confidentiality, int...

PT-2024-18244 · Plv8 · Plv8

Name of the Vulnerable Software and Affected Versions: plv8 version 3.2.1 Description: A user who can create objects in a database with plv8 installed is able to cause deferred triggers to execute as the Superuser during autovacuum. Recommendations: For plv8 version 3.2.1, consider restricting...