Malicious code in react-fatigue-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8fcb64ab16a7b12d7342e39dae03aeb4556ed831e407c63d3ea67ede1b88aa2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10856 Malicious code in react-fatigue-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8fcb64ab16a7b12d7342e39dae03aeb4556ed831e407c63d3ea67ede1b88aa2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

kernel: iommu: Fix potential use-after-free during probe

A vulnerability was found in the Linux kernel's IOMMU driver, where the deviommufree function can lead to a use-after-free error. This occurs when a device probe fails while simultaneously accessing dev-iommu-fwspec in the ofiommuconfigure path. As a result, this vulnerability can potentially cau...

kernel: iommu: Fix potential use-after-free during probe

A vulnerability was found in the Linux kernel's IOMMU driver, where the deviommufree function can lead to a use-after-free error. This occurs when a device probe fails while simultaneously accessing dev-iommu-fwspec in the ofiommuconfigure path. As a result, this vulnerability can potentially cau...

CVE-2023-4679

A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gffilterpacketdel function in filtercore/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash...

kernel: bonding: stop the device in bond_setup_by_slave()

In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 "net: lapbether: only support ethernet devices" has been able to keep syzbot away from net/lapb, until today. In the following splat 1, the issue is that a lapbethe...

PT-2025-3329

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved by adding a NULL check to acpi quirk skip serdev enumeration. The issue was caused by acpi dev hid match not checking if adev is NUL...

MAL-2024-10543 Malicious code in nordic-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d092883ffa5f152a8f2a83ea9b516dc1228960983868316a9dd74fd197f6b43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in nordic-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d092883ffa5f152a8f2a83ea9b516dc1228960983868316a9dd74fd197f6b43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()

...

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

MAL-2024-10534 Malicious code in sinbad-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f181de0b5c41b2ff3139ad931aa14a952a57050fb7f70b4a11175b8fdc2d7f7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in sinbad-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f181de0b5c41b2ff3139ad931aa14a952a57050fb7f70b4a11175b8fdc2d7f7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

DEBIAN-CVE-2024-50198

In the Linux kernel, the following vulnerability has been resolved: iio: light: veml6030: fix IIO device retrieval from embedded device The dev pointer that is received as an argument in the inilluminanceperiodavailableshow function references the device embedded in the IIO device, not in the i2c...

CVE-2024-50198 iio: light: veml6030: fix IIO device retrieval from embedded device

In the Linux kernel, the following vulnerability has been resolved: iio: light: veml6030: fix IIO device retrieval from embedded device The dev pointer that is received as an argument in the inilluminanceperiodavailableshow function references the device embedded in the IIO device, not in the i2c...

CVE-2024-50153 scsi: target: core: Fix null-ptr-deref in target_alloc_device()

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in targetallocdevice There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: null-ptr-deref in targetallocdevice+0xbc4/0xbe0 targetcoremod ... kasanreport+0xb9/0xf0...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling condresched in the nsimdevtrapreportwork function...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...