CVE-2024-35950

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes with dev-modeconfig.mutex The modes array contains pointers to modes on the connectors' mode lists, which are protected by dev-modeconfig.mutex. Thus we need to extend modes the same protection or ...

CVE-2024-35950 drm/client: Fully protect modes[] with dev->mode_config.mutex

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes with dev-modeconfig.mutex The modes array contains pointers to modes on the connectors' mode lists, which are protected by dev-modeconfig.mutex. Thus we need to extend modes the same protection or ...

CVE-2024-35950 drm/client: Fully protect modes[] with dev->mode_config.mutex

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes with dev-modeconfig.mutex The modes array contains pointers to modes on the connectors' mode lists, which are protected by dev-modeconfig.mutex. Thus we need to extend modes the same protection or ...

CVE-2024-35950

CVE-2024-35950 concerns a Linux kernel DRM issue where the modes[] array (points to connectors’ mode list entries) was not protected by the same mutex as mode_config, risking use-after-free if elements reference freed memory. The fix extends protection to modes[] via dev->mode_config.mutex, ad...

CVE-2024-35950 drm/client: Fully protect modes[] with dev->mode_config.mutex

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes with dev-modeconfig.mutex The modes array contains pointers to modes on the connectors' mode lists, which are protected by dev-modeconfig.mutex. Thus we need to extend modes the same protection or ...

CVE-2024-35950

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes with dev-modeconfig.mutex The modes array contains pointers to modes on the connectors' mode lists, which are protected by dev-modeconfig.mutex. Thus we need to extend modes the same protection or ...

CVE-2024-35857

A flaw was found in the Linux kernel's ICMP protocol. Under some conditions, a NULL pointer dereference can be triggered due to a missing check, causing a system crash and resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the currently available...

CVE-2024-35857

In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmpbuildprobe First problem is a double call to indevgetrcu, because the second one could return NULL. if indevgetrcudev && indevgetrcudev-ifalist Second problem is a read from...

CVE-2024-35857

In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmpbuildprobe First problem is a double call to indevgetrcu, because the second one could return NULL. if indevgetrcudev && indevgetrcudev-ifalist Second problem is a read from...

CVE-2024-35839 netfilter: bridge: replace physindev with physinif in nf_bridge_info

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nfbridgeinfo An skb can be added to a neigh-arpqueue while waiting for an arp reply. Where original skb's skb-dev can be different to neigh's neigh-dev. For instance in case o...

CLSA-2024-1715949385 kernel: Fix of 12 CVEs

fs,hugetlb: fix NULL pointer dereference in hugetlbsfillsuper CVE-2024-0841 - bpf: Fix incorrect verifier pruning due to missing register precision taints CVE-2023-2163 - bpf: Fix hashtab overflow check on 32-bit arches CVE-2024-26884 - RDMA/mlx5: Fix fortify source warning while accessing Eth...

CVE-2024-25595

Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through 4.4.1...

CVE-2022-44581

Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue affects Defender Security: from n/a through 3.3.2...

CVE-2022-44581 WordPress Defender Security plugin <= 3.3.2 - Broken Authentication vulnerability

Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue affects Defender Security: from n/a through 3.3.2...

PT-2024-21025 · Wpmu Dev · Wpmu Dev Defender Security

Name of the Vulnerable Software and Affected Versions: WPMU DEV Defender Security versions through 4.4.1 Description: The issue is related to an Authentication Bypass by Spoofing, allowing functionality bypass. Recommendations: For versions through 4.4.1, update to a version later than 4.4.1 to...

PT-2024-11680 · Wpmu Dev · Wpmu Dev Defender Security

Name of the Vulnerable Software and Affected Versions: WPMU DEV Defender Security versions n/a through 3.3.2 Description: The issue affects the storage of sensitive information, allowing access to screen temporary files that may contain sensitive data. This is a result of insecure storage practic...

PT-2024-29763

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel related to the virtio-pci module. The issue involves the vp dev-is avq function being empty in certain installations, specifically...

The vulnerability of the dev_map_init_map() function in the kernel/bpf/devmap.c module of the BPF subsystem of the Linux operating system allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the devmapinitmap function in the kernel/bpf/devmap.c module of the Linux kernel’s BPF subsystem is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the default_device_exit_net() function in the net/core/dev.c network subsystem of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the defaultdeviceexitnet function in the net/core/dev.c network subsystem of the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

GO-2024-2830 Arbitrary file write in github.com/1Panel-dev/1Panel

A maliciously crafted packet can write to an arbitrary file...