756 matches found
kernel: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy run-time warning in dgdispatchashost The Linux kernel CVE team has assigned CVE-2024-35944 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051920-CVE-2024-35944-a860@gregkh/T...
kernel: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy run-time warning in dgdispatchashost The Linux kernel CVE team has assigned CVE-2024-35944 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051920-CVE-2024-35944-a860@gregkh/T...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing dispatch point in the ioaddbuffers function...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not adding a dispatch point to a batch operation...
SUSE CVE-2024-41065
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu- results in a BUG when the config CONFIGHARDENEDUSERCOPY is enabled as shown below. kernel...
CVE-2024-7093
Dispatch's notification service uses Jinja templates to generate messages to users. Jinja permits code execution within blocks, which were neither properly sanitized nor sandboxed. This vulnerability enables users to construct command line scripts in their custom message templates, which are then...
CVE-2024-7093 Server-Side Template Injection in Dispatch Message Templates
Dispatch's notification service uses Jinja templates to generate messages to users. Jinja permits code execution within blocks, which were neither properly sanitized nor sandboxed. This vulnerability enables users to construct command line scripts in their custom message templates, which are then...
CVE-2024-7093 Server-Side Template Injection in Dispatch Message Templates
Dispatch's notification service uses Jinja templates to generate messages to users. Jinja permits code execution within blocks, which were neither properly sanitized nor sandboxed. This vulnerability enables users to construct command line scripts in their custom message templates, which are then...
CVE-2024-7093
CVE-2024-7093 affects Dispatch’s notification service that renders user messages via Jinja templates. The underlying issue is that Jinja blocks can execute code and were neither sanitized nor sandboxed, allowing an attacker to craft templates containing command-line scripts that execute when noti...
Netflix Dispatch 安全漏洞
Netflix Dispatch is a US-based Netflix software that provides deep integration with Slack, GSuite, Jira and other tools and provides security event management. Netflix Dispatch suffers from a security vulnerability that stems from allowing code to be executed within blocks that have not been...
PT-2024-38072 · Dispatch +1 · Dispatch +1
Name of the Vulnerable Software and Affected Versions: Dispatch affected versions not specified Description: The issue arises from Dispatch's notification service utilizing Jinja templates to generate user messages. Since Jinja allows code execution within blocks and these blocks were not properl...
CVE-2024-41065
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu- results in a BUG when the config CONFIGHARDENEDUSERCOPY is enabled as shown below. kernel...
UBUNTU-CVE-2024-41065
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu- results in a BUG when the config CONFIGHARDENEDUSERCOPY is enabled as shown below. kernel...
CVE-2024-41065 powerpc/pseries: Whitelist dtl slub object for copying to userspace
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu- results in a BUG when the config CONFIGHARDENEDUSERCOPY is enabled as shown below. kernel...
CVE-2024-41065 powerpc/pseries: Whitelist dtl slub object for copying to userspace
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu- results in a BUG when the config CONFIGHARDENEDUSERCOPY is enabled as shown below. kernel...
SUSE CVE-2021-47552
In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blkcleanupqueue and diskrelease For avoiding to slow down queue destroy, we don't call blkmqquiescequeue in blkcleanupqueue, instead of delaying to cancel dispatch work in...
CVE-2021-47552
A vulnerability was found in the Linux kernel's block blk-mq when dispatch work was handled during queue cleanup. This issue occurs when dispatch work is not properly canceled in both the blkcleanupqueue and diskrelease functions, which can lead to a NULL pointer dereference if the associated SCS...
DEBIAN-CVE-2021-47552
In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blkcleanupqueue and diskrelease For avoiding to slow down queue destroy, we don't call blkmqquiescequeue in blkcleanupqueue, instead of delaying to cancel dispatch work in...
CVE-2021-47552
In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blkcleanupqueue and diskrelease For avoiding to slow down queue destroy, we don't call blkmqquiescequeue in blkcleanupqueue, instead of delaying to cancel dispatch work in...
CVE-2021-47552
In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blkcleanupqueue and diskrelease For avoiding to slow down queue destroy, we don't call blkmqquiescequeue in blkcleanupqueue, instead of delaying to cancel dispatch work in...