CVE-2021-47572 net: nexthop: fix null pointer dereference when IPv6 is not enabled

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled !CONFIGIPV6 we'll hit a NULL pointer dereference1 in the error path of nhcreateipv6 due to calling...

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

python-urllib3: Cookie request header isn't stripped during cross-origin redirects

A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a Cookie header and...

DEBIAN-CVE-2023-52751

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options...

AZL-54747 CVE-2023-52751 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options...

PT-2024-41920

Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description On platforms where 802.1x authentication is configured on access or trunk ports and routing is enabled on the access VLAN of those ports, a malicious supplicant can bypass the 802.1x...

GHSA-V45M-HXQP-FWF5 verbb/formie Server-Side Template Injection for variable-enabled settings

Impact Users with access to a form's settings can include malicious Twig code into fields that support Twig. These might be the Submission Title or the Success Message. This code will then be executed upon creating a submission, or rendering the text. This is listed as low-medium severity due to...

verbb/formie Server-Side Template Injection for variable-enabled settings

Impact Users with access to a form's settings can include malicious Twig code into fields that support Twig. These might be the Submission Title or the Success Message. This code will then be executed upon creating a submission, or rendering the text. This is listed as low-medium severity due to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not having CPU mitigations enabled...

CVE-2024-35907

In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: call requestirq after NAPI initialized The mlxbfgige driver encounters a NULL pointer exception in mlxbfgigeopen when kdump is enabled. The sequence to reproduce the exception is as follows: a enable kdump b trigger...

UBUNTU-CVE-2024-35907

In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: call requestirq after NAPI initialized The mlxbfgige driver encounters a NULL pointer exception in mlxbfgigeopen when kdump is enabled. The sequence to reproduce the exception is as follows: a enable kdump b trigger...

CVE-2024-35907 mlxbf_gige: call request_irq() after NAPI initialized

In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: call requestirq after NAPI initialized The mlxbfgige driver encounters a NULL pointer exception in mlxbfgigeopen when kdump is enabled. The sequence to reproduce the exception is as follows: a enable kdump b trigger...

SUSE CVE-2023-52660

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ handling due to shared interrupts The driver requests the interrupts as IRQFSHARED, so the interrupt handlers can be called at any time. If such a call happens while the ISP is powered down, the SoC will ha...

DEBIAN-CVE-2023-52657

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This causes hangs on SI when DC is enabled and errors on driver reboot and power off cycles...

CVE-2023-52657

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This causes hangs on SI when DC is enabled and errors on driver reboot and power off cycles...

CVE-2023-52657 Revert "drm/amd/pm: resolve reboot exception for si oland"

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This causes hangs on SI when DC is enabled and errors on driver reboot and power off cycles...

CVE-2023-52657 Revert "drm/amd/pm: resolve reboot exception for si oland"

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This causes hangs on SI when DC is enabled and errors on driver reboot and power off cycles...

CVE-2023-52657

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This causes hangs on SI when DC is enabled and errors on driver reboot and power off cycles...

PT-2024-14683

Name of the Vulnerable Software and Affected Versions Linux kernel versions up to 6.1.82 Linux kernel versions up to 6.6.22 Linux kernel versions up to 6.7.10 Description The issue arises from the driver requesting interrupts as IRQF SHARED, allowing interrupt handlers to be called at any time. I...

Nuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in v1.x versions of Nuki Bridge prior to v1.22.0 and v2.x versions prior to v2.13.2, and Nuki Keypad prior to v1.9.2, which stems from a lack of certificate validation for HTTP communications, allowing an...