bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

Unspecified Vulnerability in TOTOLINK EX200 (CNVD-2025-17946)

TOTOLINK EX200 is a wireless N range extender from China Gion Electronics TOTOLINK , which is mainly used to extend the coverage of the existing Wi-Fi network and solve the problem of signal blind zones. A security vulnerability exists in TOTOLINK EX200, which stems from the fact that the...

CVE-2024-28917

Summary: CVE-2024-28917 is a cluster-scope elevation of privilege in Azure Arc-enabled Kubernetes Extension. According to connected sources, the affected component is the Azure Arc Kubernetes Extension (Cluster) and the impact is privilege escalation (obtain increased privileges). The CVSS score ...

CVE-2024-28917 Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability

...

April 9, 2024—KB5036969 (Monthly Rollup)

April 9, 2024—KB5036969 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only are...

Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability

...

CVE-2024-31805

TOTOLINK EX200 V4.0.3c.7646B20201211 allows attackers to start the Telnet service without authorization via the telnetenabled parameter in the setTelnetCfg function...

PT-2024-2867 · Totolink · Totolink Ex200

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX200 version 4.0.3c.7646 B20201211 Description: The issue is related to a flaw in the authorization procedure of the setTelnetCfg function in the TOTOLINK EX200 router's firmware. This flaw allows a remote attacker to start the Teln...

TOTOLINK EX200 安全漏洞

TOTOLINK EX200 is a wireless N range extender from China Gion Electronics TOTOLINK , which is mainly used to extend the coverage of the existing Wi-Fi network and solve the problem of signal blind zones. A security vulnerability exists in TOTOLINK EX200, which stems from the fact that the...

SUSE CVE-2024-26698

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Fix race condition between netvscprobe and netvscremove In commit ac5047671758 "hvnetvsc: Disable NAPI before closing the VMBus channel", napidisable was getting called for all channels, including all subchannels withou...

CVE-2024-26761

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

CVE-2024-26730

The CVE-2024-26730 entry concerns the Linux kernel hwmon/nct6775 driver. The vulnerability arises from a mismatch between the number of temperature configuration registers and the total temperature registers, which can trigger out-of-bounds access (KASAN) in nct6775_probe/nct6775_core. The issue ...

CVE-2024-26730 hwmon: (nct6775) Fix access to temperature configuration registers

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASA...

CVE-2024-26695 crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in sevplatformshutdownlocked The SEV platform device can be shutdown with a null pspmaster, e.g., using DEBUGTESTDRIVERREMOVE. Found using KASAN: 137.148210 ccp 0000:23:00.1: enabling...

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

CVE-2024-26656 drm/amdgpu: fix use-after-free bug

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpugemuserptrioctl to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo Jung . For example the...

SUSE CVE-2024-30204

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments...

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

DEBIAN-CVE-2024-30204

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments...