CVE-2024-57949

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Don't enable interrupts in itsirqsetvcpuaffinity The following call-chain leads to enabling interrupts in a nested interrupt disabled section: irqsetvcpuaffinity irqgetdesclock rawspinlockirqsave --- Disable...

CVE-2024-57949

Summary: CVE-2024-57949 affects the Linux kernel’s irqchip/gic-v3-its path. The vulnerability arises when its_irq_set_vcpu_affinity() is called inside a nested interrupt-disabled region; the prior sequence used raw_spin_lock_irqsave() to disable interrupts, then left a guard that could re-enable ...

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A code issue vulnerability exists in Linux kernel that stems from not setting up client-side operations before enabling ports, which could result in null pointer references...

DRUPAL-CONTRIB-2025-013

This module enables a developer to create dedicated OAuth2 clients for connecting to external APIs and other OAuth protected resources. The module does not use Cross Site Request Forgery CSRF tokens to protect routes for enabling a client. This vulnerability is mitigated by the fact that an...

SUSE CVE-2024-57806

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction atomicity bug when enabling simple quotas Set squota incompat bit before committing the transaction that enables the feature. With the config CONFIGBTRFSASSERT enabled, an assertion failure occurs regarding...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect runtime state when the ivpuipcsendreceiveinternal function is executed before ivpupmenable...

CVE-2024-50188

...

CVE-2024-50175

In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: Remove usecount guard in stopstreaming The usecount check was introduced so that multiple concurrent Raw Data Interfaces RDIs could be driven by different virtual channels VCs on the CSIPHY input driving the...

CVE-2024-50188 net: phy: dp83869: fix memory corruption when enabling fiber

In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmodesetbit with a bit mask 1 10 rather than a bit number 10. This corrupts some other memo...

CVE-2024-50188

In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmodesetbit with a bit mask 1 10 rather than a bit number 10. This corrupts some other memo...

CVE-2024-50175 media: qcom: camss: Remove use_count guard in stop_streaming

In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: Remove usecount guard in stopstreaming The usecount check was introduced so that multiple concurrent Raw Data Interfaces RDIs could be driven by different virtual channels VCs on the CSIPHY input driving the...

CVE-2024-50136 net/mlx5: Unregister notifier on eswitch init failure

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister notifier on eswitch init failure It otherwise remains registered and a subsequent attempt at eswitch enabling might trigger warnings of the sort: 682.589148 ------------ cut here ------------ 682.590204...

CVE-2022-48916

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform Sapphire Rapids CPU during booting: p...

CVE-2022-48868

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver is removed it assumes that the workqueue was...

UBUNTU-CVE-2022-48868

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver is removed it assumes that the workqueue was...

Memos 安全漏洞

Memos is a Memos open source open source hosted meme center with knowledge management and social features. A security vulnerability exists in Memos 0.20.1 and prior versions that stems from the presence of a CORS misconfiguration that could allow an attacking website to make cross-origin requests...

CVE-2024-29080

Potential vulnerabilities have been identified in the HP Display Control software component within the HP Application Enabling Software Driver which might allow escalation of privilege...

CVE-2024-24970

Potential vulnerabilities have been identified in the HP Display Control software component within the HP Application Enabling Software Driver which might allow escalation of privilege...

CVE-2024-29080

Potential vulnerabilities have been identified in the HP Display Control software component within the HP Application Enabling Software Driver which might allow escalation of privilege...

CVE-2024-29080

CVE-2024-29080 affects the HP Display Control software component within the HP Application Enabling Software Driver. The issue could allow local privilege escalation (vector: LOCAL; complexity: HIGH; privileges required: LOW) with confidentiality, integrity, and availability impacts described as ...