Authentication Bypass by Primary Weakness

Overview org.springframework.security:spring-security-crypto is a spring-security-crypto library for Spring Security. Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness in the BCryptPasswordEncoder.matches function, which only takes the first 72 characte...

RLSA-2024:9456 Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

SUSE CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

DEBIAN-CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

UBUNTU-CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

CVE-2024-58074 drm/i915: Grab intel_display from the encoder to avoid potential oopsies

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

CVE-2024-58074

Technical details and impact for CVE-2024-58074 are not publicly provided in the supplied documents; monitor for updates.

CVE-2024-58074 drm/i915: Grab intel_display from the encoder to avoid potential oopsies

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from obtaining inteldisplay from an encoder, which could result in a null pointer dereference...

FFmpeg Buffer Overflow Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A buffer overflow vulnerability exists in FFmpeg version 7.1 and earlier versions, which originates from the ffaacsearchfortns function in the libavcodec/aacenctns.c file of the AAC Encoder...

SUSE CVE-2022-49203

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix double free during GPU reset on DC streams Why The issue only occurs during the GPU reset code path. We first backup the current state prior to commiting 0 streams internally from DM to DC. This state backup...

SUSE CVE-2022-49233

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Call dcstreamrelease for remove link enc assignment Why A porting error resulted in the stream assignment for the link being retained without being released - a memory leak. How Fix the porting error by adding ba...

DEBIAN-CVE-2022-49233

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Call dcstreamrelease for remove link enc assignment Why A porting error resulted in the stream assignment for the link being retained without being released - a memory leak. How Fix the porting error by adding ba...

CVE-2022-49203

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix double free during GPU reset on DC streams Why The issue only occurs during the GPU reset code path. We first backup the current state prior to commiting 0 streams internally from DM to DC. This state backup...

DEBIAN-CVE-2022-49203

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix double free during GPU reset on DC streams Why The issue only occurs during the GPU reset code path. We first backup the current state prior to commiting 0 streams internally from DM to DC. This state backup...

UBUNTU-CVE-2022-49203

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix double free during GPU reset on DC streams Why The issue only occurs during the GPU reset code path. We first backup the current state prior to commiting 0 streams internally from DM to DC. This state backup...

CVE-2022-49233 drm/amd/display: Call dc_stream_release for remove link enc assignment

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Call dcstreamrelease for remove link enc assignment Why A porting error resulted in the stream assignment for the link being retained without being released - a memory leak. How Fix the porting error by adding ba...