24 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fixed the issue with the lifetime of the aux-bus EP device. Device-managed resources allocated after the component binding process must be tied to the lifetime of the DRM device. Otherwise, these resources may not be...
CVE-2026-31595
CVE-2026-31595 affects the Linux kernel PCI endpoint driver for the vntb (pci-epf-vntb) where the cleanup path epf_ntb_epc_cleanup does not disable the delayed work before clearing BAR mappings and doorbells. The referenced details describe that if the delayed work isn’t disabled, the cmd_handler...
CVE-2026-31594
The CVE-2026-31594 issue is in the Linux kernel PCI endpoint framework (pci-epf-vntb). The root cause is a duplicate resource teardown in epf_ntb_epc_destroy(), causing an oops/kernel crash when .allow_link fails or .drop_link runs. The documented fix removes the helper and drops pci_epc_put(), t...
CVE-2022-50360
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix aux-bus EP lifetime Device-managed resources allocated post component bind must be tied to the lifetime of the aggregate DRM device or they will not necessarily be released when binding of the aggregate device is...
CVE-2022-50360
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix aux-bus EP lifetime Device-managed resources allocated post component bind must be tied to the lifetime of the aggregate DRM device or they will not necessarily be released when binding of the aggregate device is...
CVE-2022-50360 drm/msm/dp: fix aux-bus EP lifetime
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix aux-bus EP lifetime Device-managed resources allocated post component bind must be tied to the lifetime of the aggregate DRM device or they will not necessarily be released when binding of the aggregate device is...
CVE-2022-50360
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix aux-bus EP lifetime Device-managed resources allocated post component bind must be tied to the lifetime of the aggregate DRM device or they will not necessarily be released when binding of the aggregate device is...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper management of the DP aux-bus EP device lifecycle, which could result in a resource leak or device...
kernel: cxl/port: Fix delete_endpoint() vs parent unregistration race
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix deleteendpoint vs parent unregistration race The CXL subsystem, at cxlmem -probe time, establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL topology. Each port including th...
kernel: cxl/port: Fix delete_endpoint() vs parent unregistration race
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix deleteendpoint vs parent unregistration race The CXL subsystem, at cxlmem -probe time, establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL topology. Each port including th...
Session launch might fail on a endpoint device in a closed network if the Secure ICA file session launch policy is enabled.
Session launch might fail with the following error on a endpoint device in a closed network if the Secure ICA file session launch policy is enabled. Error: "Cannot Start App. Please contact your help desk."...
Launched App Stuck In 1 Monitor When 4 Or More Monitors Are Used
When Published Apps are launched through Workspace App and the Endpoint Device is using 4 monitors or more, they always open in the main screen monitor, and once the Published App is moved to another monitor and is maximized, the Published App goes to the original monitor where it started. Whethe...
Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family WLAN Local Profiling DoS (cisco-sa-dclass-dos-VKh9D8k3)
According to its self-reported version, Cisco IOS XE is affected by a Denial of Service vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family. This vulnerability is due to incorrect parsing of HTTP packets while performin...
CVE-2020-3428
A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to incorrect parsing of...
NetFortris Fonality Trixbox endpoint_devicemap.php Component OS Command Injection Vulnerability
NetFortris Fonality Trixbox is a suite of business telephony software from NetFortris USA. An operating system command injection vulnerability exists in the endpointdevicemap.php component in NetFortris Fonality Trixbox Community Edition versions 1.2.0 through 2.8.0.4, which can be exploited by a...
HDX session may stop responding and hang if endpoint device has unusable printer
Citrix HDX session may stop responding and hang if endpoint device has unusable printer...
CVE-2019-1977
A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure ACI mode could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an endpoint device in certain circumstances. The...
Fortinet FortiClient 6.2.x < 6.2.1 Missing Encryption Of Sensitive Data Vulnerability (macOS)
The version of Fortinet FortiClient Mac running on the remote host is prior to 6.2.1. It is, therefore, affected by a missing encryption of sensitive data vulnerability. An attacker can access VPN session cookie from an endpoint device running FortiClient. The attacker can steal the cookies only ...
Fortinet FortiClient 6.2.x < 6.2.1 Missing Encryption Of Sensitive Data Vulnerability
The version of Fortinet FortiClient running on the remote host is prior to 6.2.1. It is, therefore, affected by a missing encryption of sensitive data vulnerability. An attacker can access VPN session cookie from an endpoint device running FortiClient. The attacker can steal the cookies only if...
Multiple VPN applications insecurely store session cookies
The Missing Encryption Of Sensitive Data vulnerability in FortiClient may allow an attacker to access VPN session cookie from an endpoint device running FortiClient. The attacker can steal the cookies only if endpoint device has been compromised in such a way that the attacker has access to...