UBUNTU-CVE-2024-42239

In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpftimercancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpftimercanceltimer2; bpftimercanceltimer1; Both bpftimercancel calls would wait for the other callback to finish executing,...

The vulnerability of the IOCTL Handler components in the zam64.sys and zamguard64.sys drivers of the Zemana AntiLogger software allows a hacker to induce a service failure.

The vulnerability of the IOCTL Handler component of the zam64.sys and zamguard64.sys drivers in the Zemana AntiLogger software is related to improper checking of ownership of critical resources. Exploiting this vulnerability allows an attacker to cause a service failure by executing the IOCTL...

CVE-2024-41093 drm/amdgpu: avoid using null object of framebuffer

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state-fb-obj0 directly, get object from framebuffer by calling drmgemfbgetobj and return error code when object is null to avoid using null object of framebuffer...

CVE-2024-41085

CVE-2024-41085 concerns the Linux kernel CXL memory region probing. The bug was a NULL pointer dereference when auto-assembling a pmem region during endpoint port probing because cxl_nvd (NVDIMM) was not yet registered. The fix changes the probe sequence so the cxl_nvd is available before or duri...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that if a requested function is not set in the kernel configuration, it currently fails silently an...

DEBIAN-CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

SUSE CVE-2024-40919

In the Linux kernel, the following vulnerability has been resolved: bnxten: Adjust logging of firmware messages in case of released token in hwrmsend In case of token is released due to token-state == BNXTHWRMDEFERRED, released token set to NULL is used in log messages. This issue is expected to ...

Upgrade from StoreFront 2.1 to 2.5 Fails

Upgrade from StoreFront 2.1 to 2.5 fails. Event log reported the following error: CitrixStoreFront-x64.msi' failed with error code 1603. Fatal error during installation. StoreFront log from the installation reported the following error: Remove-DSFeatureInstance: Error Access to the path...

Error “The system cannot find the specified file. Error number 0xE0000002” Occurs When Merging vDisk Versions Fails

Merging vDisk versions fails and displays the following error: "The system cannot find the specified file. Error number 0xE0000002." Running mcli run mergedisk –p disklocatorid base=1 displays success on execution, however merged disk doesnot come up on console or store. Management Daemon logs...

Error 1603 Occurs When Installing Hotfix Rollup Pack 2 on XenApp 6.0

Error 1603 occurs when installing Hotfix Rollup Pack2 on XenApp 6.0. Troubleshooting Methodology The Technical Support Engineer completedthefollowing steps to resolve the issue: Enabled msi logging and attempted the hotfix rollup pack install again. Error 1603 occurred. Examined the msi logs; the...

IMA Fails to Start with Error Code 2147483649

The IMA Service might sometimes fail with error code 2147483649. Failed to load plugins imapsss.dll, imaruntimess.dll, 80000001h...

Blue Screen with Error Code 0x0000007B When Booting a Target from a vDisk Using Target Device Software 6.x or 7.x

When booting a Target from a vDisk using Target Device Software 6.x or 7.x, you might get a Blue Screen with error code 0x0000007B and the following error description: “ERROR: SOCKET…” The error description will contain additional values as shown in the following screen shot:...

Provisioning Services Cannot Connect to SQL Express

During setup using the Provisioning Services Configuration Wizard, connecting to a Microsoft SQL Express instance installed on another machine fails with the error “Invalid Server”. The specific error code is either “error: 26” or “error: 28”;A network-related or instance-specific error occurred...

CVE-2024-40939

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail In case of region creation fail in ipcdevlinkcreateregion, previously created regions delete process starts from tainted pointer which actually holds err...

CVE-2024-40992

CVE-2024-40992 concerns the Linux kernel RDMA/rxe stack. The root cause was an incorrect resilience check for UD QP receive data: a deferred responder length check in the function copy_data (via commit 689c5421bfe0) could trigger an oversized UD packet to fail with -EINVAL, causing send_data_in t...

CVE-2024-40939

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail In case of region creation fail in ipcdevlinkcreateregion, previously created regions delete process starts from tainted pointer which actually holds err...

CVE-2024-36281

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use mlx5ipsecrxstatusdestroy to correctly delete status rules rxcreate no longer allocates a modifyhdr instance that needs to be cleaned up. The mlx5modifyheaderdealloc call will lead to a NULL pointer dereference. A le...

RHEL 7 : gstreamer-plugins-good (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer-plugins-good: Heap corruption in matroska demuxing CVE-2021-3498 - GStreamer before 1.18.4 migh...

CVE-2021-47496

The CVE relates to the Linux kernel net/tls implementation: tls_err_abort() sign handling was flipped, causing sk->sk_err to be used with a positive value and leading to memory corruption in downstream code (e.g., tls_sw_do_sendpage and splice_from_pipe_feed). The root cause is inconsistent ne...

CVE-2021-47496 net/tls: Fix flipped sign in tls_err_abort() calls

In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tlserrabort calls sk-skerr appears to expect a positive value, a convention that ktls doesn't always follow and that leads to memory corruption in other code. For instance, kworker tlsencryptdone...,...