UBUNTU-CVE-2024-56657

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56657 ALSA: control: Avoid WARN() for symlink errors

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56657

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56657 ALSA: control: Avoid WARN() for symlink errors

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56657

CVE-2024-56657 relates to the Linux kernel ALSA: control path where WARN() was used for symlink creation errors. The fix downgrades these warnings to dev_err() and adds the function name to the prefix to reduce confusion (notably for fuzzers). This is a patch-level remediation described in Azure ...

CVE-2024-56647 net: Fix icmp host relookup triggering ip_rt_bug

In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering iprtbug arp link failure may trigger iprtbug while xfrm enabled, call trace is: WARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 iprtbug+0x14/0x20 Modules linked in: CPU: 0 UID: 0 PID: 0 Comm...

DEBIAN-CVE-2024-56540

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...

DEBIAN-CVE-2024-53220

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to account dirty data in getsecsrequired It will trigger system panic w/ testcase in 1: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2752! RIP: 0010:newcurseg+0xc81/0x2110 Call Trace:...

CVE-2024-53196 KVM: arm64: Don't retire aborted MMIO instruction

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Don't retire aborted MMIO instruction Returning an abort to the guest for an unsupported MMIO access is a documented feature of the KVM UAPI. Nevertheless, it's clear that this plumbing has seen limited testing, since...

CVE-2024-53165 sh: intc: Fix use-after-free bug in register_intc_controller()

In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in registerintccontroller In the error handling for this function, d is freed without ever removing it from intclist which would lead to a use after free. To fix this, let's only add it to the lis...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from multiple issues in the bpfmsgpopdata function in the bpf module, which could lead to memory errors...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from multiple issues in the bpfmsgpopdata function in the bpf module, which could lead to memory errors...

PT-2024-28651 · Ibm · Ibm Engineering Lifecycle Optimization - Engineering Insights

Name of the Vulnerable Software and Affected Versions: IBM Engineering Lifecycle Optimization - Engineering Insights versions 7.0.2 and 7.0.3 Description: The issue allows a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...

Medium: jetty

Issue Overview: There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the...

IBM MQ Appliance 安全漏洞

IBM MQ Appliance is a pre-installed IBM MQ software on specialized, secure hardware from International Business Machines IBM. A security vulnerability exists in IBM MQ Appliance versions 9.3 LTS, 9.3 CD, and 9.4 LTS, which stems from a Web console that could allow a remote attacker to gain access...

PT-2024-33695 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager versions 4.1, 4.1.1, 4.2.0, and 4.2.1 Description: The issue allows a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...

CentOS 9 : kernel-5.14.0-542.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-542.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: nfsd: cancel nfsdshrinkerwork using sync mode in nfs4stateshutdownn...

Lenovo Filez 安全漏洞

Lenovo Filez is an enterprise web drive from the Chinese company Lenovo Lenovo. A security vulnerability exists in Lenovo Filez, which stems from incorrect parsing and could allow a carefully constructed file to read arbitrary files on a device via URL preloading...

PT-2024-41186 · Ооо 'Датэкс Софтвер' · E-Staff

Уязвимость системы автоматизации рекрутинговых процессов E-Staff связана с ошибками фильтрации данных при получении информации об объекте. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемой информации...

Low: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.1 Bug Fix Update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.17.1 on Red Hat Enterprise Linux 9 from Red Hat Container Registry. Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation...