DEBIAN-CVE-2024-56540

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...

DEBIAN-CVE-2024-53220

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to account dirty data in getsecsrequired It will trigger system panic w/ testcase in 1: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2752! RIP: 0010:newcurseg+0xc81/0x2110 Call Trace:...

CVE-2024-53196 KVM: arm64: Don't retire aborted MMIO instruction

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Don't retire aborted MMIO instruction Returning an abort to the guest for an unsupported MMIO access is a documented feature of the KVM UAPI. Nevertheless, it's clear that this plumbing has seen limited testing, since...

CVE-2024-53165 sh: intc: Fix use-after-free bug in register_intc_controller()

In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in registerintccontroller In the error handling for this function, d is freed without ever removing it from intclist which would lead to a use after free. To fix this, let's only add it to the lis...

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models allows a hacker to trigger a service failure. This vulnerability is related to errors in pointer assignment.

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models is related to pointer assignment errors. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the Webmin CGI request handler allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the Webmin CGI request handler relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with root privileges remotely...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to pointer naming errors, allows attackers to trigger a service failure.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from multiple issues in the bpfmsgpopdata function in the bpf module, which could lead to memory errors...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from multiple issues in the bpfmsgpopdata function in the bpf module, which could lead to memory errors...

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to pointer assignment errors allows a perpetrator to trigger a service failure.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling of systems and processes is linked to errors in the assignment of pointers during the processing of WRL files. Exploiting...

The vulnerability of the NuGet package management system, related to synchronization errors when using a shared resource, allows a hacker to execute arbitrary code.

The vulnerability of the NuGet package management system is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker operating remotely to execute arbitrary code...

PT-2024-28651 · Ibm · Ibm Engineering Lifecycle Optimization - Engineering Insights

Name of the Vulnerable Software and Affected Versions: IBM Engineering Lifecycle Optimization - Engineering Insights versions 7.0.2 and 7.0.3 Description: The issue allows a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...

The vulnerability of the io-wq component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the io-wq component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Apache Tomcat application server, related to synchronization errors when using shared resources, allows attackers to execute arbitrary code.

The vulnerability of the Apache Tomcat application server is related to synchronization errors when using a shared resource, due to the lack of consideration for registrations in the file system during the writing of servlets. Exploiting this vulnerability allows an attacker operating remotely to...

The vulnerability of the Linux operating system’s kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel component is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the backup and data restoration plugins on Acronis Backup software for computers and servers targets programming environments such as cPanel & WHM, Plesk, and DirectAdmin, running on Linux operating systems. This vulnerability allows attackers to gain increased privileges.

The vulnerability of the backup and data restoration plugins on Acronis Backup software for computers and servers, as well as for cPanel & WHM, Plesk, and DirectAdmin operating systems on Linux, is related to errors in link processing. Exploiting this vulnerability allows a malicious actor to...

The vulnerability of the dm component in the Linux operating system’s kernel allows a hacker to gain elevated privileges within the system.

The vulnerability of the dm component of the Linux operating system’s kernel is related to memory errors that occur after the release of memory in the rebalancechildren function. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code and gain full control over the system.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and gain full control over the system...

The vulnerability of the Adobe Substance 3D Modeler software for 3D modeling lies in pointer assignment errors, which can allow attackers to trigger a service failure.

The vulnerability of the Adobe Substance 3D Modeler software for 3D modeling is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...