SUSE CVE-2023-52657

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This causes hangs on SI when DC is enabled and errors on driver reboot and power off cycles...

ROS-20240521-10

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. Attackers exploit the vulnerability to cause kernel errors...

ROS-20240521-09

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. Attackers exploit the vulnerability to cause kernel errors...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. Attackers exploit the vulnerability to cause kernel errors...

ROS-20240521-11

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

CVE-2024-35994

A vulnerability was found in the Qualcomm firmware driver qcomqseecomuefisecapp in the Linux kernel. It arises from incorrect memory allocation for request and response buffers in the QSEECOM APPSEND command. The driver expects both buffers to be in a single memory region, but they are allocated...

CVE-2024-35994

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...

DEBIAN-CVE-2024-35994

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...

CVE-2024-36007

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks all the filters with the same priority in t...

CVE-2024-35994 firmware: qcom: uefisecapp: Fix memory related IO errors and crashes

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...

CVE-2024-35994 firmware: qcom: uefisecapp: Fix memory related IO errors and crashes

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...

CVE-2024-35994

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...

CVE-2024-35994

CVE-2024-35994 (Linux kernel, qcom uefisecapp): The vulnerability stems from memory handling in QSEECOM app calls where APP_SEND buffers for request and response were treated as separate regions. The root cause was two consecutive kzalloc() allocations that could yield adjacent memory, causing un...

CVE-2024-35994 firmware: qcom: uefisecapp: Fix memory related IO errors and crashes

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...

The vulnerability of the Zabbix Workstation universal monitoring system, related to errors in processing input data, allows a intruder to execute arbitrary code.

The vulnerability of the Zabbix Workstation universal monitoring system is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing a specially crafted SQL query remotely...

The vulnerability of the PowerScale OneFS operating system, related to access control errors, allows attackers to escalate their privileges.

The vulnerability of the PowerScale OneFS operating system is related to access control errors. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Windows RRAS operating system’s routing and remote access service, related to numerical truncation errors, allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to numerical truncation errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to execute arbitrary code.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to numerical truncation errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...