CVE-2024-26730 hwmon: (nct6775) Fix access to temperature configuration registers

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASA...

CVE-2024-26710

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines see link. To avoid overflows the stack size was...

UBUNTU-CVE-2024-26710

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines see link. To avoid overflows the stack size was...

CVE-2024-26710 powerpc/kasan: Limit KASAN thread size increase to 32KB

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines see link. To avoid overflows the stack size was...

CVE-2024-26710

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines see link. To avoid overflows the stack size was...

CVE-2024-26710 powerpc/kasan: Limit KASAN thread size increase to 32KB

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines see link. To avoid overflows the stack size was...

The vulnerability of Intel microprogramming software, related to synchronization errors when using shared resources, allows attackers to exploit their privileges.

The vulnerability of Intel microprogramming software is related to synchronization errors when using common resources. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the PMIx process management interface, related to synchronization errors when using a common resource, allows a perpetrator to gain access to confidential data.

The vulnerability of the PMIx process management interface is related to the execution of code from the library with UID 0. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data...

UBUNTU-CVE-2024-26659

In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes su...

CVE-2024-26684 net: stmmac: xgmac: fix handling of DPP safety error for DMA channels

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: xgmac: fix handling of DPP safety error for DMA channels Commit 56e58d6c8a56 "net: stmmac: Implement Safety Features in XGMAC core" checks and reports safety errors, but leaves the Data Path Parity Errors for each...

CVE-2024-26684 net: stmmac: xgmac: fix handling of DPP safety error for DMA channels

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: xgmac: fix handling of DPP safety error for DMA channels Commit 56e58d6c8a56 "net: stmmac: Implement Safety Features in XGMAC core" checks and reports safety errors, but leaves the Data Path Parity Errors for each...

CVE-2024-26659

The CVE-2024-26659 issue concerns the Linux kernel xHCI isochronous transfer handling. Affected component: xHCI driver handling isoc Transaction/ Babble errors in multi-TRB TDs. Root cause: the driver may release a TD after an early error, freeing or overwriting remaining TRBs, which obscures the...

CVE-2024-26659 xhci: handle isoc Babble and Buffer Overrun events properly

In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes su...

The vulnerability of the GPU driver for Mali-based processors, based on Arm, Bifrost, and Valhall architectures, allows a hacker to execute arbitrary code.

The vulnerability of the GPU driver for Mali-based processors based on Arm, Bifrost, and Valhall is related to synchronization errors when using shared resources. Exploiting this vulnerability allows an attacker to execute arbitrary code...

CVE-2024-26659

In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes su...

DEBIAN-CVE-2024-26653

In the Linux kernel, the following vulnerability has been resolved: usb: misc: ljca: Fix double free in error handling path When auxiliarydeviceadd returns error and then calls auxiliarydeviceuninit, callback function ljcaauxdevrelease calls kfreeauxdev-dev.platformdata to free the parameter data...

The vulnerability of the chmod() method in the Apache Doris backend storage and frontend request handler, related to synchronization errors when using shared resources, allows attackers to compromise the integrity of the protected information.

The vulnerability of the chmod method in the Apache Doris backend and frontend request handlers is related to synchronization errors when using shared resources. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...

The vulnerability of the RouterOS operating system in MikroTik routers, related to errors in processing input data, allows a hacker to cause a service failure.

The vulnerability of the RouterOS operating system for MikroTik lies in errors in processing input data. Exploiting this vulnerability allows a malicious actor to cause service failure by sending a specially crafted network packet...

ROS-20240401-01

Vulnerability of idedmacb function of QEMU hardware emulator is related to synchronization errors when processing the DRQSTAT parameter. Exploitation of the vulnerability could allow an attacker to gain access to read, modify, or delete data or cause a denial of service Vulnerability in the...

MGASA-2024-0102 Updated squid packages fix security vulnerabilities

Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squ...