ACPI: PAD: fix crash in exit_round_robin()

...

PwnDoc 输入验证错误漏洞

PwnDoc is a penetration test report generator from the PwnDoc open source. An input validation error vulnerability exists in PwnDoc 0.5.3 and earlier versions, which stems from the fact that an authenticated user can crash the backend by raising an UnhandledPromiseRejection on an audit on the exi...

kernel: cpufreq: amd-pstate: fix memory leak on CPU EPP exit

In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc in amdpstateeppcpuinit is not freed in the analogous exit function, so fix that. rjw: Subject and changelog edits...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 128.5 fixed: IMAP could crash when reading cached messages fixed: Enabling "Show Folder Size" on Maildir profile could render Thunderbird unusable fixed: Messages corrupted by folder compaction were only fixed by...

SUSE CVE-2024-11698

A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click...

UBUNTU-CVE-2024-11698

A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click...

kernel: userfaultfd: fix a race between writeprotect and exit_mmap()

A possible race condition flaw was found in the Linux kernel. When a process exits, its virtual memory areas VMAs are removed by exitmmap, and at the same time, userfaultfdwriteprotect is called...

The vulnerability of the Ivanti Avalanche device management system, related to executing a loop with an unavailable exit condition, allows a intruder to trigger a service failure.

The vulnerability of the Ivanti Avalanche device management system lies in the execution of a cycle with an unavailable exit condition. Exploiting this vulnerability allows a remote attacker to cause a service failure...

The vulnerability of the Ivanti Avalanche device management system, related to executing a loop with an unavailable exit condition, allows a intruder to trigger a service failure.

The vulnerability of the Ivanti Avalanche device management system lies in the execution of a cycle with an unavailable exit condition. Exploiting this vulnerability allows a remote attacker to cause a service failure...

The vulnerability of the Ivanti Avalanche device management system, related to executing a loop with an unavailable exit condition, allows a intruder to trigger a service failure.

The vulnerability of the Ivanti Avalanche device management system lies in the execution of a cycle with an unavailable exit condition. Exploiting this vulnerability allows a remote attacker to cause a service failure...

The vulnerability of the powerpc/64s/interrupt components in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the powerpc/64s/interrupt components in the Linux operating system’s kernel is related to errors in resource management in the exitmustharddisable function. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the nf_tables component in the Linux operating system’s kernel allows a hacker to increase their privileges within the system.

The vulnerability of the nftables component in the Linux operating system’s kernel is related to memory-related errors that occur after the release of resources in the nftablesmoduleexit function. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

The vulnerabilities of AsoC components in the Linux operating system’s kernel allow attackers to trigger service failures.

The vulnerability of the AsoC components in the Linux operating system’s kernel is related to improper input validation in the sofsdwRtsdcajackexit function. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-52919

Bitcoin Core before 22.0 has a CAddrMan nIdCount integer overflow and resultant assertion failure and daemon exit via a flood of addr messages...

CVE-2024-52919

Bitcoin Core before 22.0 contains a CAddrMan nIdCount integer overflow triggered by a flood of addr messages, causing an assertion failure and daemon exit. Affected component: CAddrMan in Bitcoin Core. Impact is a crash/daemon restart; exploitation status not detailed in provided docs. Remediatio...

The vulnerability of the dm snapshot component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the dm snapshot component in the Linux operating system’s kernel is related to improper locking of resources in the dmexceptiontableexit function. Exploiting this vulnerability can allow an attacker to cause a service failure...

s2n-tls has undefined behavior at process exit

Impact s2n-tls uses the Linux atexit function to register functions that clean up the global state when the process exits. In multi-threaded environments, the atexit handler may clean up state which is still in use by other threads. When this occurs, the exiting process may experience a...

kernel: dm snapshot: fix lockup in dm_exception_table_exit

In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fix lockup in dmexceptiontableexit The Linux kernel CVE team has assigned CVE-2024-35805 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051739-CVE-2024-35805-179f@gregkh/T...

kernel: perf: Fix event leak upon exit

A logical flaw exists in the Linux kernel. When a task is scheduled, pending sigtrap deliveries are deferred to the target task upon resuming to userspace via taskwork. However, failures are ignored while adding an event's callback to the taskwork engine. Since the last call for the event exit...

kernel: smb: client: fix potential UAF in cifs_dump_full_key()

A use-after-free flaw was found in the Linux kernel in the smb client cifsdumpfullkey when exiting a session. This flaw allows a local attacker to crash the system...