CVE-2024-44991 tcp: prevent concurrent execution of tcp_sk_exit_batch

In the Linux kernel, the following vulnerability has been resolved: tcp: prevent concurrent execution of tcpskexitbatch Its possible that two threads call tcpskexitbatch concurrently, once from the cleanupnet workqueue, once from a task that failed to clone a new netns. In the latter case, error...

kernel: userfaultfd: fix a race between writeprotect and exit_mmap()

A possible race condition flaw was found in the Linux kernel. When a process exits, its virtual memory areas VMAs are removed by exitmmap, and at the same time, userfaultfdwriteprotect is called...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible concurrent execution of the tcpskexitbatch function of the tcp component...

ROS-20240904-07

A vulnerability in the Python programming language interpreter CPython is related to a loop with an unreachable exit condition. exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

UBUNTU-CVE-2024-44938

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2 returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop directly when negative shif...

SUSE CVE-2022-48935

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...

CVE-2022-48935

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...

DEBIAN-CVE-2022-48935

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...

CVE-2022-48935

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...

CVE-2022-48935

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nftablesflowtabledestroy otherwise hook core reports UAF. BUG: KASAN: use-after-free in...

SUSE CVE-2024-43870

In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via taskwork. However failures while adding an event's callback to the taskwork engi...

CVE-2023-52914

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...

CVE-2023-52914

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...

DEBIAN-CVE-2023-52914

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...

UBUNTU-CVE-2023-52914

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...

CVE-2023-52914 io_uring/poll: add hash if ready poll request can't complete inline

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: add hash if ready poll request can't complete inline If we don't, then we may lose access to it completely, leading to a request leak. This will eventually stall the ring exit process as well...

CVE-2023-52903 io_uring: lock overflowing for IOPOLL

In the Linux kernel, the following vulnerability has been resolved: iouring: lock overflowing for IOPOLL syzbot reports an issue with overflow filling for IOPOLL: WARNING: CPU: 0 PID: 28 at iouring/iouring.c:734 iocqringeventoverflow+0x1c0/0x230 iouring/iouring.c:734 CPU: 0 PID: 28 Comm:...

DEBIAN-CVE-2024-43870

In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via taskwork. However failures while adding an event's callback to the taskwork engi...

CVE-2024-43870

In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via taskwork. However failures while adding an event's callback to the taskwork engi...

PT-2024-37907 · WordPress · Wp Multitasking

Name of the Vulnerable Software and Affected Versions: WP MultiTasking WordPress plugin versions 0.1.12 and earlier Description: The issue is related to a lack of CSRF check when updating exit popups, which could allow attackers to make logged admins perform such actions via a CSRF attack. This...