152 matches found
CVE-2024-38390
CVE-2024-38390 affects the Linux kernel DRM/MSM a6xx path. The vulnerability arises when speedbin setting fails, causing a null pointer dereference during cleanup if msm_gpu_init() did not complete (gpu->pdev is only assigned in a6xx_gpu_init -> adreno_gpu_init -> msm_gpu_init). The cano...
CVE-2024-36975
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1encodesequence fails, WARN is not the correct solution. 1. asn1encodesequence is not an internal function located in lib/asn1encode.c. 2. Location is known, which makes th...
CVE-2024-36975 KEYS: trusted: Do not use WARN when encode fails
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1encodesequence fails, WARN is not the correct solution. 1. asn1encodesequence is not an internal function located in lib/asn1encode.c. 2. Location is known, which makes th...
CVE-2024-36975 KEYS: trusted: Do not use WARN when encode fails
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1encodesequence fails, WARN is not the correct solution. 1. asn1encodesequence is not an internal function located in lib/asn1encode.c. 2. Location is known, which makes th...
Report Generation Fails with "lookup prometheus-server-exp: no such host"
Challenge After enabling Veeam Kasten for Kubernetes reports, reports are not generated. When running an on-demand report policy, the following error message is observed within the executor logs: "message":"Post "http://prometheus-server-exp:80/k10/prometheus/api/v1/query": dial tcp: lookup...
Backup fails with "Invalid argument Asynchronous request operation has failed. Failed to open storage for read/write access"
Challenge When attempting to write a restore point VBK or VIB to a Linux repository with a 4k logical block size, the task fails with the error: Invalid argument Asynchronous request operation has failed. Failed to open storage for read/write access Cause This error occurs when the storage device...
CVE-2024-26704
In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents movedlen In ext4moveextents, movedlen is only updated when all moves are successfully executed, and only discards originode and donorinode preallocations when movedlen is not...
BIT-TENSORFLOW-2022-23569 `CHECK`-fails when building invalid tensor shapes in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...
DEBIAN-CVE-2021-46985
In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpidevicesetname' fails, we must free 'acpidevicebusid-busid' or there is a potential memory leak...
CVE-2020-36782 i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
In the Linux kernel, the following vulnerability has been resolved: i2c: imx-lpi2c: fix reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented on return in lpi2cimxmasterenable. However, pmruntimegetsync will increment the PM reference count even faile...
On the Insecurity of Software Bloat
Good essay on software bloat and the insecurities it causes. The world ships too much code, most of it by third parties, sometimes unintended, most of it uninspected. Because of this, there is a huge attack surface full of mediocre code. Efforts are ongoing to improve the quality of code itself,...
Veeam Backup for Microsoft 365 Updater Fails With: "Error opening installation log file."
Challenge For Veeam Backup for Microsoft 365 deployments from AWS Marketplace or Microsoft Marketplace, when attempting to install discovered updates or when the auto-updater attempts to update Veeam Backup for Microsoft 365, the update process fails with the error: Error opening installation log...
CVE-2023-41100
An issue was discovered in the hcaptcha aka hCaptcha for EXT:form extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check...
VDA 2203 - There is no Citrix SSL server configured on the specified address
After installation of Virtual Apps and Desktops VDA 2203 version via an existing install script used for older VDA versions, the SSL VDA connection fails with error "There is no Citrix SSL server configured on the specified address". Uninstalling and reinstalling does not resolve the issue...
Description of the security update for Microsoft Exchange Server 2019 and 2016: August 8, 2023 (KB5029388)
Description of the security update for Microsoft Exchange Server 2019 and 2016: August 8, 2023 KB5029388 Notice We have re-released the Exchange Server 2019 and 2016 August 8, 2023, security update SU to address the localization issue that caused installations on non-English operating systems OS ...
postgresql-server -- MERGE fails to enforce UPDATE or SELECT row security policies
PostgreSQL Project reports PostgreSQL 15 introduced the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some row that INSERT policies do not forbid, a user could store such rows. Subsequent consequences...
CVE-2023-3615 Lack of server certificate validation in websockets connection
Mattermost iOS app fails to properly validate the server certificate while initializing the TLS connection allowing a network attacker to intercept the WebSockets connection...
kernel: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
A flaw was found in the nvme module in the Linux kernel. A NULL pointer dereference can be triggered due to improper error management when the blkmqinitqueue function fails to set up the queue, resulting in a denial of service...
After Upgrade to Veeam Backup & Replication 12, Storage Rescan of IBM HyperSwap Volume Fails
Challenge After upgrading to Veeam Backup & Replication 12, Storage Rescan fails with: Failed to update information about IBM HyperSwap volumes. Please ensure that volumes on both sides of IBM HyperSwap relationships are included in the rescan scope in the storage properties. See KB4380 for...
Veeam Kubernetes Service Fails to Start - Error 1064
Article Applicability The service start 'Error 1064' can occur for other reasons, and this article documents an issue that only happened with the Kasten K10 plug-in versions before 12.0.1.4. Review the cause section carefully to identify if this article is related. Challenge When the short date...