114 matches found
UBUNTU-CVE-2024-50039
In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root qdisc Most qdiscs maintain their backlog using qdiscpktlenskb on the assumption it is invariant between the enqueue and dequeue handlers. Unfortunately syzbot can crash a host rather easily...
SUSE CVE-2024-46828
In the Linux kernel, the following vulnerability has been resolved: sched: schcake: fix bulk flow accounting logic for host fairness In schcake, we keep track of the count of active bulk flows per host, when running in dst/src host fairness mode, which is used as the round-robin weight when...
CVE-2024-46828
In the Linux kernel, the following vulnerability has been resolved: sched: schcake: fix bulk flow accounting logic for host fairness In schcake, we keep track of the count of active bulk flows per host, when running in dst/src host fairness mode, which is used as the round-robin weight when...
DEBIAN-CVE-2024-46828
In the Linux kernel, the following vulnerability has been resolved: sched: schcake: fix bulk flow accounting logic for host fairness In schcake, we keep track of the count of active bulk flows per host, when running in dst/src host fairness mode, which is used as the round-robin weight when...
CVE-2024-46828
In the Linux kernel, the following vulnerability has been resolved: sched: schcake: fix bulk flow accounting logic for host fairness In schcake, we keep track of the count of active bulk flows per host, when running in dst/src host fairness mode, which is used as the round-robin weight when...
UBUNTU-CVE-2024-46828
In the Linux kernel, the following vulnerability has been resolved: sched: schcake: fix bulk flow accounting logic for host fairness In schcake, we keep track of the count of active bulk flows per host, when running in dst/src host fairness mode, which is used as the round-robin weight when...
CVE-2024-46828 sched: sch_cake: fix bulk flow accounting logic for host fairness
In the Linux kernel, the following vulnerability has been resolved: sched: schcake: fix bulk flow accounting logic for host fairness In schcake, we keep track of the count of active bulk flows per host, when running in dst/src host fairness mode, which is used as the round-robin weight when...
CVE-2024-46828 sched: sch_cake: fix bulk flow accounting logic for host fairness
In the Linux kernel, the following vulnerability has been resolved: sched: schcake: fix bulk flow accounting logic for host fairness In schcake, we keep track of the count of active bulk flows per host, when running in dst/src host fairness mode, which is used as the round-robin weight when...
CVE-2024-46828
CVE-2024-46828 affects the Linux kernel schedulers, specifically the cake qdisc’s host-fairness logic. A hash-collision interaction could trigger an unintended decrement of per-host bulk-flow counters when a flow’s state changes, and when host fairness is enabled this could wrap a per-host counte...
Revert "sched/fair: Make sure to try to detach at least one movable task"
...
SUSE CVE-2024-42245
In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec changed the load balancing logic to ignore env.maxloop if all tasks examined to...
DEBIAN-CVE-2021-47209
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Prevent dead task groups from regaining cfsrq's Kevin is reporting crashes which point to a use-after-free of a cfsrq in updateblockedaverages. Initial debugging revealed that we've live cfsrq's onlist=1 in an about t...
Issue with Decimal Conversion in Shell Protocol
Lines of code Vulnerability details Impact The identified issue within the convertDecimals function in the Shell Protocol could lead to a loss of value due to decimal truncation during token conversions. This situation is particularly critical in the context of Shell Protocol's operations, which...
LLM Summary of My Book Beyond Fear
Claude Anthropics LLM was given this prompt: Please summarize the themes and arguments of Bruce Schneiers book Beyond Fear. Im particularly interested in a taxonomy of his ethical arguments--please expand on that. Then lay out the most salient criticisms of the book. Claudes reply: Heres a brief...
Unsecure and predictable random number generation in closeDraw.winningRandomNumber_()
Lines of code Vulnerability details Impact Unsecure and predictable random number generation in closeDraw.winningRandomNumber can lead to external influence by malicious attackers. Leading to undermining of the fairness and security and unpredictability of the draw function. Both the timestamp an...
The 'Nouns Fork' is considered unfair towards contributors, given they are not awarded any new tokens.
Lines of code Vulnerability details Impact The 'Nouns Fork' is considered unfair towards contributors, given they are not awarded any new tokens. Proof of Concept The Nouns Fork mechanism allows members of the minority in the Nouns DAO to exit to a new forked Nouns DAO, but the current approach m...
FRONT-RUNNING SUSCEPTIBILITY IN ADDBID()
Lines of code Vulnerability details Impact Auction.addBid is susceptible to front-running attacks. This vulnerability presents a significant risk as participants with adequate knowledge or skill could manipulate Ethereum transaction ordering to gain undue advantage, potentially compromising the...
Fairness should be denominated in mintedVotingPower rather than totalVotingPower
Lines of code Vulnerability details Impact Rage quitter receives too little. Proof of Concept The rage quitter receives a share votingPowerByTokenIdtokenId 1e18 / totalVotingPower of each token balance. However the sum of votingPowerByTokenIdtokenId over all tokenId, i.e. mintedVotingPower, may b...
Upgraded Q -> 2 from #345 [1678798679676]
Judge has assessed an item in Issue 345 as 2 risk. The relevant finding follows: Issue 2 - Undermining the fairness of the protocol in swapSource and possibilities for stealing a jackpot --- The text was updated successfully, but these errors were encountered: All reactions...
If random number is too low, the lottery not completely random
Summary Random numbers below a certain limit will always return at least one rightmost bit, while numbers above this limit will return random bits. Explanation: 1. The winning ticket is generated based on an array of numbers generated by module randomNumber to selectionMax-n.:...