DEBIAN-CVE-2019-25219

Asio C++ Library before 1.13.0 lacks a fallback error code in the case of SSLERRORSYSCALL with no associated error information from the SSL library being used...

CVE-2019-25219

Asio C++ Library before 1.13.0 lacks a fallback error code in the case of SSLERRORSYSCALL with no associated error information from the SSL library being used...

PT-2024-10750 · Unknown · Asio C++ Library

Name of the Vulnerable Software and Affected Versions: Asio C++ Library versions prior to 1.13.0 Description: The issue is related to a lack of a fallback error code in the case of SSL ERROR SYSCALL with no associated error information from the SSL library being used. This is a high-severity...

CVE-2019-25219

CVE-2019-25219 affects the Asio C++ Library (asio) before 1.13.0. The root cause is the absence of a fallback error code when SSL_ERROR_SYSCALL occurs with no associated error information from the SSL library, potentially impacting error handling. Public references in connected docs confirm affec...

DEBIAN-CVE-2024-49927

In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irqpinlist -1,0,20 Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can...

kernel: mptcp: ensure snd_una is properly initialized on connect

A vulnerability was found in the Linux kernel's match component in the initialization of the snduna variable while establishing a connection. The issue arises when retransmission occurs after a fallback, leaving the snduna sequence number uninitialized, leading to unpredictable behavior and...

kernel: mptcp: ensure snd_una is properly initialized on connect

A vulnerability was found in the Linux kernel's match component in the initialization of the snduna variable while establishing a connection. The issue arises when retransmission occurs after a fallback, leaving the snduna sequence number uninitialized, leading to unpredictable behavior and...

VulnCheck KEV: CVE-2022-0653

The Profile Builder – User Profile & User Registration Forms WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the siteurl parameter found in the /assets/misc/fallback-page.php file which allows attackers to inject arbitrary web scripts onto...

CVE-2024-45022

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix page mapping if vmareaallocpages with high order fallback to order 0 The vmappagesrangenoflush assumes its argument pages contains pages with the same page shift. However, since commit e9c3cda4d86e "mm, vmalloc: f...

AZL-49218 CVE-2024-45022 affecting package kernel for versions less than 6.6.51.1-1

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix page mapping if vmareaallocpages with high order fallback to order 0 The vmappagesrangenoflush assumes its argument pages contains pages with the same page shift. However, since commit e9c3cda4d86e "mm, vmalloc: f...

DEBIAN-CVE-2024-45022

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix page mapping if vmareaallocpages with high order fallback to order 0 The vmappagesrangenoflush assumes its argument pages contains pages with the same page shift. However, since commit e9c3cda4d86e "mm, vmalloc: f...

CVE-2024-45022 mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix page mapping if vmareaallocpages with high order fallback to order 0 The vmappagesrangenoflush assumes its argument pages contains pages with the same page shift. However, since commit e9c3cda4d86e "mm, vmalloc: f...

Incorrect context paths included in the fallback URL still pass you to the login form when enable-authentication-fallback is enabled.

h3. Issue Summary When using an incorrect fallback URL to bypass SAML, you are still passed to the login form. This can be reproduced using a context path in the URL when no context path is set in the server.xml or by using a misspelled/wrong context path when one is set. This is reproducible on...

GO-2022-1200 Elrond-GO processing: fallback search of SCRs when not found in the main cache in github.com/ElrondNetwork/elrond-go

Elrond-GO processing: fallback search of SCRs when not found in the main cache in github.com/ElrondNetwork/elrond-go...

kernel: igb: Fix string truncation warnings in igb_set_fw_version

In the Linux kernel, the following vulnerability has been resolved: igb: Fix string truncation warnings in igbsetfwversion Commit 1978d3ead82c "intel: fix string truncation warnings" fixes '-Wformat-truncation=' warnings in igbmain.c by using kasprintf...

PT-2024-33857

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel's identity mapping, where the use of GB pages can lead to the inclusion of large ranges of addresses not actually requested, including areas marked...

UBUNTU-CVE-2024-3219

There is a MEDIUM severity vulnerability affecting CPython. The “socket” module provides a pure-Python fallback to the socket.socketpair function for platforms that don’t support AFUNIX, such as Windows. This pure-Python implementation uses AFINET or AFINET6 to create a local connected pair of...

SUSE CVE-2022-48780

In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. But if the fallback happens more than once, then the copies of these callback...

CVE-2022-48780

In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. But if the fallback happens more than once, then the copies of these callback...

CVE-2024-40931

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snduna is properly initialized on connect This is strictly related to commit fb7a0d334894 "mptcp: ensure sndnxt is properly initialized on connect". It turns out that syzkaller can trigger the retransmit after...