AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2024:6964)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6964 advisory. QEMU: virtio: DMA reentrancy issue leads to double free vulnerability CVE-2024-3446 QEMU: Denial of Service via Improper Synchronization in QEMU NBD Serve...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2024:2983-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2983-1 advisory. - CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command bsc1227322 -...

OESA-2024-1991 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as t...

SUSE CVE-2024-7409

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

The vulnerability of the mld_newpack() function in the IPv6 kernel implementation of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the mldnewpack function in the net/ipv6/mcast.c module of the Linux operating system’s IPv6 kernel implementation is related to improper synchronization. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the sync_print_obj() function in the dma-buf driver of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the syncprintobj function in the drivers/dma-buf/syncdebug.c file of the Linux kernel’s DMA-buf driver is related to the use of incorrect synchronization functions. Exploiting this vulnerability could allow an attacker to cause a service failure...

DEBIAN-CVE-2024-7409

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

CVE-2024-7409 Qemu: denial of service via improper synchronization in qemu nbd server during socket closure

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

CVE-2024-7409 Qemu: denial of service via improper synchronization in qemu nbd server during socket closure

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

CVE-2024-7409

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

Apache Answer Race Condition vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...

GHSA-9Q24-HWMC-797X Apache Answer Race Condition vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...

CVE-2024-26578

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...

Race condition

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...

CVE-2024-26578 Apache Answer: Repeated submission at registration created duplicate users with the same name

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...

The vulnerability of the Software Update component in the macOS operating system allows a hacker to elevate their privileges to root level.

The vulnerability of the Software Update component in the macOS operating system arises from the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Synchronization in Grafana (CVE-2023-2801)

Summary Grafana is used by IBM Storage Ceph as a monitoring dashboard. CVE-2023-2801 This bulletin identifies the steps to take to address the vulnerability in Grafana. Vulnerability Details CVEID:CVE-2023-2801 DESCRIPTION: Grafana is vulnerable to a denial of service, caused by a proxy race...

CVE-2024-21601

A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the Flow-processing Daemon flowd of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. On SRX Series devices when t...

Race condition

A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the Flow-processing Daemon flowd of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. On SRX Series devices when t...

CVE-2024-21601

CVE-2024-21601 affects Juniper Networks Junos OS on SRX Series. A race condition in the Flow-processing Daemon (flowd) occurs when two threads simultaneously process the queue used for TCP events, causing flowd to crash. This allows an unauthenticated, network-based attacker to trigger a Denial-o...