212 matches found
PT-2025-53659
Name of the Vulnerable Software and Affected Versions GnuPG versions prior to 2.4.9 GnuPG versions 2.2.51 and earlier Description The issue resides in the armor filter function within the g10/armor.c file. A flaw exists due to two increments of an index variable where only one is intended. This...
Security update for avahi
This update for avahi fixes the following issues: CVE-2024-52616: sequential increment of DNS transaction IDs allows DNS spoofing. bsc1233420 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
DEBIAN-CVE-2024-22117
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding...
DEBIAN-CVE-2024-50279
In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing dm-cache checks the dirty bits of the cache blocks to be dropped when shrinking the fast device, but an index bug in bitset iteration causes out-of-bounds acces...
UBUNTU-CVE-2024-50279
In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing dm-cache checks the dirty bits of the cache blocks to be dropped when shrinking the fast device, but an index bug in bitset iteration causes out-of-bounds acces...
CVE-2024-52946
An issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise their authentication level if the admin configured an "Adaptative authentication rule" with an increment instead of an absolute value...
DEBIAN-CVE-2024-52946
An issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise their authentication level if the admin configured an "Adaptative authentication rule" with an increment instead of an absolute value...
UBUNTU-CVE-2024-52946
An issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise their authentication level if the admin configured an "Adaptative authentication rule" with an increment instead of an absolute value...
DEBIAN-CVE-2022-48976
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...
AZL-51327 CVE-2022-48976 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...
sched/smt: Fix unbalance sched_smt_present dec/inc
...
SUSE CVE-2024-44965
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...
CVE-2024-44958
In the Linux kernel, the following vulnerability has been resolved: sched/smt: Fix unbalance schedsmtpresent dec/inc I got the following warn report while doing stress test: jump label: negative count! WARNING: CPU: 3 PID: 38 at kernel/jumplabel.c:263 statickeyslowtrydec+0x9d/0xb0 Call Trace:...
CVE-2024-44965
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...
SUSE CVE-2022-48725
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix refcounting leak in siwcreateqp The atomicinc needs to be paired with an atomicdec on the error path...
UBUNTU-CVE-2022-48725
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix refcounting leak in siwcreateqp The atomicinc needs to be paired with an atomicdec on the error path...
kernel: net: bridge: data races indata-races in br_handle_frame_finish()
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC syzbot/KCSAN reported data-races in brhandleframefinish 1 This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEVSTATSINC to update dev-stats fields. Handles updates to...
kernel: net: bridge: data races indata-races in br_handle_frame_finish()
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC syzbot/KCSAN reported data-races in brhandleframefinish 1 This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEVSTATSINC to update dev-stats fields. Handles updates to...
CVE-2024-27006
In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Add missing count increment to thermaldebugtztripup The count field in struct tripstats, representing the number of times the zone temperature was above the trip point, needs to be incremented in...
CVE-2024-27006
In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Add missing count increment to thermaldebugtztripup The count field in struct tripstats, representing the number of times the zone temperature was above the trip point, needs to be incremented in...