CVE-2024-46767 net: phy: Fix missing of_node_put() for leds

In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix missing ofnodeput for leds The call of ofgetchildbyname will cause refcount incremented for leds, if it succeeds, it should call ofnodeput to decrease it, fix it...

CVE-2024-46767

Technical details about CVE-2024-46767 are not provided in the connected documents. Monitor for updates.

CVE-2024-46767 net: phy: Fix missing of_node_put() for leds

In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix missing ofnodeput for leds The call of ofgetchildbyname will cause refcount incremented for leds, if it succeeds, it should call ofnodeput to decrease it, fix it...

Mautic Sessions could be hijacked due to tracking contacts by an auto-incremented ID

Impact An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is possible to systematically emulate tracking cookies per contact due to tracking the contact by their auto-incremented ID. Thus, a third party can manipulate the cookie value with +1 to systematically assume being tracked as...

CVE-2014-9671

Off-by-one error in the pcfgetproperties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PCF file with a 0xffffffff size value that is improperly incremented...