UBUNTU-CVE-2024-49976

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Drop interfacelock in stopkthread stopkthread is the offline callback for "trace/osnoise:online", since commit 5bfbcd1ee57b "tracing/timerlat: Add interfacelock around clearing of kthread in stopkthread", the...

SUSE CVE-2024-46845

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Only clear timer if a kthread exists The timerlat tracer can use user space threads to check for osnoise and timer latency. If the program using this is killed via a SIGTERM, the threads are shutdown one at a ti...

DEBIAN-CVE-2024-46845

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Only clear timer if a kthread exists The timerlat tracer can use user space threads to check for osnoise and timer latency. If the program using this is killed via a SIGTERM, the threads are shutdown one at a ti...

UBUNTU-CVE-2024-46845

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Only clear timer if a kthread exists The timerlat tracer can use user space threads to check for osnoise and timer latency. If the program using this is killed via a SIGTERM, the threads are shutdown one at a ti...

SUSE CVE-2024-46788

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and stopthread code was not always called with the interfacelock held. This means that the kthread variable could be unexpectedly changed causing t...

UBUNTU-CVE-2024-46788

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and stopthread code was not always called with the interfacelock held. This means that the kthread variable could be unexpectedly changed causing t...

kernel: net/mlx5: E-Switch, pair only capable devices

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter based on lag capabilities. This fixes an issue where mlx5getnextphysdev was called without holding th...

kernel: net/mlx5: E-Switch, pair only capable devices

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter based on lag capabilities. This fixes an issue where mlx5getnextphysdev was called without holding th...

Mozilla Thunderbird < 102.8

The version of Thunderbird installed on the remote Windows host is prior to 102.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-07 advisory. - Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.7. Some of...

PT-2025-8267

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.18.0-rc7+ Description The issue is related to the Linux kernel, specifically with the mlx5 get next phys dev function, which was called without holding the interface lock. This problem was identified when a...

CVE-2017-12778

The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value of the config file at the C:\Users\Roaming\qBittorrent pathname. The attacker must change the...

PT-2019-7914 · Bittorrent +1 · Qbittorrent +1

Name of the Vulnerable Software and Affected Versions: qBittorrent version 3.3.15 Description: The issue concerns the UI Lock feature, which can be bypassed by tampering with the config file. An attacker can gain unauthorized access to qBittorrent functions by modifying the locked attribute withi...