CVE-2023-52700

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... 13.396352 RIP: 0010:copyfromiter+0xb4/0x550 ... 13.398494 Call Trace: 13.398630 13.398630 ? allocskb+0xed/0x1a...

CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...

CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...

CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...

CVE-2024-4775

CVE-2024-4775 affects Mozilla Firefox prior to 126. The issue is an missing iterator stop condition when handling WASM code in the built-in profiler, potentially causing invalid memory access and undefined behavior. Affected product: Firefox (pre-126). Root cause: incomplete iterator termination ...

CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...

CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...

DEBIAN-CVE-2024-27011

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...

CVE-2024-27012

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From abort path, nftmapelemactivate needs to restore refcounters to the original state. Currently, it uses the set-ops-walk to iterate over these set elements. The...

CVE-2024-27012 netfilter: nf_tables: restore set elements when delete set fails

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From abort path, nftmapelemactivate needs to restore refcounters to the original state. Currently, it uses the set-ops-walk to iterate over these set elements. The...

UBUNTU-CVE-2023-48183

QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...

PT-2024-13553 · Quickjs +2 · Quickjs +2

Name of the Vulnerable Software and Affected Versions: QuickJS versions prior to c4cdd61 Description: The issue is caused by a NULL pointer dereference due to an erroneous lexical scope of this with eval, leading to a build for in iterator error. Recommendations: For versions prior to c4cdd61,...

CVE-2023-48183

QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...

UBUNTU-CVE-2024-26844

In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING in copyfromiter Syzkaller reports a warning in copyfromiter because an ioviter is supposedly used in the wrong direction. The reason is that syzcaller managed to generate a request with a transfer direction of...

CVE-2024-26844

Linux kernel vulnerability CVE-2024-26844 was resolved by patching the block layer to address a harmful iov_iter direction issue. A Syzkaller warning reported that an iov_iter could be used in both directions due to a transfer direction SG_DXFER_TO_FROM_DEV, which would copy user buffers into the...

CVE-2024-26844 block: Fix WARNING in _copy_from_iter

In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING in copyfromiter Syzkaller reports a warning in copyfromiter because an ioviter is supposedly used in the wrong direction. The reason is that syzcaller managed to generate a request with a transfer direction of...

CVE-2024-26844 block: Fix WARNING in _copy_from_iter

In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING in copyfromiter Syzkaller reports a warning in copyfromiter because an ioviter is supposedly used in the wrong direction. The reason is that syzcaller managed to generate a request with a transfer direction of...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a security issue in netlink skbdatagramiter...

OESA-2024-1355 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Don't advance iterator after restart due to yielding After dropping mmulock in the TDP MMU, restart the iterator during tdpiternext and do not...

CVE-2021-47094

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Don't advance iterator after restart due to yielding After dropping mmulock in the TDP MMU, restart the iterator during tdpiternext and do not advance the iterator. Advancing the iterator results in skipping the...