4326 matches found
WordPress Secure Copy Content Protection and Content Locking Plugin <= 4.2.3 is vulnerable to Cross Site Scripting (XSS)
Software Secure Copy Content Protection and Content Locking Type Plugin Vulnerable versions = 4.2.3 Fixed in 4.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47306 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fc78d82843ef Credi...
kernel: Input: cyapa - add missing input core locking to suspend/resume functions
In the Linux kernel, the following vulnerability has been resolved: Input: cyapa - add missing input core locking to suspend/resume functions Grab input-mutex during suspend/resume functions like it is done in other input drivers. This fixes the following warning during system suspend/resume cycl...
kernel: fork: defer linking file vma until vma is fully initialized
A flaw was found in the Linux kernel. A race condition can occur when the fork system call is called due to improper locking, triggering a warning, impacting system stability, and resulting in a denial of service...
kernel: scsi: qedf: Make qedf_execute_tmf() non-preemptible
A vulnerability was found in the Linux kernel's qedf driver function qedfexecutetmf, where the function call smpprocessorid is done from preemptible code before acquiring a lock which can result in BUGON when running an RT kernel. This can result in system inconsistencies...
kernel: filelock: Remove locks reliably when fcntl/close race is detected
In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LSMs can allow the first dolockfilewait that created the lock while...
kernel: filelock: Remove locks reliably when fcntl/close race is detected
In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LSMs can allow the first dolockfilewait that created the lock while...
kernel: gfs2: Fix potential glock use-after-free on unmount
A vulnerability was found in the Linux kernel within the gfs2 component, where potential use-after-free issues could occur on unmount. When DLM lockspaces are released with remaining locks, callbacks for asynchronous lock contention may access freed objects, causing unexpected behavior...
ROS-20240924-04
A vulnerability in the fastrpc component of the Linux operating system kernel is related to race conditions after a memory release. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity, and availability A vulnerability in the usbsubmiturb function of...
The vulnerability of the iommu component in the Linux operating system’s kernel, related to improper blocking, allows a hacker to trigger a service failure.
The vulnerability of the iommu component in the Linux operating system’s kernel is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the io_uring component in the Linux operating system’s kernel, related to improper locking mechanisms, allows attackers to trigger a service failure.
The vulnerability of the iouring component in the Linux operating system’s kernel is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerabilities of the functions btrfs_maybe_wake_unfinished Drop() and btrfs_add_dead_root() of the Linux kernel’s Btrfs component allow a malicious actor to trigger a service failure due to improper locking mechanisms.
The vulnerabilities of the functions btrfsmaybewakeunfinished Drop and btrfsadddeadroot in the Linux kernel’s Btrfs component are related to improper locking mechanisms. Exploiting these vulnerabilities could allow an attacker to trigger a service failure...
EulerOS 2.0 SP8 : kernel (EulerOS-SA-2024-2476)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : IB/ipoib: Fix mcast list lockingCVE-2023-52587 netfilter: nftables: avoid overflows in nfthashbucketsCVE-2021-46992 SUNRPC: Fix a suspicious RCU...
ROS-20240919-02
Vulnerability of the reweightentity function of the sched component of the Linux operating system kernel is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to impact confidentiality, integrity, and availability. A...
CVE-2024-46762
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
CVE-2024-46762
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
DEBIAN-CVE-2024-46762
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
AZL-49566 CVE-2024-46762 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
UBUNTU-CVE-2024-46750
In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pcibuslock One of the true positives that the cfgaccesslock lockdep effort identified is this sequence: WARNING: CPU: 14 PID: 1 at drivers/pci/pci.c:4886 pcibridgesecondarybusreset+0x5d/0x70 RIP:...
UBUNTU-CVE-2024-46762
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
CVE-2024-46762 xen: privcmd: Fix possible access to a freed kirqfd instance
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...