4325 matches found
SUSE CVE-2024-41012
In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LSMs can allow the first dolockfilewait that created the lock while...
kernel: vfio/pci: Lock external INTx masking ops
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core interrupt code. In...
kernel: vmwgfx: race condition leading to information disclosure vulnerability
A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context o...
kernel: vfio/pci: Lock external INTx masking ops
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core interrupt code. In...
UBUNTU-CVE-2024-41012
In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LSMs can allow the first dolockfilewait that created the lock while...
CVE-2024-41012 filelock: Remove locks reliably when fcntl/close race is detected
In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LSMs can allow the first dolockfilewait that created the lock while...
BIT-HYPERLEDGER-FABRIC-ORDERER-2022-45196
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
BIT-HYPERLEDGER-FABRIC-PEER-2022-45196
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
BIT-HYPERLEDGER-FABRIC-TOOLS-2022-45196
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
CVE-2023-52886
The CVE-2023-52886 entry describes a race in the Linux kernel USB core where hub_port_init() can overwrite udev->descriptor while read_descriptors() (sysfs.c) is reading it, enabling a slab-out-of-bounds read (KASAN) observed in syzbot. The root cause is a race between read_descriptors() and h...
SUSE CVE-2024-40905
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible race in fib6droppcpufrom syzbot found a race in fib6droppcpufrom 1 If compiler reads more than once ppcpurt, second read could read NULL, if another cpu clears the value in rt6getpcpuroute. Add a READONCE to...
CVE-2024-39503
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbage collection of the list:set type. The...
DEBIAN-CVE-2024-40922
In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: don't lock while !TASKRUNNING There is a report of iorsrcrefquiesce locking a mutex while not TASKRUNNING, which is due to forgetting restoring the state back after ioruntaskworksig and attempts to break out of the...
CVE-2024-40915
In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite kernelmappages to fix sleeping in invalid context kernelmappages is a debug function which clears the valid bit in page table entry for deallocated pages to detect illegal memory accesses to freed pages. This...
CVE-2024-39501
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-40911
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Lock wiphy in cfg80211getstation Wiphy should be locked before calling rdevgetstation see lockdep assert in ieee80211getstation. This fixes the following kernel NULL dereference: Unable to handle kernel NULL point...
UBUNTU-CVE-2024-40922
In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: don't lock while !TASKRUNNING There is a report of iorsrcrefquiesce locking a mutex while not TASKRUNNING, which is due to forgetting restoring the state back after ioruntaskworksig and attempts to break out of the...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the wifi:cfg80211 component not properly locking wiphy in the cfg80211getstation function...
WordPress Secure Copy Content Protection plugin < 4.0.9 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Krugov Aryom in WordPress Plugin Secure Copy Content Protection and Content Locking versions 4.0.9...
CVE-2024-6138
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...