CVE-2024-26658 bcachefs: grab s_umount only if snapshotting

In the Linux kernel, the following vulnerability has been resolved: bcachefs: grab sumount only if snapshotting When I was testing mongodb over bcachefs with compression, there is a lockdep warning when snapshotting mongodb data volume. $ cat test.sh prog=bcachefs $prog subvolume create /mnt/data...

CVE-2024-26658 bcachefs: grab s_umount only if snapshotting

In the Linux kernel, the following vulnerability has been resolved: bcachefs: grab sumount only if snapshotting When I was testing mongodb over bcachefs with compression, there is a lockdep warning when snapshotting mongodb data volume. $ cat test.sh prog=bcachefs $prog subvolume create /mnt/data...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible circular locking dependency...

PT-2024-14669

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.5.0-kfd-yangp 2289 and earlier Description A possible circular locking dependency has been detected in the Linux kernel, specifically in the drm/amdkfd module. This issue occurs when a task attempts to acquire a lock th...

Debian dla-3778 : libnss-libvirt - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3778 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3778-1 [email protected]...

SUSE-SU-2024:1007-1 Security update for shadow

This update for shadow fixes the following issues: - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn bsc1210507. - CVE-2023-4641: Fixed possible password leak during passwd1 change bsc1214806. The following non-security bugs were fixed: - bsc1176006: Fix chage date miscalculation...

Clickjacking Vulnerability in Multiple Mozilla Products (CNVD-2024-14976)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A clickjacking vulnerability exists in several Mozilla products, which i...

kernel: vmwgfx: race condition leading to information disclosure vulnerability

A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context o...

CVE-2024-26631

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: fix data-race in ipv6mcdown / mldifcwork idev-mcifccount can be written over without proper locking. Originally found by syzbot 1, fix this issue by encapsulating calls to mldifcstopwork and mldgqstopwork for good...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that idev-mcifccount is allowed to be rewritten without proper locking...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2024-23265

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to cause unexpected syste...

CVE-2024-23265

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to cause unexpected syste...

Memory corruption

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to cause unexpected syste...

CVE-2024-23265

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to cause unexpected syste...

[SECURITY] Fedora 40 Update: frysk-0.4-94.fc40

Frysk is an execution-analysis technology implemented using native Java and C++. It is aimed at providing developers and sysadmins with the ability to both examine and analyze running multi-host, multi-process, multi-threaded systems. Frysk allows the monitoring of running processes and threads, ...

SUSE CVE-2023-52516

In the Linux kernel, the following vulnerability has been resolved: dma-debug: don't call dmaentryalloccheckleak under freeentrieslock dmaentryalloccheckleak calls into printk - serial console output qcom geni and grabs port-lock under freeentrieslock spin lock, which is a reverse locking...

CVE-2023-52591

A flaw was found in the reiserfs module in the Linux kernel. Renaming a directory in a reiserfs filesystem can corrupt the filesystem...

CVE-2023-52587

A hard lockup flaw was found in the Linux kernel’s IPoIB driver in how a user triggers the ipoibmcastjointask function, caused by invalid priv-multicastlist locking. This flaw allows a local user to crash the system. Mitigation To mitigate this issue, prevent module ibcore from being loaded. Plea...

BIT-MYSQL-CLIENT-2020-14812

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Locking. Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...