1907 matches found
UBUNTU-CVE-2024-43890
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in getfreeelt "tracingmap-nextelt" in getfreeelt is at risk of overflowing. Once it overflows, new elements can still be inserted into the tracingmap even though the maximum number of elements maxelts has be...
CVE-2024-43890 tracing: Fix overflow in get_free_elt()
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in getfreeelt "tracingmap-nextelt" in getfreeelt is at risk of overflowing. Once it overflows, new elements can still be inserted into the tracingmap even though the maximum number of elements maxelts has be...
CVE-2024-7998
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan...
CVE-2024-7998
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan...
CVE-2024-7998
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan...
CVE-2024-7998
CVE-2024-7998 affects Octopus Server where OIDC cookies used the wrong expiration time, potentially enabling longer-lived cookies. The CVSS 3.1 vector reports a Low base score (2.6) with NETWORK attack vector, HIGH complexity, and user interaction required. The available documents state the vulne...
PT-2024-38745 · Unknown · Octopus Server
Name of the Vulnerable Software and Affected Versions: Octopus Server affected versions not specified Description: The issue is related to OIDC cookies using the wrong expiration time, potentially resulting in them using the maximum lifespan. Recommendations: At the moment, there is no informatio...
SUSE CVE-2024-42265
In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...
SUSE CVE-2024-42317
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: avoid PMD-size page cache if needed xarray can't support arbitrary page cache size. the largest and supported page cache size is defined as MAXPAGECACHEORDER by commit 099d90642a71 "mm/filemap: make MAXPAGECACHEORD...
SUSE CVE-2024-43843
In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fix out-of-bounds issue when preparing trampoline image We get the size of the trampoline image during the dry run phase and allocate memory based on that size. The allocated image will then be populated with...
DEBIAN-CVE-2024-42317
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: avoid PMD-size page cache if needed xarray can't support arbitrary page cache size. the largest and supported page cache size is defined as MAXPAGECACHEORDER by commit 099d90642a71 "mm/filemap: make MAXPAGECACHEORD...
UBUNTU-CVE-2024-42317
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: avoid PMD-size page cache if needed xarray can't support arbitrary page cache size. the largest and supported page cache size is defined as MAXPAGECACHEORDER by commit 099d90642a71 "mm/filemap: make MAXPAGECACHEORD...
kernel: NFSD: Fix the behavior of READ near OFFSET_MAX
A vulnerability was found in the Linux kernel's NFSD, where improper handling of read requests near the maximum offset can lead to an integer overflow. When a client attempts to read from a near-maximum offset, it causes the server to return an invalid NFS error, resulting in indefinite retries b...
OESA-2024-1961 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the...
CVE-2024-42242
A flaw was found in the mmc: sdhci driver in the Linux kernel, caused by setting the maximum segment size below the required page size PAGESIZE. This discrepancy leads to validation errors and potential issues in handling I/O operations. The fix involved updating the sdhci driver to ensure that t...
kernel: virtio-blk: fix implicit overflow on virtio_max_dma_size
In the Linux kernel, the following vulnerability has been resolved: virtio-blk: fix implicit overflow on virtiomaxdmasize The following codes have an implicit conversion from sizet to u32: u32maxsize = sizetvirtiomaxdmasizevdev; This may lead overflow, Ex sizet4G - u320. Once virtiomaxdmasize has...
SUSE CVE-2024-42242
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...
SUSE CVE-2024-42243
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...
CVE-2024-42242
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...
CVE-2024-42242 mmc: sdhci: Fix max_seg_size for 64KiB PAGE_SIZE
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...