1907 matches found
CVE-2024-56783
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...
CVE-2024-56783 netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...
CVE-2024-56783 netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...
CVE-2022-49035 media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
In the Linux kernel, the following vulnerability has been resolved: media: s5pcec: limit msg.len to CECMAXMSGSIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case...
PT-2025-34413
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to out-of-boundary access within the f2fs filesystem when handling device paths. Specifically, if the device path length reaches MAX PATH LEN,...
PT-2024-37005 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the kfd get cu occupancy function, which previously declared a large cu occupancy array as a local variable. This could lead to stack overflows due to excessive stac...
AZL-56250 CVE-2024-56544 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGESIZE 4096, MAXPAGEORDER 10, 64bit machine, pagealloc only support 4MB. If above this, trigger this warn and return NULL. udmabuf can change size limit, if change it t...
DEBIAN-CVE-2024-53225
In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at maxnshift When configuring a kernel with PAGESIZE=4KB, depending on its setting of CONFIGCMAALIGNMENT, VCMDQLOG2SIZEMAX=19 could fail the alignment test and trigger a WARNON: WARNING...
CVE-2024-53225 iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift
In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at maxnshift When configuring a kernel with PAGESIZE=4KB, depending on its setting of CONFIGCMAALIGNMENT, VCMDQLOG2SIZEMAX=19 could fail the alignment test and trigger a WARNON: WARNING...
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization
The Apache Software Foundation ASF has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions. Tracked as CVE-2024-52046 , the vulnerability carries a CVSS score of 10.0. It...
SUSE CVE-2024-53145
In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...
AZL-54960 CVE-2024-53145 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...
DEBIAN-CVE-2024-53145
In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...
UBUNTU-CVE-2024-53145
In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...
CVE-2024-53145 um: Fix potential integer overflow during physmem setup
In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...
kernel: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix potential crash in nfsendreset6 I got a syzbot report without a repro 1 crashing in nfsendreset6 I think the issue is that dev-hardheaderlen is zero, and we attempt later to push an Ethernet header. U...
CVE-2024-54227 WordPress Minimum and Maximum Quantity for WooCommerce plugin <= 2.0.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Dotstore Minimum and Maximum Quantity for WooCommerce min-and-max-quantity-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimum and Maximum Quantity for WooCommerce: from n/a through = 2.0.0...
WordPress plugin Minimum and Maximum Quantity for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress Minimum and Maximum Quantity for WooCommerce plugin <= 2.0.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Minimum and Maximum Quantity for WooCommerce versions = 2.0.0...
CVE-2024-38920
CVE-2024-38920 affects Open Robotics ROS 2 (ROS2) and Nav2 humble, describing a use-after-free in the nav2_amcl process. The vulnerability is triggered by remotely sending a request to change the dynamic parameter /amcl max_beams, enabling network-based attack with no user interaction. The CVSS 3...