Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the automatic enabling of the misc vector on a request for an interrupt, which may result in a warning...

PT-2025-4332

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel, specifically in the net: hns3 component. The issue occurs due to a time window between misc irq enabled and service task inited,...

CVE-2018-9395

In mtkcfg80211vendorpacketkeepalivestart and mtkcfg80211vendorsetconfig of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/glvendor.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User...

CVE-2018-9394

In mtkp2pwextsetkey of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/glp2p.c, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9394

In mtkp2pwextsetkey of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/glp2p.c, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9376

In rpcmsghandler and related handlers of drivers/misc/mediatek/eccci/portrpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

Mageia: Security Advisory (MGASA-2024-0376)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: x86/mce: Work around an erratum on fast string copy instructions

In the Linux kernel, the following vulnerability has been resolved: x86/mce: Work around an erratum on fast string copy instructions A rare kernel panic scenario can happen when the following conditions are met due to an erratum on fast string copy instructions: 1 An uncorrected error. 2 That err...

Malicious code in videoads-util-misc-general (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c5e09df3f56783004e4936e57f3a6dac4e757c0d2d3cb2c0acf10bf15c6f4435 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10255 Malicious code in videoads-util-misc-general (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c5e09df3f56783004e4936e57f3a6dac4e757c0d2d3cb2c0acf10bf15c6f4435 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2024-32342 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or version is mentioned. Description: The issue is related to a possible out-of-bounds read in the ProtocolMiscHwConfigChangeAdapter::GetData function, located in protocolmiscadapter.cpp. This could lead to local...

CVE-2024-46741

...

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2024-733)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-733 advisory. Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion. CVE-2024-34155 Calling Decoder.Decode on a message which...

yt-dlp: Multiple Vulnerabilities

Background yt-dlp is a youtube-dl fork with additional features and fixes. Description Multiple vulnerabilities have been found in yt-dlp. Please review the referenced CVE identifiers for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

CVE-2024-34648

Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Sep-2024 Release 1 version and earlier versions, which stems from the KnoxMiscPolicy...

PT-2024-26067 · Samsung · Knoxmiscpolicy

Name of the Vulnerable Software and Affected Versions: KnoxMiscPolicy versions prior to SMR Sep-2024 Release 1 Description: The issue is related to improper handling of insufficient permissions, allowing local attackers to access sensitive data. This could potentially lead to unauthorized access ...

CLSA-2024-1724754216 Fix CVE(s): CVE-2023-52760, CVE-2024-35835, CVE-2024-39484, CVE-2024-39487

CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bondoptionarpiptargetsset CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2qddealloc CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a post-release reuse of the misc/fastrpc component...

UBUNTU-CVE-2024-42150

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: remove separate irq request for MSI and INTx When using MSI or INTx interrupts, requestirq for pdev-irq will conflict with requestthreadedirq for txgbe-misc.irq, to cause system crash. So remove txgberequestirq for...