1620 matches found
[SECURITY] Fedora 40 Update: qt6-qtwebchannel-6.7.1-1.fc40
The Qt WebChannel module provides a library for seamless integration of C++ and QML applications with HTML/JavaScript clients. Any QObject can be published to remote clients, where its public API becomes available...
[SECURITY] Fedora 40 Update: fcitx5-qt-5.1.6-2.fc40
Qt library and IM module for fcitx5...
Image Sizes - Moderately critical - Access bypass - SA-CONTRIB-2024-023
This module enables you to create responsive image styles that depend on the parent element's width. The module doesn't sufficiently check access to rendered images, resulting in access bypass vulnerabilities in specific scenarios...
CVE-2021-47262
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message Use the string machinery provided by the tracing subystem to make a copy of the string literals consumed by the "nested VM-Enter failed" tracepoint. A complet...
CVE-2021-47439
The CVE-2021-47439 issue concerns the Linux kernel’s net: dsa: microchip ksz driver. Root cause: during rmmod, ksz_switch_remove unregisters a switch while a non-zero mib_interval can cause ksz_mac_link_down to reschedule mib_read_work, leading to a null pointer access to dp->slave after unreg...
Drupal Email Contact module < 2.0.4 - Unauthenticated Broken Access Control vulnerability
Unauthenticated Broken Access Control vulnerability discovered by Claudiu Cristea in WordPress Module Email Contact versions 2.0.4...
Email Contact - Moderately critical - Access bypass - SA-CONTRIB-2024-020
The Email Contact module provides email field display formatters that can display the field as a link to the contact form, or as an inline contact form. The module does not sufficiently handle restricted entity or field access to the mail sending form, when the "Email contact link" formatter is...
CVE-2023-52736
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...
CVE-2023-52736
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...
CVE-2023-52841 media: vidtv: mux: Add check and kfree for kstrdup
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: mux: Add check and kfree for kstrdup Add check for the return value of kstrdup and return the error if it fails in order to avoid NULL pointer dereference. Moreover, use kfree in the later error handling in order to...
CVE-2023-52736 ALSA: hda: Do not unset preset when cleaning up codec
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...
CVE-2023-52736 ALSA: hda: Do not unset preset when cleaning up codec
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...
CVE-2021-47356
In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFCcleanup This module's remove path calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the...
CVE-2021-47324
In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdtstartup This module's remove path calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the...
CVE-2021-47323
In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520wdt: Fix possible use-after-free in wdtturnoff This module's remove path calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a memory leak vulnerability in the drm/nouveau/kms/nv50-module...
CVE-2024-35926
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix asyncdisable descriptor leak The disableasync paths of iaacompress/decompress don't free idxd descriptors in the asyncdisable case. Currently this only happens in the testcases where req-dst is set to null. Add ...
CVE-2024-35910 tcp: properly terminate timers for kernel sockets
In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test...
CVE-2024-35859
In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdevopenbydev error path At the time bdevmayopen is called, module reference is grabbed already, hence module reference should be released if bdevmayopen failed. This problem is found by...
Unbreakable Enterprise kernel security update
5.15.0-206.153.7 - mmc: core: Initialize mmcblkiocdata Mikko Rapeli - ahci: asm1064: asm1166: don't limit reported ports Conrad Kostecki - mmc: core: Fix switch on gp3 partition Dominique Martinet - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory Michael Kelley -...