DEBIAN-CVE-2024-45009

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only decrement addaddraccepted for MPJ req Adding the following warning ... WARNONONCEmsk-pm.addaddraccepted == 0 ... before decrementing the addaddraccepted counter helped to find a bug when running the "remove single...

UBUNTU-CVE-2024-45009

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only decrement addaddraccepted for MPJ req Adding the following warning ... WARNONONCEmsk-pm.addaddraccepted == 0 ... before decrementing the addaddraccepted counter helped to find a bug when running the "remove single...

Malicious code in mp-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3cff4fab9afd0251fc2a7551653c7605a21ecffc47bcfee194740e479aff3979 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8082 Malicious code in mp-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3cff4fab9afd0251fc2a7551653c7605a21ecffc47bcfee194740e479aff3979 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

AZL-47781 CVE-2024-7347 affecting package nginx for versions less than 1.22.1-12

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and the mp4 directi...

F5 Nginx 安全漏洞

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 USA, distributed under the BSD-like protocol. A security vulnerability exists in F5 Nginx, which stems from a vulnerability that could allow an attacker to cause it to terminate by over-reading NGIN...

DEBIAN-CVE-2024-42253

In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953xirqbussyncunlock race Ensure that i2clock' is held when setting interrupt latch and mask in pca953xirqbussyncunlock in order to avoid races. The other non-probe call site pca953xgpiosetmultiple ensures t...

UBUNTU-CVE-2024-42253

In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953xirqbussyncunlock race Ensure that i2clock' is held when setting interrupt latch and mask in pca953xirqbussyncunlock in order to avoid races. The other non-probe call site pca953xgpiosetmultiple ensures t...

Malicious code in @fdfe/mp-cashier (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2673 Malicious code in @fdfe/mp-cashier (npm)

--- -= Per source details. Do not edit below this line.=-...

SUSE CVE-2022-48715

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fcrecvframe mp safe Running tests with a debug kernel shows that bnx2fcrecvframe is modifying the percpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and run the bnx2fc driver with the...

frr: mishandled malformed data leading to a crash

A data mishandling vulnerability was found in FRRouting. A malformed MPREACHNLRI data can lead to a crash, resulting in a denial of service...

ALSA-2024:3214 Moderate: gmp security update

The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point numbers. Security Fixes: gmp: Integer overflow and resultant buffer overflow via crafted input CVE-2021-43618 For more details about the security issues...

CVE-2024-33782

MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the function OTExtensionWithMatrix::extend in /OT/OTExtensionWithMatrix.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message...

CVE-2024-33783

MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via the function osuCrypto::SilentMultiPprfReceiver::expand in /Tools/SilentPprf.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message...

CVE-2024-33781

MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the function octetStream::getbytes in /Tools/octetStream.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message...

CVE-2024-33782

MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the function OTExtensionWithMatrix::extend in /OT/OTExtensionWithMatrix.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message...

CVE-2024-33783

MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via the function osuCrypto::SilentMultiPprfReceiver::expand in /Tools/SilentPprf.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message...

CVE-2024-33780

MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via the function osuCrypto::copyOut at /Tools/SilentPprf.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message...

CVE-2024-33781

MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the function octetStream::getbytes in /Tools/octetStream.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message...