163 matches found
AZL-51771 CVE-2024-49988 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a reference count to the ksmbdconn struct so that it can be freed when i...
UBUNTU-CVE-2024-49988
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a reference count to the ksmbdconn struct so that it can be freed when i...
CVE-2024-49988 ksmbd: add refcnt to ksmbd_conn struct
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a reference count to the ksmbdconn struct so that it can be freed when i...
CVE-2024-49988 ksmbd: add refcnt to ksmbd_conn struct
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a reference count to the ksmbdconn struct so that it can be freed when i...
CVE-2024-49988 ksmbd: add refcnt to ksmbd_conn struct
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a reference count to the ksmbdconn struct so that it can be freed when i...
PT-2024-33827
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: The issue is related to the ksmbd component in the Linux kernel. When sending an oplock break request, opinfo-conn is used, but a freed -conn can be used on multichannel, leading to potential...
CVE-2024-42256 cifs: Fix server re-repick on subrequest retry
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix server re-repick on subrequest retry When a subrequest is marked for needing retry, netfs will call cifspreparewrite which will make cifs repick the server for the op before renegotiating credits; it then calls...
CVE-2024-42256
CVE-2024-42256 affects the Linux kernel CIFS client. The issue arises when a subrequest is retried and smb2_async_writev() re-picks the SMB server, causing in_flight accounting to be updated against different servers and leading to misaccounting. The fix removes the repick in smb2_async_writev(),...
CVE-2024-42256 cifs: Fix server re-repick on subrequest retry
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix server re-repick on subrequest retry When a subrequest is marked for needing retry, netfs will call cifspreparewrite which will make cifs repick the server for the op before renegotiating credits; it then calls...
CVE-2023-52751
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options...
AZL-54747 CVE-2023-52751 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options...
UBUNTU-CVE-2023-52751
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options...
CVE-2023-52751 smb: client: fix use-after-free in smb2_query_info_compound()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options...
CVE-2023-52751 smb: client: fix use-after-free in smb2_query_info_compound()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options...
CVE-2023-52751
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options...
BD FACSChorus Security Breach
The BD FACSChorus is a multichannel flow cytometry system from Bidi Medical BD. A security vulnerability exists in the BD FACSChorus that stems from not blocking physical access to its PCI Express PCIe slot...
BD FACSChorus Security Breach
BD FACSChorus is a multichannel flow cytometry system from Bidi Medical BD. A security vulnerability exists in the BD FACSChorus that stems from being configured to allow the transmission of hashed user credentials based on a user action without fully verifying the identity of the requested...
OESA-2023-1668 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusbdec.c has a memory leak because of the lack of a dvbfrontenddetach call.CVE-2022-45887 A division-by-zero error on some AMD processors ca...
SUSE-SU-2023:3688-1 Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues: - CVE-2021-3497: Matroskademux: Fix extraction of multichannel WavPack bsc1184739. - CVE-2022-1920: Fixed integer overflow in WavPack header handling code bsc1201688. - CVE-2022-1921: Fixed integer overflow resulting in heap...
SUSE CVE-2023-32249
In the Linux kernel, the following vulnerability has been resolved: ksmbd: not allow guest user on multichannel This patch return STATUSNOTSUPPORTED if binding session is guest...