CVE-2024-26589

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux Kernel that stems from hisiaccvfiopci failing to update the save/restore data pointer based on the fd offset when optional PRECOPY...

DEBIAN-CVE-2024-26589

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

DEBIAN-CVE-2023-52452

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this patch, these accesses were permitted inconsistently. In particular,...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

UBUNTU-CVE-2023-52452

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this patch, these accesses were permitted inconsistently. In particular,...

UBUNTU-CVE-2024-26589

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

CVE-2024-26589 bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

CVE-2024-26589

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

CVE-2024-26589 bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

SUSE CVE-2023-52434

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2parsecontexts Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. This fixes following oops when accessing invalid create contexts from server: BUG: unabl...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from not checking the offset of variables...

CVE-2024-26589

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

DEBIAN-CVE-2023-52434

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2parsecontexts Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. This fixes following oops when accessing invalid create contexts from server: BUG: unabl...

CVE-2022-23087

The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an on-stack buffer to generat...

CVE-2024-24014

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /novel/author/list...

CVE-2024-24023

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass specially crafted offset, limit, and sort parameters to perform SQL injection via /novel/bookContent/list...

CVE-2024-24019

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL injection via /system/roleDataPerm/list...

CVE-2024-24019

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL injection via /system/roleDataPerm/list...

PT-2024-20235 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: Novel-Plus versions prior to 4.3.0-RC1 Description: A SQL injection issue exists, allowing an attacker to perform SQL injection by passing crafted offset, limit, and sort parameters via the "/common/dict/list" API endpoint. Recommendations: F...