kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration

A flaw was found in the Linux kernel. A local attacker could exploit a deadlock vulnerability due to incorrect lock ordering between foliolock and immaprwsem when migrating hugetlb file-backed folios. This could lead to hung tasks and potential system-wide stalls, resulting in a Denial of Service...

EUVD-2021-23357

Malware in sbrugna...

CVE-2023-53129

REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: ext4: Fix deadlock during directory rename As lockdep properly warns, we should not be locking irwsem while having transactions started as the proper lock ordering used by all directory handling operations is irwsem ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a PMU list ordering issue resulting in a warning about an unordered pmuctxlist...

GHSA-WH34-M772-5398 XWiki Platform has an SQL injection in getdocuments.vm with sort parameter

Impact In getdocument.vm ; the ordering of the returned documents is defined from an unsanitized request parameter request.sort and can allow any user to inject HQL. Depending on the used database backend, the attacker may be able to not only obtain confidential information such as password hashe...

CVE-2022-48953 rtc: cmos: Fix event handler registration ordering issue

In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpiinstallfixedeventhandler enables the event automatically on success, it is incorrect to call it before the handler routine passed to it is ready to handle event...

CVE-2021-46921

In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queuedwritelockslowpath While this code is executed with the waitlock held, a reader can acquire the lock without holding waitlock. The writer side loops checking the value with the...

SUSE-SU-2020:3916-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. - CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

Important: Red Hat Security Advisory: kernel-alt security and bug fix update

An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

CVE-2019-16137

An issue was discovered in the spin crate before 0.5.2 for Rust, when RwLock is used. Because memory ordering is mishandled, two writers can acquire the lock at the same time, violating mutual exclusion...

DEBIAN-CVE-2017-15131

It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux...