PT-2024-27220

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises when multiple devices are reset in parallel. The first device calls kfd suspend all processes to evict all processes on all devices, but this call takes time to finish...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a privilege issue vulnerability that stems from a vulnerability in the Parallel Vision module that enables application privileg...

CVE-2024-26685

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential bug in endbufferasyncwrite According to a syzbot report, endbufferasyncwrite, which handles the completion of block device writes, may detect abnormal condition of the buffer asyncwrite flag and cause a BUGO...

DEBIAN-CVE-2024-26645

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...

Fedora: Security Advisory for t-digest (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: t-digest-3.2-8.fc40

A new data structure for accurate on-line accumulation of rank-based statisti cs eg. quantiles and trimmed means. The t-digest algorithm is also very parallel friendly making it useful in map-reduce and parallel streaming applications...

CVE-2021-47062 KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use onlinevcpus, not createdvcpus, to iterate over vCPUs Use the kvmforeachvcpu helper to iterate over vCPUs when encrypting VMSAs for SEV, which effectively switches to use onlinevcpus instead of createdvcpus. This fix...

SUSE SLES12 Security Update : docker (SUSE-SU-2024:0587-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0587-1 advisory. - BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two...

The vulnerability of the compiler for developing and optimizing parallel applications that use the Data Parallel C++ programming language, oneAPI DPC++/C++ Compiler, stems from access control deficiencies, allowing attackers to exploit their privileges.

The vulnerability of the compiler for developing and optimizing parallel applications that use the Data Parallel C++ programming language, the oneAPI DPC++/C++ Compiler, is related to access control deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges...

Race Condition

decidim is vulnerable to a Race Condition. The vulnerability is due to the system's inability to handle multiple parallel requests for endorsing a resource, such as a proposal, allowing an attacker to endorse the same resource multiple times...

GHSA-R275-J57C-7MF2 Race condition in Endorsements

Impact A race condition in the endorsement of resources for instance, a proposal allows a user to make more than once endorsement. To exploit this vulnerability, the request to set an endorsement must be sent several times in parallel. Workarounds Disable the Endorsement feature in the components...

Race condition in Endorsements

Impact A race condition in the endorsement of resources for instance, a proposal allows a user to make more than once endorsement. To exploit this vulnerability, the request to set an endorsement must be sent several times in parallel. Workarounds Disable the Endorsement feature in the components...

Intel(R) oneAPI DPC++/C++ Compiler Security Vulnerability

IntelR oneAPI DPC++/C++ Compiler is a compiler from Intel Corporation USA. A security vulnerability previously existed in Intel oneAPI DPC++/C++ Compiler software version 2023.2.1, which stems from improper access control in the affected product. It could result in an authenticated user potential...

PT-2024-1790 · Intel · Intel Oneapi Dpc++/C++ Compiler

Name of the Vulnerable Software and Affected Versions: IntelR oneAPI DPC++/C++ Compiler versions prior to 2023.2.1 IntelR oneAPI DPC++/C++ Compiler versions prior to 2022.2.1 for some IntelR oneAPI Toolkits before version 2022.3.1 Description: The issue is related to improper access control in th...

Rhysida Ransomware Cracked, Free Decryption Tool Released

Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and...

SUSE CVE-2024-23651

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessibl...

Race Condition

buildkit is vulnerable to a Race Condition. The vulnerability is caused when two malicious build steps are ran in parallel, sharing the same cache mounts with subpaths. This issue can be exploited by an attacker to access files on the host filesystem...

CVE-2023-34324

The CVE describes a deadlock in Linux kernel Xen event channel handling when a close operation is performed in parallel with a Xen console action/interrupt in an unprivileged Xen guest. The issue occurs during removal of a paravirtual device or similar event-channel close, with 32-bit Arm guests ...

Joblib: Arbitrary Code Execution

Background Joblib is a set of tools to provide lightweight pipelining in Python. In particular: 1. transparent disk-caching of functions and lazy re-evaluation memoize pattern 2. easy simple parallel computing Joblib is optimized to be fast and robust on large data in particular and has specific...

Race Condition (Leaky Vessels)

Overview Affected versions of this package are vulnerable to Race Condition Leaky Vessels in the subpath mounting when two malicious build steps are running in parallel and sharing the same cache mounts. This can lead to files from the host system being accessible to the build container. Workarou...