CVE-2024-22441

HPE Cray Parallel Application Launch Service PALS is subject to an authentication bypass...

PT-2024-19427 · Hewlett Packard · Hpe Cray Pals

Name of the Vulnerable Software and Affected Versions: HPE Cray Parallel Application Launch Service PALS affected versions not specified Description: The issue is related to an authentication bypass in HPE Cray Parallel Application Launch Service PALS. No information is provided about the estimat...

Hewlett Packard Enterprise Cray Parallel Application Launch Service Security Vulnerability

Hewlett Packard Enterprise Cray Parallel Application Launch Service is a parallel application launch service from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise Cray Parallel Application Launch Service that originates from a susceptibility to...

The vulnerabilities of the functions zpaq_decompress_buf() and clear_rulist() in the Irzip software allow a hacker to trigger a service failure.

The vulnerabilities of the functions zpaqdecompressbuf and clearrulist in the Irzip software involve parallel memory usage after deallocation. Exploiting these vulnerabilities can allow an attacker to cause a service failure...

Exploit for OS Command Injection in Php

CVE-2024-4577 Vulnerability Checker This script is designed t...

SUSE CVE-2024-36949

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfdsuspendallprocesses to evict all processes on all devices, this call takes...

DEBIAN-CVE-2024-36962

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...

CVE-2024-36961 thermal/debugfs: Fix two locking issues with thermal zone debug

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Fix two locking issues with thermal zone debug With the current thermal zone locking arrangement in the debugfs code, user space can open the "mitigations" file for a thermal zone before the zone's debugfs pointe...

AZL-68066 CVE-2024-36949 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfdsuspendallprocesses to evict all processes on all devices, this call takes...

CVE-2024-36936

In the Linux kernel, the following vulnerability has been resolved: efi/unaccepted: touch soft lockup during memory accept Commit 50e782a86c98 "efi/unaccepted: Fix soft lockups caused by parallel memory acceptance" has released the spinlock so other CPUs can do memory acceptance in parallel and n...

DEBIAN-CVE-2024-36936

In the Linux kernel, the following vulnerability has been resolved: efi/unaccepted: touch soft lockup during memory accept Commit 50e782a86c98 "efi/unaccepted: Fix soft lockups caused by parallel memory acceptance" has released the spinlock so other CPUs can do memory acceptance in parallel and n...

CVE-2024-36936

In the Linux kernel, the following vulnerability has been resolved: efi/unaccepted: touch soft lockup during memory accept Commit 50e782a86c98 "efi/unaccepted: Fix soft lockups caused by parallel memory acceptance" has released the spinlock so other CPUs can do memory acceptance in parallel and n...

UBUNTU-CVE-2024-36949

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfdsuspendallprocesses to evict all processes on all devices, this call takes...

CVE-2024-36949 amd/amdkfd: sync all devices to wait all processes being evicted

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfdsuspendallprocesses to evict all processes on all devices, this call takes...

CVE-2024-36936 efi/unaccepted: touch soft lockup during memory accept

In the Linux kernel, the following vulnerability has been resolved: efi/unaccepted: touch soft lockup during memory accept Commit 50e782a86c98 "efi/unaccepted: Fix soft lockups caused by parallel memory acceptance" has released the spinlock so other CPUs can do memory acceptance in parallel and n...

SUSE CVE-2021-47322

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix an Oops in pnfsmarkrequestcommit when doing ODIRECT Fix an Oopsable condition in pnfsmarkrequestcommit when we're putting a set of writes on the commit list to reschedule them after a failed pNFS attempt...

CVE-2023-52774

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...

UBUNTU-CVE-2021-47292

In the Linux kernel, the following vulnerability has been resolved: iouring: fix memleak in ioinitwqoffload I got memory leak report when doing fuzz test: BUG: memory leak unreferenced object 0xffff888107310a80 size 96: comm "syz-executor.6", pid 4610, jiffies 4295140240 age 20.135s hex dump firs...

CVE-2021-47292

CVE-2021-47292 affects the Linux kernel io_uring subsystem. The issue is a memory leak in io_init_wq_offload() where a leaked hash_map can occur when io_uring_enter() is called in parallel (syz-executor traffic). Root cause: missing synchronization around kzalloc/hash_map updates in io_init_wq_of...

CVE-2024-35820

Summary: Multiple sources indicate CVE-2024-35820 has been withdrawn by its CVE Numbering Authority. In the connected Red Hat advisory, the issue is described in the Linux kernel io_uring subsystem: a vulnerability in the io_queue_proc function arises from improper modification of req->flags, ...