CVE-2024-50221 drm/amd/pm: Vangogh: Fix kernel memory out of bounds write

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangoghtablesinit is not large enough for the memset done in smucmninitsoftgpumetrics. Condensed report follows:...

SUSE CVE-2024-50200

In the Linux kernel, the following vulnerability has been resolved: mapletree: correct tree corruption on spanning store Patch series "mapletree: correct tree corruption on spanning store", v3. There has been a nasty yet subtle maple tree corruption bug that appears to have been in existence sinc...

UBUNTU-CVE-2024-50200

In the Linux kernel, the following vulnerability has been resolved: mapletree: correct tree corruption on spanning store Patch series "mapletree: correct tree corruption on spanning store", v3. There has been a nasty yet subtle maple tree corruption bug that appears to have been in existence sinc...

UBUNTU-CVE-2024-50090

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix overflow in oa batch buffer By default xebbcreatejob appends a MIBATCHBUFFEREND to batch buffer, this is not a problem if batch buffer is only used once but oa reuses the batch buffer for the same metric and at eac...

CVE-2024-50025

In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flushwork initialization out of if block After commit 379a58caa199 "scsi: fnic: Move fnicfnicflushtx to a work queue", it can happen that a work item is sent to an uninitialized work queue. This may has the effec...

CVE-2022-48976

The CVE-2022-48976 case concerns Linux kernel netfilter flowtable_offload. A preemptible path used __this_cpu_add in flow_offload_queue_work(), which could trigger a BUG when called from a workqueue without bh disabled. The fix replaces __this_cpu_add with NF_FLOW_TABLE_STAT_INC_ATOMIC() in flow_...

Security Bulletin: There is a vulnerability in Manage Componenet used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-37068)

Summary There is a vulnerability in Manage Componenet used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-37068 DESCRIPTION: IBM Maximo Application Suite - Manage Component uses weaker than expected cryptographic algorithms that could allow ...

kernel: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data races in unixreleasesock/unixstreamsendmsg A data-race condition has been identified in afunix. In one data path, the write function unixreleasesock atomically writes to sk-skshutdown using WRITEONCE. However, on...

CVE-2024-8332 master-nan Sweet-CMS index sql injection

A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been declared as critical. This vulnerability affects unknown code of the file /table/index. The manipulation leads to sql injection. The attack can be initiated remotely. This product is usin...

SUSE CVE-2022-48908

In the Linux kernel, the following vulnerability has been resolved: net: arcnet: com20020: Fix null-ptr-deref in com20020pciprobe During driver initialization, the pointer of card info, i.e. the variable 'ci' is required. However, the definition of 'com20020pciidtable' reveals that this field is...

UBUNTU-CVE-2022-48870

In the Linux kernel, the following vulnerability has been resolved: tty: fix possible null-ptr-defer in spkttyiorelease Run the following tests on the qemu platform: syzkaller: modprobe speakupaudptr input: Speakup as /devices/virtual/input/input4 initialized device: /dev/synth, node MAJOR 10,...

CVE-2023-52905 octeontx2-pf: Fix resource leakage in VF driver unbind

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix resource leakage in VF driver unbind resources allocated like mcam entries to support the Ntuple feature and hash tables for the tc feature are not getting freed in driver unbind. This patch fixes the issue...

DEBIAN-CVE-2024-43879

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211calculatebitratehe Currently NL80211RATEINFOHERUALLOC2x996 is not handled in cfg80211calculatebitratehe, leading to below warning: kernel: invalid HE MCS: bw:6, ru:6 kernel:...

DEBIAN-CVE-2024-43857

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null reference error when checking end of zone This patch fixes a potentially null pointer being accessed by isendzoneblkaddr that checks the last block of a zone when f2fs is mounted as a single device...

CVE-2024-43851 soc: xilinx: rename cpu_number1 to dummy_cpu_number

In the Linux kernel, the following vulnerability has been resolved: soc: xilinx: rename cpunumber1 to dummycpunumber The per cpu variable cpunumber1 is passed to xlnxeventhandler as argument "devid", but it is not used in this function. So drop the initialization of this variable and rename it to...

SUSE-SU-2024:2780-1 Security update for patch

This update for patch fixes the following issues: - CVE-2019-20633: Fixed double-free/OOB read in pch.c bsc1167721...

AZL-47391 CVE-2024-41965 affecting package vim for versions less than 9.0.2190-4

Vim is an open source command line text editor. double-free in dialogchanged in Vim v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a new Untitled file, if the buffer did not have a nam...

UBUNTU-CVE-2024-41957

Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points...

SUSE-SU-2024:2704-1 Security update for patch

This update for patch fixes the following issues: - CVE-2019-20633: Fixed double-free/OOB read in pch.c bsc1167721...

CVE-2024-41946 REXML DoS vulnerability

REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability...