2083 matches found
PT-2026-8177
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's smb/server component within the create smb2 pipe function. Specifically, if the ksmbd iov pin rsp function fails, the ksmbd session rpc close function...
SUSE CVE-2024-53201
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in dcn20programpipe This commit addresses a null pointer dereference issue in dcn20programpipe. Previously, commit 8e4ed3cf1642 "drm/amd/display: Add null check for...
DEBIAN-CVE-2024-53201
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in dcn20programpipe This commit addresses a null pointer dereference issue in dcn20programpipe. Previously, commit 8e4ed3cf1642 "drm/amd/display: Add null check for...
AZL-55127 CVE-2024-53200 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in hwsssetupdpp This commit addresses a null pointer dereference issue in hwsssetupdpp. The issue could occur when pipectx-planestate is null. The fix adds a check to ensure...
AZL-55294 CVE-2024-53201 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in dcn20programpipe This commit addresses a null pointer dereference issue in dcn20programpipe. Previously, commit 8e4ed3cf1642 "drm/amd/display: Add null check for...
CVE-2024-53200
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in hwsssetupdpp This commit addresses a null pointer dereference issue in hwsssetupdpp. The issue could occur when pipectx-planestate is null. The fix adds a check to ensure...
OESA-2024-2496 perl-Module-ScanDeps security update
This module scans potential modules used by perl programs, and returns a hash reference; its keys are the module names as appears in %INC e.g. Test/More.pm; the values are hash references. Security Fixes: Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps,...
SUSE CVE-2024-10224
Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by opening a "pesky pipe" such as passing "commands|" as a filename or by passing arbitrary strings to eval...
CVE-2024-50177
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursorwidth is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as...
openSUSE Security Advisory (SUSE-SU-2024:4036-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AZL-53394 CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-2
Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by opening a "pesky pipe" such as passing "commands|" as a filename or by passing arbitrary strings to eval...
CVE-2024-10224
Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by opening a "pesky pipe" such as passing "commands|" as a filename or by passing arbitrary strings to eval...
DEBIAN-CVE-2024-10224
Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by opening a "pesky pipe" such as passing "commands|" as a filename or by passing arbitrary strings to eval...
CVE-2024-10224
Qualys reports CVE-2024-10224 affects perl-Module-ScanDeps prior to 1.36, where unsanitized input could allow local command execution via open() of a pipe or by eval(). Remediations shown in connected advisories include updating to 1.36+ (examples show 1.37+ in Amazon Linux 2023/AL2023 and other ...
Module-ScanDeps 权限许可和访问控制问题漏洞
Module-ScanDeps is an application by Roderich Schupp Personal Developer. A security vulnerability exists in Module-ScanDeps versions prior to 1.36 that stems from improper input validation, which could lead to a local attacker executing arbitrary shell commands by opening a pesky pipe or passing ...
CVE-2024-47574
A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe message...
CVE-2024-47574
A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe message...
CVE-2024-47574
A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe message...
Fortinet FortiClient 安全漏洞
Fortinet FortiClient is a mobile endpoint security solution from Fortinet, Inc. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet...
kernel: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()'
A NULL pointer dereference flaw was found in the Linux kernel in dcn21setpipe. This issue may lead to a crash...