DEBIAN-CVE-2024-42251

In the Linux kernel, the following vulnerability has been resolved: mm: pageref: remove foliotrygetrcu The below bug was reported on a non-SMP kernel: 275.267158 T4335 ------------ cut here ------------ 275.267949 T4335 kernel BUG at include/linux/pageref.h:275! 275.268526 T4335 invalid opcode:...

kernel: irqchip/gic-v3-its: Fix potential VPE leak on error

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fix potential VPE leak on error In itsvpeirqdomainalloc, when itsvpeinit returns an error, there is an off-by-one in the number of VPEs to be freed. Fix it by simply passing the number of VPEs allocated, which...

kernel: pstore/ram: Fix crash when setting number of cpus to an odd number

A vulnerability was found in the pstore/ram component of the Linux kernel, which caused crashes when the number of CPU cores was set to an odd number. This issue occurs because the odd-numbered zones became misaligned. This flaw allows a local, authenticated attacker to cause a denial of service...

kernel: irqchip/gic-v3-its: Fix potential VPE leak on error

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fix potential VPE leak on error In itsvpeirqdomainalloc, when itsvpeinit returns an error, there is an off-by-one in the number of VPEs to be freed. Fix it by simply passing the number of VPEs allocated, which...

kernel: pstore/ram: Fix crash when setting number of cpus to an odd number

A vulnerability was found in the pstore/ram component of the Linux kernel, which caused crashes when the number of CPU cores was set to an odd number. This issue occurs because the odd-numbered zones became misaligned. This flaw allows a local, authenticated attacker to cause a denial of service...

kernel: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses

A flaw was found in the Linux kernel’s ARM memory management functionality, where certain memory layouts cause a kernel panic. This flaw allows an attacker who can specify or alter memory layouts to cause a denial of service...

SUSE CVE-2024-7531

Calling PK11Encrypt in NSS using CKMCHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcom...

The vulnerabilities of the functions sbi_cpu_start() and cpu_update_secondary_bootdata() in the Linux operating system’s kernel on RISC-V processors allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the functions sbicpustart in the module arch/riscv/kernel/cpuopssbi.c and cpuupdatesecondarybootdata in the module arch/riscv/kernel/cpuopsspinwait.c in the Linux operating system’s kernel on RISC-V processors is related to memory writing beyond the allocated buffer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the x86/bhi module BHI mitigation mechanism when handling SYSENTER calls. When the TF flag bi...

SUSE CVE-2024-42091

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Check pat.ops before dumping PAT settings We may leave pat.ops unset when running on brand new platform or when running as a VF. While the former is unlikely, the latter is valid future use case and will cause NPD when...

SUSE CVE-2024-42124

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code in qedfexecutetmf90. This results in BUGON when running an RT kernel. 659.343280 BUG: using smpprocessorid in preemptible 00000000...

Mozilla Firefox ESR < 115.14

The version of Firefox ESR installed on the remote Windows host is prior to 115.14. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-34 advisory. - Unexpected marking work at the start of sweeping could have led to a use-after-free. CVE-2024-7527 - Insufficient...

CVE-2024-23353 Buffer Over-read in Multi Mode Call Processor

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESMIEI...

CVE-2024-23353 Buffer Over-read in Multi Mode Call Processor

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESMIEI...

CVE-2024-23353

CVE-2024-23353 affects Qualcomm components (Multi Mode Call Processor) and describes a transient denial-of-service during decoding an attach reject message received by UE when IEI is set to ESM_IEI. CVSSv3.1 base score 7.5 (High) with network attack vector, no user interaction, and impact limited...

CVE-2024-23352 Loop with Unreachable Exit Condition (`Infinite Loop`) in Multi Mode Call Processor

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA...

CVE-2024-23352

CVE-2024-23352 concerns a transient DoS in Qualcomm closed‑source components due to a loop in the Multi Mode Call Processor. The issue manifests when NAS receives ODAC criteria of length 1 and type 1 during registration (OTA). Public documents consistently cite the description, but no concrete pa...

CVE-2024-23352 Loop with Unreachable Exit Condition (`Infinite Loop`) in Multi Mode Call Processor

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA...

CVE-2024-23350 Reachable Assertion in Multi Mode Call Processor

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network...

CVE-2024-23350 Reachable Assertion in Multi Mode Call Processor

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network...