CVE-2023-38297

An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup versionCode='3', versionName='2.1...

CVE-2023-38297

An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup versionCode='3', versionName='2.1...

CVE-2023-38297

An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup versionCode='3', versionName='2.1...

The vulnerability of the kmap_local() function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the kmaplocal function in the Linux operating system’s kernel is related to the doubling of the number of fixmap slots allocated for each processor that are used by kmaplocal. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE CVE-2024-26894

In the Linux kernel, the following vulnerability has been resolved: ACPI: processoridle: Fix memory leak in acpiprocessorpowerexit After unregistering the CPU idle device, the memory associated with it is not freed, leading to a memory leak: unreferenced object 0xffff896282f6c000 size 1024: comm...

DEBIAN-CVE-2024-26894

In the Linux kernel, the following vulnerability has been resolved: ACPI: processoridle: Fix memory leak in acpiprocessorpowerexit After unregistering the CPU idle device, the memory associated with it is not freed, leading to a memory leak: unreferenced object 0xffff896282f6c000 size 1024: comm...

UBUNTU-CVE-2024-26894

In the Linux kernel, the following vulnerability has been resolved: ACPI: processoridle: Fix memory leak in acpiprocessorpowerexit After unregistering the CPU idle device, the memory associated with it is not freed, leading to a memory leak: unreferenced object 0xffff896282f6c000 size 1024: comm...

CVE-2024-26894 ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()

In the Linux kernel, the following vulnerability has been resolved: ACPI: processoridle: Fix memory leak in acpiprocessorpowerexit After unregistering the CPU idle device, the memory associated with it is not freed, leading to a memory leak: unreferenced object 0xffff896282f6c000 size 1024: comm...

CVE-2024-26894 ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()

In the Linux kernel, the following vulnerability has been resolved: ACPI: processoridle: Fix memory leak in acpiprocessorpowerexit After unregistering the CPU idle device, the memory associated with it is not freed, leading to a memory leak: unreferenced object 0xffff896282f6c000 size 1024: comm...

CVE-2024-26841

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Update cpusiblingmap when disabling nonboot CPUs Update cpusiblingmap when disabling nonboot CPUs by defining & calling clearcpusiblingmap, otherwise we get such errors on SMT systems: jump label: negative count!...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an update to cpusiblingmap on a non-boot CPU...

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that stems from the presence of an...

bind9: Parsing large DNS messages may cause excessive CPU load

A flaw was found in the bind package. This issue may allow a remote attacker with no specific privileges to craft a specially long DNS message leading to an excessive and uncontrolled CPU usage, the server being unavailable, and a Denial of Service...

SUSE CVE-2024-26690

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in , write side of struct u64statssync must ensure mutual exclusion, or one seqcount update could be lost on 32-bit platforms, thus blocking...

SUSE CVE-2024-26705

In the Linux kernel, the following vulnerability has been resolved: parisc: BTLB: Fix crash when setting up BTLB at CPU bringup When using hotplug and bringing up a 32-bit CPU, ask the firmware about the BTLB information to set up the static block TLB entries. For that write access to the static...

Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass

Exploit Title: Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass Author: LiquidWorm Vendor: Positron srl Product web page: https://www.positron.it https://www.positron.it/prodotti/apparati-broadcast/stereo-multicoder/tra-7005/ Affected version: 1.20 TRA7K5REV107 TRA7K5REV1...

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a possible incorrect input in the vsp driver that lacks validation...

SUSE CVE-2024-26667

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for valid hwpp in dpuencoderhelperphyscleanup The commit 8b45a26f2ba9 "drm/msm/dpu: reserve cdm blocks for writeback in case of YUV output" introduced a smatch warning about another conditional block in...