Upgraded Q -> H from #439 [1670433195074]

Judge has assessed an item in Issue 439 as H risk. The relevant finding follows: L02 - close should not be able to close a specific id credit line As per the docs: Can a Borrower chose to repay any debt in any order? No. The app automatically selects which credit line can be repaid using a...

PT-2024-11850 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a race condition on the per-CQ variable napi work done in the Linux kernel's net component. After calling napi complete done, another CPU can start the napi...

PT-2022-27857 · Mastodon · Mastodon

Name of the Vulnerable Software and Affected Versions: Mastodon versions through 4.0.2 Description: The issue allows attackers to cause a denial of service by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, resulting...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Expat, SQlite, libxml2, Libksba, zlib and GnuTLS

Summary Multiple issues were identified in Red Hat UBI ubi8/ubi-minimal v8.6-x packages Expat, SQlite, libxml2, Libksba, zlib and GnuTLS that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. These vulnerabilities have been addressed. Vulnerability Details...

PT-2024-11876 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the sctp stream outq migrate function. When this function is called to release stream out resources, the...

kernel: posix-cpu-timers: Cleanup CPU timers before freeing them during exec

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: Cleanup CPU timers before freeing them during exec Commit 55e8c8eb2c7b "posix-cpu-timers: Store a reference to a pid not a task" started looking up tasks by PID when deleting a CPU timer. When a non-leader threa...

kernel: Revert "Revert "block, bfq: honor already-setup queue merges""

In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges"" A crash 1 happened to be triggered in conjunction with commit 2d52c58b9c9b "block, bfq: honor already-setup queue merges". The latter was then reverted by commit...

kernel: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE

A flaw was found in the lpfc module in the Linux kernel. A missing release of allocated memory when an error occurs will cause a memory leak, potentially impacting system performance and resulting in a denial of service...

kernel: nvme-rdma: destroy cm id before destroy qp to avoid use after free

A vulnerability was found in the Linux kernel's nvme-rdma driver where the driver failed to destroy a component cmid before another component qp was destroyed. This issue occurs when the kernel incorrectly manages memory during RDMA, leading to a potential use-after-free...

PT-2022-35828 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.296 Description: The issue arises when the code attempts to access the sk wq of a socket sock that is already dead. This could potentially lead to security vulnerabilities, although the actual impact and...

PT-2022-35014 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0.3 Description: The issue arises when the code attempts to access the sk wq of a socket sock that is already dead. This could potentially lead to security vulnerabilities, although the actual impact and attac...

PT-2022-35493 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue arises when the code attempts to access the sk wq of a socket sock that is already dead. This could potentially lead to security vulnerabilities, although the actual impact and...

PT-2022-34969 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the blk-mq elevator switch when reinitializing queues. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

PT-2022-35285 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue arises when the code attempts to access the sk wq of a socket sock that is already dead. This could potentially lead to security vulnerabilities, although the actual impact and...

PT-2022-35049 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: A potential memory leak issue was identified in the init mqueue fs function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...

PT-2022-35749 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.262 Description: The issue arises when the code attempts to access the sk wq of a socket sock that is already dead. This could potentially lead to security vulnerabilities, although the actual impact and...

PT-2022-36763 · Git +1 · Qemu

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read crash. Technical details about the crash include the involvement of specific functions such as virtio...

Borrower can manipulate the repayment queue, avoid paying back the initial lender

Lines of code Vulnerability details Impact In contract LineOfCredit, the repayment queue protects lenders and assured that they have to get paid back. Without a queue, a borrower could constantly refinance to lower rates and avoid paying back the initial lender from sponsors. Every time, borrower...

kernel: nvme-rdma: destroy cm id before destroy qp to avoid use after free

A vulnerability was found in the Linux kernel's nvme-rdma driver where the driver failed to destroy a component cmid before another component qp was destroyed. This issue occurs when the kernel incorrectly manages memory during RDMA, leading to a potential use-after-free...

kernel: iavf: Fix adminq error handling

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavfallocasqbufs/iavfallocarqbufs allocates with dmaalloccoherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration of ASQ/ARQ registers. Witho...