CVE-2024-56722

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. When a large number of resources are destroyed, there will be lots o...

CVE-2024-56722

In CVE-2024-56722, the Linux kernel RDMA/hns component fixes a cpu-stall risk during reset by removing unnecessary prints and converting remaining print statements to a rate-limited version when destroying resources (qp, cq, mr). The issue arises if resource destruction logs flood with numerous m...

CVE-2024-56722 RDMA/hns: Fix cpu stuck caused by printings during reset

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. When a large number of resources are destroyed, there will be lots o...

CVE-2024-56722 RDMA/hns: Fix cpu stuck caused by printings during reset

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. When a large number of resources are destroyed, there will be lots o...

AZL-55766 CVE-2023-52532 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type probably from a newer hardware, still free the SKB, update the queue tail, etc., otherwise the accounting will be wrong. Also, TX errors can be triggered by...

NonCustodialPSM.mint ignores mint buffer reduced amount, mostly disabling mint rate control

Lines of code Vulnerability details Impact VOLT minting rate control doesn't happen when RateLimited's doPartialAction is true as NonCustodialPSM doesn't use the returned amount value, minting the full amount even when it was reduced by current mint buffer size limitation. There are two issues wi...

Faulty logic at _setBufferCap() function

Lines of code Vulnerability details Impact setBufferCap function sets the bufferCap. It first calls the updateBufferStored function which updates the bufferStored variable. However, calculation of bufferStored depends on bufferCap value: Math.minbufferStored + rateLimitPerSecond elapsed, bufferCa...

Setting new buffer does not reduce current buffer to cap

Lines of code Vulnerability details Impact The RateLimited.setBufferCap function first updates the buffer and then sets the new cap, but does not apply the new cap to the updated buffer. Meaning, the updated buffer value can be larger than the new buffer cap which should never be the case. Action...

RATELIMITED: Cross Site Request Forgery in auth in https://auth.ratelimited.me/

Hi there i found a vulnerable post that an attacker can execute csrf into the victim. Steps to reproduce: 1º login into your account and with burp on intercept the request off update profile. csrf1.jpg 2º Send the post request to the generator csrf poc and alter the details. history.pushState'',...

Debian DSA-2632-1 : linux-2.6 - privilege escalation/denial of service

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-0231 Jan Beulich provided a fix for an issue in the Xen PCI backend driver...