CVE-2024-3935 Eclipse Mosquito: Double free vulnerability

In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...

CVE-2024-3935

In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...

PT-2024-8324

Name of the Vulnerable Software and Affected Versions: Eclipse Mosquitto versions 2.0.0 through 2.0.18 Description: The issue is related to a double free error in Eclipse Mosquitto. When a Mosquitto broker is configured to create an outgoing bridge connection with an incoming topic that uses topi...

Fedora 39 : logiops (2024-69ce052378)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-69ce052378 advisory. Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a...

Fedora 40 : logiops (2024-326390f033)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-326390f033 advisory. Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a...

CVE-2024-6769 Medium to High Integrity Privilege Escalation in Microsoft Windows

A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integri...

Microsoft多款产品 安全漏洞

Microsoft Windows and others are products of Microsoft Corporation USA.Microsoft Windows is a set of operating systems for use on personal devices.Microsoft Windows Server 2016 is a desktop operating system.Microsoft Windows Server 2019 is a desktop operating system. A security vulnerability exis...

PT-2024-6492 · Microsoft · Windows 11 +4

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Description: A DLL Hijacking caused by drive remapping...

UBUNTU-CVE-2024-31145

Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region Reporting, "RMRR" for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions ...

UBUNTU-CVE-2024-46779

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Free pvrvmgpuva after unlink This caused a measurable memory leak. Although the individual allocations are small, the leaks occurs in a high-usage codepath remapping or unmapping device memory so they add up...

AZL-49321 CVE-2024-46705 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/xe: reset mmio mappings with devm Set our various mmio mappings to NULL. This should make it easier to catch something rogue trying to mess with mmio after device removal. For example, we might unmap everything and then start...

SUSE CVE-2022-48724

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intelsetupirqremapping After commit e3beca48a45b "irqdomain/treewide: Keep firmware node unconditionally allocated". For tear down scenario, fn is only freed after fail to allocate irdomai...

DEBIAN-CVE-2022-48724

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intelsetupirqremapping After commit e3beca48a45b "irqdomain/treewide: Keep firmware node unconditionally allocated". For tear down scenario, fn is only freed after fail to allocate irdomai...

CVE-2022-48724

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intelsetupirqremapping After commit e3beca48a45b "irqdomain/treewide: Keep firmware node unconditionally allocated". For tear down scenario, fn is only freed after fail to allocate irdomai...

UBUNTU-CVE-2022-48724

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intelsetupirqremapping After commit e3beca48a45b "irqdomain/treewide: Keep firmware node unconditionally allocated". For tear down scenario, fn is only freed after fail to allocate irdomai...

CVE-2022-48724 iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intelsetupirqremapping After commit e3beca48a45b "irqdomain/treewide: Keep firmware node unconditionally allocated". For tear down scenario, fn is only freed after fail to allocate irdomai...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a memory leak in the iommu/vt-d module intelsetupirqremapping...

CVE-2022-48724

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intelsetupirqremapping After commit e3beca48a45b "irqdomain/treewide: Keep firmware node unconditionally allocated". For tear down scenario, fn is only freed after fail to allocate irdomai...

SUSE CVE-2024-35817

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but amdgputtmbackendunbind will not clear the gart page table entry and leave valid mapping entry pointing t...

UBUNTU-CVE-2024-35817

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but amdgputtmbackendunbind will not clear the gart page table entry and leave valid mapping entry pointing t...