CVE-2024-27411

A flaw was found in the nouveau module in the Linux kernel. In multi-GPU setups, a system-wide rendering freeze can occur when suspending/resuming the system because some resources are released in the wrong place, resulting in a denial of service...

CVE-2024-27411

CVE-2024-27411 relates to the Linux kernel nouveau driver (drm/nouveau). The vulnerability arises because two DMA buffers required for suspend/resume were deallocated after GPU init, which can cause kernel module errors and a system-wide rendering freeze on multi-GPU systems. The fix moves the de...

CVE-2024-27411

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: keep DMA buffers required for suspend/resume Nouveau deallocates a few buffers post GPU init which are required for GPU suspend/resume to function correctly. This is likely not as big an issue on systems where the...

GitLab: Uncontrolled Resource Consumption in any Markdown field using Mermaid

Summary I found a bypass for the mitigation of DoS via Mermaid CVE-2019-9220. As the mitigation for CVE-2019-9220, the input limit of 5000 characters is currently applied to a Mermaid code block, but it can be bypassed by simply splitting the longer payload to many code blocks. Steps to reproduce...