11967 matches found
CVE-2023-40533
...
CVE-2024-27062 nouveau: lock the client object tree.
In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306 general protection...
CVE-2024-27014
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the priv-statelock, any scheduled aRFS works are canceled using the cancelworksync function, which waits for the work to end if it has already started...
CVE-2024-27011 netfilter: nf_tables: fix memleak in map from abort path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result ...
CVE-2024-26957 s390/zcrypt: fix reference counting on zcrypt card objects
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...
CVE-2024-26953 net: esp: fix bad handling of pages from page_pool
In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from pagepool When the skb is reorganized during espoutput !esp-inline, the pages coming from the original skb fragments are supposed to be released back to the system through putpage. But if t...
CVE-2024-26940
CVE-2024-26940 refers to a Linux kernel issue in drm/vmwgfx where /sys/kernel/debug/dri/0/mob_ttm could be created even if the corresponding ttm_resource_manager was not allocated, risking a crash when reading the file. The fix adds checks to only create mob_ttm, system_mob_ttm, and gmr_ttm debug...
OSV-2024-387 Heap-buffer-overflow in H5F_addr_encode
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68301 Crash type: Heap-buffer-overflow WRITE 1 Crash state: H5Faddrencode H5Ofsinfoencode H5Omsgflush...
CVE-2022-48633
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix WARNONlock-magic != lock error psbgemunpin calls dmaresvlock but the underlying wwmutex gets destroyed by drmgemobjectrelease move the drmgemobjectrelease call in psbgemfreeobject to after the unpin to fix the bel...
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3198 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHEL 7 / 8 : OpenShift Virtualization 4.8.5 RPMs (RHSA-2022:1329)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1329 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains...
CrushFTP < 10.7.1 / 11.x < 11.1.0 Sandbox Escape (CVE-2024-4040) (Direct Check)
Binary data crushftpcve-2024-4040.nbin...
RHEL 7 : CloudForms 4.6.2 update (Important) (RHSA-2018:1328)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1328 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual...
Exploit for Code Injection in Crushftp
CVE-2024-4040 - exploit scanners This repository contains fil...
OSV-2024-274 Heap-use-after-free in Mat_VarFree
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68071 Crash type: Heap-use-after-free READ 8 Crash state: MatVarFree MatVarFree MatioRead...
CVE-2023-52645
In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and after that the driver attempts to power them on in the probe sequence, then it is possible that a race condition occurs i...
CVE-2024-26907
CVE-2024-26907 affects the Linux kernel in the RDMA mlx5 stack. The vulnerability arises from a fortify source warning caused by a field-spanning write to eseg->inline_hdr.start in wr.c (memcpy path) during mlx5_ib_post_send, potentially enabling a local issue if exploited. Affected components...
CVE-2024-26867 comedi: comedi_8255: Correct error in subdevice initialization
In the Linux kernel, the following vulnerability has been resolved: comedi: comedi8255: Correct error in subdevice initialization The refactoring done in commit 5c57b1ccecc7 "comedi: comedi8255: Rework subdevice initialization functions" to the initialization of the io field of struct...
CVE-2024-26861 wireguard: receive: annotate data-race around receiving_counter.counter
In the Linux kernel, the following vulnerability has been resolved: wireguard: receive: annotate data-race around receivingcounter.counter Syzkaller with KCSAN identified a data-race issue when accessing keypair-receivingcounter.counter. Use READONCE and WRITEONCE annotations to mark the data rac...
CVE-2024-26834
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: release dst in case direct xmit path is used Direct xmit does not use it since it calls devqueuexmit to send packets, hence it calls dstrelease. kmemleak reports: unreferenced object 0xffff88814f440900...