unbounded-spsc: Sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race

Summary Sender::send in src/lib.rs contains an unsafe block in the DISCONNECTED arm that transmutes a raw pointer mut Producer into the bytes of a value-level Consumer. The author's intent, visible in the surrounding comment at lines 386-390, was a value transmute. The shipped code is one level o...

CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

SUSE CVE-2024-54193

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix WARN in ivpuipcsendreceiveinternal Move pmruntimesetactive to ivpupminit so when ivpuipcsendreceiveinternal is executed before ivpupmenable it already has correct runtime state, even if last resume was not...

UBUNTU-CVE-2024-54193

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix WARN in ivpuipcsendreceiveinternal Move pmruntimesetactive to ivpupminit so when ivpuipcsendreceiveinternal is executed before ivpupmenable it already has correct runtime state, even if last resume was not...

CVE-2024-54193

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix WARN in ivpuipcsendreceiveinternal Move pmruntimesetactive to ivpupminit so when ivpuipcsendreceiveinternal is executed before ivpupmenable it already has correct runtime state, even if last resume was not...

DEBIAN-CVE-2024-56540

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...

DEBIAN-CVE-2024-50030

In the Linux kernel, the following vulnerability has been resolved: drm/xe/ct: prevent UAF in sendrecv Ensure we serialize with completion side to prevent UAF with fence going out of scope on the stack, since we have no clue if it will fire after the timeout before we can erase from the xa. Also ...

UBUNTU-CVE-2024-50030

In the Linux kernel, the following vulnerability has been resolved: drm/xe/ct: prevent UAF in sendrecv Ensure we serialize with completion side to prevent UAF with fence going out of scope on the stack, since we have no clue if it will fire after the timeout before we can erase from the xa. Also ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the sendrecv function in the drm/xe/ct subsystem, which could lead to a kernel...

SUSE CVE-2015-9059

picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely...

CVE-2021-35487

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...

The vulnerability of the “send and receive file” command handler in the Picocom terminal emulation software allows a hacker to execute any command they desire.

The vulnerability of the “send and receive file” command in the Picocom terminal emulation software lies in the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by using /bin/sh to launch external commands...

DEBIAN-CVE-2015-9059

picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely...

UBUNTU-CVE-2015-9059

picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely...

Buffer overflow in CIFS VFS

Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function...