Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-2638)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2024-2301 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access...

SUSE CVE-2024-49998

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...

Oracle Linux 8 : edk2 (ELSA-2024-12795)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12795 advisory. - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division- By-Zero due to a UNIT32 overflow via local...

SUSE CVE-2022-48994

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...

CVE-2024-49998

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...

DEBIAN-CVE-2022-48994

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...

DEBIAN-CVE-2022-48953

In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpiinstallfixedeventhandler enables the event automatically on success, it is incorrect to call it before the handler routine passed to it is ready to handle event...

DEBIAN-CVE-2024-49998

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...

CVE-2024-49998

CVE-2024-49998 affects the Linux kernel net: dsa shutdown sequence, specifically lan9303. Two shutdown-time races are described: (1) a driver data pointer (dev_get_drvdata) may be accessed after shutdown, risking an NPD if the remove path runs; (2) concurrent zeroization of conduit->dsa_ptr ca...

CVE-2024-49998 net: dsa: improve shutdown sequence

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...

CVE-2024-49998 net: dsa: improve shutdown sequence

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...

CVE-2024-49998 net: dsa: improve shutdown sequence

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...

CVE-2024-49981 media: venus: fix use after free bug in venus_remove due to race condition

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free bug in venusremove due to race condition in venusprobe, core-work is bound with venussyserrorhandler, which is used to handle error. The code use core-syserrdone to make sync work. The core-work i...

SUSE CVE-2024-47688

In the Linux kernel, the following vulnerability has been resolved: driver core: Fix a potential null-ptr-deref in moduleadddriver Inject fault while probing of-fpga-region, if kasprintf fails in moduleadddriver, the second sysfsremovelink in exit path will cause null-ptr-deref as below because...

SUSE CVE-2024-47739

In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seqnr overflow When submitting more than 2^32 padata objects to padatadoserial, the current sorting implementation incorrectly sorts padata objects with overflowed seqnr,...

DEBIAN-CVE-2024-47739

In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seqnr overflow When submitting more than 2^32 padata objects to padatadoserial, the current sorting implementation incorrectly sorts padata objects with overflowed seqnr,...

AZL-50996 CVE-2024-47739 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seqnr overflow When submitting more than 2^32 padata objects to padatadoserial, the current sorting implementation incorrectly sorts padata objects with overflowed seqnr,...

AZL-50809 CVE-2024-47739 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seqnr overflow When submitting more than 2^32 padata objects to padatadoserial, the current sorting implementation incorrectly sorts padata objects with overflowed seqnr,...

UBUNTU-CVE-2024-47739

In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seqnr overflow When submitting more than 2^32 padata objects to padatadoserial, the current sorting implementation incorrectly sorts padata objects with overflowed seqnr,...