USN-7024-1 tgt vulnerability

It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical...

SUSE CVE-2024-8900

An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox 129, Firefox ESR 128.3, and Thunderbird 128.3...

rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]>

A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, '', and ''...

DEBIAN-CVE-2024-46699

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Disable preemption while updating GPU stats We forgot to disable preemption around the writeseqcountbegin/end pair while updating GPU stats: WARNING: CPU: 2 PID: 12 at include/linux/seqlock.h:221...

UBUNTU-CVE-2024-46699

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Disable preemption while updating GPU stats We forgot to disable preemption around the writeseqcountbegin/end pair while updating GPU stats: WARNING: CPU: 2 PID: 12 at include/linux/seqlock.h:221...

AZL-69910 CVE-2024-25584 affecting package dovecot 2.3.20-1

Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP. Dovecot will split mail with LF DOT LF into two mails. Upgrade to latest...

AZL-48783 CVE-2024-44995 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is as below: pf reset start │ ▼ ...... setup tc │ │ ▼ ▼ DOWN: napidisable napidisableskip │...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the wor...

kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2024-45230

An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...

DEBIAN-CVE-2021-4442

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...

The vulnerability of mediatek’s kernel components in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of mediatek’s Linux operating system kernel relates to the registration of power domains, first using genpd, and then attempting to include them in the probing sequence. This leads to a race condition. Exploiting this vulnerability can allow an attacker to cause a service failur...

AZL-48203 CVE-2024-43904 affecting package kernel for versions less than 6.6.64.2-9

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the dcn30applyidlepoweroptimizations function. These variables were previously...

CVE-2022-48942

In the Linux kernel, the following vulnerability has been resolved: hwmon: Handle failure to register sensor with thermal zone correctly If an attempt is made to a sensor with a thermal zone and it fails, the call to devmthermalzoneofsensorregister may return -ENODEV. This may result in crashes...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a connection leak in the net/smc component, which may result in a connection not being released properly whe...

PT-2024-40856 · Pistache · Pistache

Name of the Vulnerable Software and Affected Versions: Pistache affected versions not specified Description: The issue is related to a crash caused by an unknown read in the Pistache::Http::Header::Expect::parseRaw function. This function is part of the Pistache HTTP library, which is used for...

edk2: Predictable TCP Initial Sequence Numbers

A security flaw has been identified in EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized attacker to potentially disclose sensitive information...

kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...

CVE-2024-3913 Phoenix Contact: Start sequence allows attack during the boot process

An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup...