1351 matches found
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue with the mm:shmem component getting the wrong lruvec when replacing the shmem folio...
SUSE CVE-2024-39293
In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. This patch introduced a potential kernel crash when multiple napi instances redirect to the same...
Astra Linux - уязвимость в mbedtls
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...
Incorrect Initialization of Resource
Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Incorrect Initialization of Resource via CUDA SHM region registration. An attacker can cause a network issue, leading t...
SUSE CVE-2023-52775
In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. The benchmark has a low probability of reporting a strange error as shown below. "Error: Protocol...
CVE-2024-36911
In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers need to...
RHEL 6 : openssh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: loading of untrusted PKCS11 modules in ssh-agent CVE-2016-10009 - openssh: Bounds check can be...
CVE-2024-36911 hv_netvsc: Don't free decrypted memory
In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers need to...
DEBIAN-CVE-2021-47536
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix wrong listdel in smclgrcleanupearly smclgrcleanupearly meant to delete the link group from the link group list, but it deleted the list head by mistake. This may cause memory corruption since we didn't remove the rea...
CVE-2024-35939
In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dmasetdecrypted failure On TDX it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers...
CVE-2024-35939
CVE-2024-35939 affects the Linux kernel: dma-direct: Leak pages on dma_set_decrypted() failure. In TDx, set_memory_encrypted()/set_memory_decrypted() failures can cause memory to be shared; DMA could leak decrypted/shared pages instead of freeing them, potentially leading to functional or securit...
UBUNTU-CVE-2024-35797
In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix two shmem bugs When cachestat on shmem races with swapping and invalidation, there are two possible bugs: 1 A swapin error can have resulted in a poisoned swap entry in the shmem inode's xarray. Calling...
CVE-2024-0088
NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering...
CVE-2024-0088
NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering...
CVE-2024-0088 CVE
NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering...
CVE-2024-0088
CVE-2024-0088 affects the NVIDIA Triton Inference Server for Linux. The vulnerability resides in shared memory APIs, where a user can trigger an improper memory access via a network API, with potential consequences described as denial of service and data tampering. The NVIDIA security bulletin in...
Buildroot 安全漏洞
Buildroot is Buildroot's open source set of Makefiles and Patch files. It is used to simplify and automate the process of building a complete and bootable Linux environment for embedded systems. A security vulnerability exists in versions prior to Buildroot 0b2967e that stems from missing sticky...
Security Bulletin: NVIDIA Triton Inference Server - April 2024
NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide. Go to NVIDIA...
Fedora 40 : mbedtls (2024-a23b5f0783)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a23b5f0783 advisory. - Update to 2.28.8 Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.8 Tenable has extracted the preceding description block...
Mageia: Security Advisory (MGASA-2024-0146)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...