SUSE CVE-2024-7519

Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird 115.14...

DEBIAN-CVE-2024-7519

Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird 115.14...

CVE-2024-7519

Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird 115.14...

CVE-2024-7519

Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird 115.14...

CVE-2024-21481

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager...

CVE-2024-21481

CVE-2024-21481 involves memory corruption during the preparation of a shared memory notification for a memparcel in Resource Manager. The issue is described as a memory corruption flaw, with no publicly documented exploitation details in the provided sources. The connected documents reference the...

CVE-2024-21481 Improper Restriction of Operations within the Bounds of a Memory Buffer in Hypervisor

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager...

PT-2024-18902 · Unknown · Resource Manager

Name of the Vulnerable Software and Affected Versions: Resource Manager affected versions not specified Description: The issue is related to memory corruption that occurs when preparing a shared memory notification for a memparcel in Resource Manager. Recommendations: At the moment, there is no...

UBUNTU-CVE-2024-3056

A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources...

SUSE CVE-2024-40949

In the Linux kernel, the following vulnerability has been resolved: mm: shmem: fix getting incorrect lruvec when replacing a shmem folio When testing shmem swapin, I encountered the warning below on my machine. The reason is that replacing an old shmem folio with a new one causes memcgroupmigrate...

SUSE CVE-2024-39497

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUGON on mmapPROTWRITE, MAPPRIVATE Lack of check for copy-on-write COW mapping in drmgemshmemmmap allows users to call mmap with PROTWRITE and MAPPRIVATE flag causing a kernel panic due to BUGON in...

DEBIAN-CVE-2024-40949

In the Linux kernel, the following vulnerability has been resolved: mm: shmem: fix getting incorrect lruvec when replacing a shmem folio When testing shmem swapin, I encountered the warning below on my machine. The reason is that replacing an old shmem folio with a new one causes memcgroupmigrate...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue with the mm:shmem component getting the wrong lruvec when replacing the shmem folio...

SUSE CVE-2024-39293

In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. This patch introduced a potential kernel crash when multiple napi instances redirect to the same...

Astra Linux – Vulnerability in mbedtls

A issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, as well as in Mbed Crypto. The PSA Crypto API improperly handles shared memory...

Incorrect Initialization of Resource

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Incorrect Initialization of Resource via CUDA SHM region registration. An attacker can cause a network issue, leading t...

SUSE CVE-2023-52775

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. The benchmark has a low probability of reporting a strange error as shown below. "Error: Protocol...

CVE-2024-36911

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers need to...

RHEL 6 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: loading of untrusted PKCS11 modules in ssh-agent CVE-2016-10009 - openssh: Bounds check can be...

CVE-2024-36911 hv_netvsc: Don't free decrypted memory

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers need to...