CVE-2024-50285 ksmbd: check outstanding simultaneous SMB operations

In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbdworkcache”. It will cause OOM issue. ksmbd has a credit mechanism but it can'...

CVE-2024-47679 vfs: fix race between evice_inodes() and find_inode()&iput()

In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between eviceinodes and findinode&iput Hi, all Recently I noticed a bug1 in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a inode ie ino 261 with icount 1 is called by iput, and...

kernel: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked When requesting an NMI window, WARN on vNMI support being enabled if and only if NMIs are actually masked, i.e. if the vCPU is already handling an NMI. KVM's ABI fo...

net-snmp: Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously

A flaw was found in net-snmp. This issue occurs due to improper input validation when simultaneously setting malformed OIDs in the master agent and subagent...

keycloak: potential bypass of brute force protection

A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. Thi...

CVE-2024-33060 Use After Free in DSP Service

Memory corruption when two threads try to map and unmap a single node simultaneously...

CVE-2024-33060

CVE-2024-33060 is a use-after-free race in Qualcomm’s DSP/adsprpc driver (fastrpc_mmap) that can occur when global and local mappings are concurrently created and freed. The vulnerability centers on fastrpc_mmap_create, fastrpc_mmap_add, and related epilogue paths (mem_map_to_dsp, munmap/mmap_fre...

CVE-2024-33060 Use After Free in DSP Service

Memory corruption when two threads try to map and unmap a single node simultaneously...

SMBLoris NBSS Denial of Service

!/usr/bin/env ruby require 'socket' require 'metasploit' require 'bindata' class NbssHeader ' , date: '2017-06-29', references: type: 'url', ref: 'https://web.archive.org/web/20170804072329/https://smbloris.com/' , type: 'aka', ref: 'SMBLoris' , type: 'dos', options: rhost: type: 'address',...

CVE-2024-42152 nvmet: fix a possible leak when destroy a ctrl during qp establishment

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...

AZL-43270 CVE-2024-39483 affecting package kernel for versions less than 5.15.162.2-1

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked When requesting an NMI window, WARN on vNMI support being enabled if and only if NMIs are actually masked, i.e. if the vCPU is already handling an NMI. KVM's ABI fo...

UBUNTU-CVE-2024-39483

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked When requesting an NMI window, WARN on vNMI support being enabled if and only if NMIs are actually masked, i.e. if the vCPU is already handling an NMI. KVM's ABI fo...

PT-2024-27492 · Absolute · Absolute Secure Access

Name of the Vulnerable Software and Affected Versions: Absolute Secure Access versions prior to 13.06 Description: The issue is a cross-site scripting vulnerability in the management UI of Absolute Secure Access. Attackers with system administrator permissions can interfere with other system...

RHEL 8 : openssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssl: Read buffer overruns processing ASN.1 strings CVE-2021-3712 - Simultaneous Multi-threading SMT i...

CVE-2024-35821

In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in the correct place Page cache reads are lockless, so setting the freshly allocated page uptodate before we've overwritten it with the data it's supposed to have in it will allow a simultaneous reader to...

CVE-2024-31470

There is a buffer overflow vulnerability in the underlying SAE Simultaneous Authentication of Equals service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful...

CVE-2024-34695 WOWS Karma vulnerable to a post submission bounce/timing attack

WOWS Karma is a reputation system for Wargaming's World of Warships. A user is able to click multiple times on "create" on a post creation prompt before the modal closes, which triggers sending several post creation API requests at once. Due to timing, sending multiple posts simultaneously reques...

PT-2024-26112 · Unknown · Wows Karma

Name of the Vulnerable Software and Affected Versions: WOWS Karma versions prior to 0.17.4.1 Description: The issue allows a user to bypass cooldown validation by sending multiple post creation API requests simultaneously. This is achieved by clicking the "create" button multiple times on a post...

C2-Cloud - The C2 Cloud Is A Robust Web-Based C2 Framework, Designed To Simplify The Life Of Penetration Testers

The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface. C2 Clou...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a security flaw when two interrupts are raised to two CPUs at the same time...