866 matches found
kernel: VMCI: Use threaded irqs instead of tasklets
In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmcidispatchdgs tasklet function calls vmcireaddata which uses waitevent resulting in invalid sleep in an atomic context and therefore potentially in a deadlock. Use threaded irqs t...
UBUNTU-CVE-2021-47449
In the Linux kernel, the following vulnerability has been resolved: ice: fix locking for Tx timestamp tracking flush Commit 4dd0d5c33c3e "ice: add lock around Tx timestamp tracker flush" added a lock around the Tx timestamp tracker flow which is used to cleanup any left over SKBs and prepare for...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a call to a sleep function from an invalid environment...
UBUNTU-CVE-2021-47402
In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect flwalk with rcu Patch that refactored flwalk to use idrforeachentrycontinueul also removed rcu protection of individual filters which causes following use-after-free when filter is deleted concurrently...
PT-2024-17842
Name of the Vulnerable Software and Affected Versions EDK2 affected versions not specified Description The issue arises when S3 sleep is activated, allowing an attacker to cause a Division-By-Zero due to a UINT32 overflow via local access. This can lead to a loss of Availability. Recommendations ...
The vulnerability of the Linux operating system’s Intel Hardware Feedback Interface driver allows attackers to compromise the integrity and accessibility of protected information.
The vulnerability of the Intel Hardware Feedback Interface driver in the drivers/thermal/intel/intelhfi.c file of the Linux kernel is related to the improper use of a reserved buffer after resuming from sleep mode. Exploiting this vulnerability could allow an attacker to compromise the integrity...
CVE-2024-26989
In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsuspsave On arm64 machines, swsuspsave faults if it attempts to access MEMBLOCKNOMAP memory ranges. This can be reproduced in QEMU using UEFI when booting with rodata=off...
kernel: dm: don't attempt to queue IO under RCU protection
A sleep-in-atomic-context bug was found in the Device Mapper subsystem in the Linux kernel. When processing REQNOWAIT requests, dm incorrectly submits I/O while holding an RCU read lock, assuming that REQNOWAIT means no scheduling can occur. However, mempoolalloc and other allocation functions ma...
kernel: firmware: arm_sdei: Fix sleep from invalid context BUG
In the Linux kernel, the following vulnerability has been resolved: firmware: armsdei: Fix sleep from invalid context BUG Running a preempt-rt v6.2-rc3-rt1 based kernel on an Ampere Altra triggers: BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:46 inatomic: 0,...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect call to a sleep function from an invalid environment...
CVE-2024-26698 hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove
In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Fix race condition between netvscprobe and netvscremove In commit ac5047671758 "hvnetvsc: Disable NAPI before closing the VMBus channel", napidisable was getting called for all channels, including all subchannels withou...
Elementor Website Builder SQL Injection
EXPLOIT Elementor Website Builder Replace URL page. On the Replace URL page, enter any random string as the "New URL" and the following malicious payload as the "Old URL": code : http://localhost:8080/?test',metakey='key4'where+metaid=SLEEP2; Press "Replace URL" on the Replace URL page. Burp Suit...
Smart Alarm 安全漏洞
Smart Alarm is a privacy-focused sleep tracker by the individual developer of fridgecow. A security vulnerability exists in Smart Alarm v1.8.1, which stems from an unknown part of the androidmanifest.xml in the component Backup File Handler, leading to the exposure of the backup file...
AZL-58767 CVE-2023-52624 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands Why DMCUB can be in idle when we attempt to interface with the HW through the GPINT mailbox resulting in a system hang. How Add dcwakeandexecutegpint to wrap the wake,...
CVE-2023-52624
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands Why DMCUB can be in idle when we attempt to interface with the HW through the GPINT mailbox resulting in a system hang. How Add dcwakeandexecutegpint to wrap the wake,...
CVE-2023-52498
In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume core code deadlocks, because asyncscheduledev executes its argument function synchronously if it...
CVE-2023-52498
In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume core code deadlocks, because asyncscheduledev executes its argument function synchronously if it...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume core code deadlocks, because asyncscheduledev executes its argument function synchronously if it...
CVE-2023-52498 PM: sleep: Fix possible deadlocks in core system-wide PM code
In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume core code deadlocks, because asyncscheduledev executes its argument function synchronously if it...
CVE-2023-52498
In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume core code deadlocks, because asyncscheduledev executes its argument function synchronously if it...