GHSA-M9C9-MC2H-9WJW Lodestar snappy checksum issue

Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork network partition requiring hard fork Lodestar does not verify checksum in snappy framing uncompressed chunks. Vulnerability Details In Req/Resp protocol the messages are encoded by...

Lodestar snappy checksum issue

Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork network partition requiring hard fork Lodestar does not verify checksum in snappy framing uncompressed chunks. Vulnerability Details In Req/Resp protocol the messages are encoded by...

GHSA-53RV-HCVM-RPP9 Lodestar snappy decompression issue

Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork network partition requiring hard fork Description Lodestar client may fail to decode snappy framing compressed messages. Vulnerability Details In Req/Resp protocol the message are...

Lodestar snappy decompression issue

Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork network partition requiring hard fork Description Lodestar client may fail to decode snappy framing compressed messages. Vulnerability Details In Req/Resp protocol the message are...

DEBIAN-CVE-2024-57881

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In splitlargebuddy, we might call pfntopage on a PFN that might not exist. In corner cases, such as when freeing the highest pageblock in the last...

UBUNTU-CVE-2024-57881

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In splitlargebuddy, we might call pfntopage on a PFN that might not exist. In corner cases, such as when freeing the highest pageblock in the last...

CVE-2024-57881 mm/page_alloc: don't call pfn_to_page() on possibly non-existent PFN in split_large_buddy()

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In splitlargebuddy, we might call pfntopage on a PFN that might not exist. In corner cases, such as when freeing the highest pageblock in the last...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the possibility that the splitlargebuddy function may call pfntopage on a non-existent PFN, resulting in a...

PT-2025-52657

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the tracing subsystem related to Virtual Memory Area VMA handling. Specifically, when a VMA is split, the ring buffer unmap function can be call...

SUSE CVE-2024-53146

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

SUSE CVE-2024-53171

In the Linux kernel, the following vulnerability has been resolved: ubifs: authentication: Fix use-after-free in ubifstncendcommit After an insertion in TNC, the tree might split and cause a node to change its znode-parent. A further deletion of other nodes in the tree which also could free the...

UBUNTU-CVE-2024-56531

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Use sndcardfreewhenclosed at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses sndcardfree at disconnection, but this waits for the close of all...

AZL-54945 CVE-2024-53146 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

CVE-2024-53146 NFSD: Prevent a potential integer overflow

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

PT-2025-3608

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.13.0-rc2master+ Description The issue is related to the Linux kernel's handling of huge page tables. The folio refcount may be increased unexpectedly through try get folio by callers such as split huge pages...

[SECURITY] Fedora 40 Update: mingw-libsoup-2.74.3-8.fc40

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

CVE-2024-53079

In the Linux kernel, the following vulnerability has been resolved: mm/thp: fix deferred split unqueue naming and locking Recent changes are putting more pressure on THP deferred split queues: under load revealing long-standing races, causing listdel corruptions, "Bad page state"s and worse I kee...

Unspecified vulnerability in Linux kernel (CNVD-2024-46449)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a delayed split queue naming and locking issue. No details of the vulnerability are provided...

SUSE CVE-2024-53079

In the Linux kernel, the following vulnerability has been resolved: mm/thp: fix deferred split unqueue naming and locking Recent changes are putting more pressure on THP deferred split queues: under load revealing long-standing races, causing listdel corruptions, "Bad page state"s and worse I kee...

DEBIAN-CVE-2024-53079

In the Linux kernel, the following vulnerability has been resolved: mm/thp: fix deferred split unqueue naming and locking Recent changes are putting more pressure on THP deferred split queues: under load revealing long-standing races, causing listdel corruptions, "Bad page state"s and worse I kee...