DEBIAN-CVE-2024-26686

In the Linux kernel, the following vulnerability has been resolved: fs/proc: dotaskstat: use sig-statslock to gather the threads/children stats locktasksighand can trigger a hard lockup. If NRCPUS threads call dotaskstat at the same time and the process has NRTHREADS, it will spin with irqs...

CVE-2024-26686 fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats

In the Linux kernel, the following vulnerability has been resolved: fs/proc: dotaskstat: use sig-statslock to gather the threads/children stats locktasksighand can trigger a hard lockup. If NRCPUS threads call dotaskstat at the same time and the process has NRTHREADS, it will spin with irqs...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a buffer overflow vulnerability in transstatshow...

DEBIAN-CVE-2020-36785

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Fix use after free in atomispalloccssstatbufs The "s3abuf" is freed along with all the other items on the "asd-s3astats" list. It leads to a double free and a use after free...

CVE-2020-36785

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Fix use after free in atomispalloccssstatbufs The "s3abuf" is freed along with all the other items on the "asd-s3astats" list. It leads to a double free and a use after free...

UBUNTU-CVE-2020-36785

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Fix use after free in atomispalloccssstatbufs The "s3abuf" is freed along with all the other items on the "asd-s3astats" list. It leads to a double free and a use after free...

CVE-2021-46940

In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idxtooffset function returns type int 32-bit signed, but MSRPKGENERGYSTAT is u32 and would be interpreted as a negative number. The end result is that it hi...

UBUNTU-CVE-2021-46940

In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idxtooffset function returns type int 32-bit signed, but MSRPKGENERGYSTAT is u32 and would be interpreted as a negative number. The end result is that it hi...

PT-2024-12222 · Unknown · Oretnom23 Judging Management System

Name of the Vulnerable Software and Affected Versions: oretnom23 Judging Management System version 1.0 Description: The issue allows remote attackers to execute arbitrary code and obtain sensitive information via the sub event id parameter in the "sub event stat update.php" endpoint...

Information disclosure in Linux kernels through 3.1

In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat...

kernel: afs: Fix dynamic root getattr

In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oop...

kernel: netfilter: conntrack: fix using __this_cpu_add in preemptible

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix using thiscpuadd in preemptible Currently in nfconntrackhashcheckinsert, when it fails in nfctextvalidpre/post, NFCTSTATINC will be called in the preemptible context, a call trace can be triggered: BUG:...

PT-2024-11841 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the netfilter: flowtable offload. The issue arises when flow offload queue work is called in a workqueue without bh...

CVE-2023-31284

illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net...

Stack overflow

illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net...

Maspik – Spam blacklist < 0.7.9 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions in the file /admin/partials/contact-forms-anti-spam-log.php against CSRF attacks, allowing an unauthenticated attacker to clear plugin logs and stat counter by tricking a logged in user to submit a crafted request...

SUSE CVE-2010-4754

The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service CPU and memory consumption via crafted glob expressions that do not match any pathnames, as...

SUSE CVE-2010-4756

The glob implementation in the GNU C Library aka glibc or libc6 allows remote authenticated users to cause a denial of service CPU and memory consumption via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a differen...

SUSE CVE-2011-0418

The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service memory consumption via a crafted FTP STAT command...

SUSE CVE-2011-0421

The zipnamelocate function in zipnamelocate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FLUNCHANGED argument, which might allow context-dependent attackers to cause a denial of service NULL pointer dereference via an empty ZIP archive that is processed with a...