kernel: mptcp: pm: Fix uaf in __timer_delete_sync

A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: mptcp: pm: Fix uaf in __timer_delete_sync

A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: dm-raid: really frozen sync_thread during suspend

A hang flaw was found in the Linux kernel’s Raid MD subsystem. This flaw allows a local user to crash the system...

kernel: net/mlx5: Fix missing lock on sync reset reload

On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlinkremotereloadactionsperformed which results in triggering lock assert. This may lead to a crash...

kernel: bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX

A warning was observed in the Linux kernel in hciconndel caused by freeing handle that was not allocated using ida allocator. This is caused by handle bigger than HCICONNHANDLEMAX passed by hcilebigsyncestablishedevt, which makes code think it's unset connection...

PT-2024-35650

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential array underflow issue has been identified in the Linux kernel, specifically in the ucsi ccg sync control function. The command variable can be controlled by the user via...

SUSE CVE-2024-50255

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...

AZL-53298 CVE-2024-50255 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...

Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync

...

mptcp: pm: Fix uaf in __timer_delete_sync

...

The vulnerability of the hci_enhanced_setup_sync() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the hcienhancedsetupsync function in the net/bluetooth/hciconn.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

CVE-2024-50121

CVE-2024-50121 affects the Linux kernel component nfsd, specifically the race where nfsd_shrinker_work may be cancelled in nfs4_state_shutdown_net without waiting for the shrinker to exit. This can cause warnings and use-after-free scenarios when unhashing and destroying nfsd clients during net s...

kernel: ibmvnic: Add tx check to prevent skb leak

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Add tx check to prevent skb leak Below is a summary of how the driver stores a reference to an skb during transmit: txbufffreemapconsumerindex-skb = newskb; freemapconsumerindex = IBMVNICINVALIDMAP; consumerindex ++; Whe...

MAL-2024-10268 Malicious code in orb-sync-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 66fd78c3bd4a6a0c78fd807883122d9472771728d739f90d169cd1ba62760f3c The OpenSSF Package Analysis project identified 'orb-sync-lib' @ 100.0.0 npm as malicious. It is considered malicious because: - The package...

Malicious code in orb-sync-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 66fd78c3bd4a6a0c78fd807883122d9472771728d739f90d169cd1ba62760f3c The OpenSSF Package Analysis project identified 'orb-sync-lib' @ 100.0.0 npm as malicious. It is considered malicious because: - The package...

Qualys VMDR & Core Apps Revamped: Ultimate Cyber Defense Partnership for Streamlined Vulnerability Management with ITSM

Introducing the Revamped VMDR & Core Apps Qualys has the dynamic duo of ServiceNow Apps – The Qualys Core App and Qualys VMDR App – that help you close the gap between IT and Security teams, making vulnerability management and ticketing workflows seamless and eliminating manual spreadsheet-based...

PT-2024-7401

Name of the Vulnerable Software and Affected Versions: HBS 3 Hybrid Backup Sync versions prior to 25.1.1.673 Description: The issue is related to an OS command injection vulnerability. This vulnerability could allow remote attackers to execute commands. It is reported that over 113,000 instances...

Security Bulletin: IBM Datapower Operations Dashboard could allow remote attacker to execute arbitrary commands on the system CVE-2017-16100

Summary dns-sync is used by the IBM Datapower Operations Dashboard implementation of networking operations Vulnerability Details CVEID:CVE-2017-16100 DESCRIPTION: Node.js dns-sync module could allow a remote attacker to execute arbitrary commands on the system, caused by the improper validation o...

Lawo AG vsm LTC Time Sync Path Traversal

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated Path Traversal Vulnerability product: Lawo AG - vsm LTC Time Sync vTimeSync vulnerable version: 4.5.6.0 fixed version: 4.5.6.0 CVE number: CVE-2024-6049...

CVE-2024-48546

Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows attackers to access sensitive information by analyzing the code and data within the APK file...