4642 matches found
UBUNTU-CVE-2024-42268
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlinkremotereloadactionsperforme...
CVE-2024-42268 net/mlx5: Fix missing lock on sync reset reload
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlinkremotereloadactionsperforme...
CVE-2024-42268
Technical details about CVE-2024-42268 are not provided in the connected documents; no vendor/product specifics or fixes are included here. Monitor for updates.
CVE-2024-42268 net/mlx5: Fix missing lock on sync reset reload
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlinkremotereloadactionsperforme...
CVE-2024-42268
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlinkremotereloadactionsperforme...
CVE-2024-42268 net/mlx5: Fix missing lock on sync reset reload
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlinkremotereloadactionsperforme...
i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
...
PT-2024-32139 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the use of coherent dumb buffers in configurations without 3D enabled. Coherent surfaces are only useful when the host renders to them using accelerated APIs. Withou...
CVE-2024-6532
The Sheet to Table Live Sync for Google Sheet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STWTSheetTable shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
CVE-2024-6532 Sheet to Table Live Sync for Google Sheet <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via STWT_Sheet_Table Shortcode
The Sheet to Table Live Sync for Google Sheet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STWTSheetTable shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
CLSA-2024-1723622869 Fix of 29 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usbstringcopy CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes CVE-url: https://ubuntu.com/security/CVE-2024-41098 -...
CLSA-2024-1723622576 Fix of 29 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usbstringcopy CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes CVE-url: https://ubuntu.com/security/CVE-2024-41098 -...
WordPress Sheet to Table Live Sync for Google Sheet Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Sheet to Table Live Sync for Google Sheet Type Plugin Vulnerable versions = 1.0.1 Fixed in 1.0.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6532 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d6a47bb268cb Credit...
WordPress plugin Sheet to Table Live Sync for Google Sheet 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...
kernel: tcp: properly terminate timers for kernel sockets
In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12581)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12581 advisory. - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879157 CVE-2024-41090 CVE-2024-41091 - netfilter: ipset: Fix race between...
Improper Access Control
github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is caused due to a failure to validate the source of sync messages and only allow the correct remote IDs. This allows a malicious remote user to set arbitrary RemoteId values for synced users and...
DEBIAN-CVE-2024-42253
In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953xirqbussyncunlock race Ensure that i2clock' is held when setting interrupt latch and mask in pca953xirqbussyncunlock in order to avoid races. The other non-probe call site pca953xgpiosetmultiple ensures t...
UBUNTU-CVE-2024-42253
In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953xirqbussyncunlock race Ensure that i2clock' is held when setting interrupt latch and mask in pca953xirqbussyncunlock in order to avoid races. The other non-probe call site pca953xgpiosetmultiple ensures t...
kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfdstate in sync with MSRIA32XFD The Linux kernel CVE team has assigned CVE-2024-35801 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35801-8038@gregkh/T...