148 matches found
The vulnerability of the WebAudio component in the Google Chrome web browser allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the WebAudio component in the Google Chrome web browser is related to the simultaneous execution using a shared resource with improper synchronization. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause...
The vulnerability of the configfs component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the configfs component in the Linux operating system’s kernel is related to parallel execution using a shared resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause service failures...
OESA-2024-1988 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as t...
kernel: drm/ast: Fix soft lockup
CVE-2024-35952 describes an issue in the Linux kernel's AST graphics driver. The problem occurs in the astdpsetonoff function, where a lack of proper synchronization with the DisplayPort Microcontroller Unit DPMCU can result in an infinite loop. This can cause a "soft lockup" in the host system,...
kernel: drm/ast: Fix soft lockup
CVE-2024-35952 describes an issue in the Linux kernel's AST graphics driver. The problem occurs in the astdpsetonoff function, where a lack of proper synchronization with the DisplayPort Microcontroller Unit DPMCU can result in an infinite loop. This can cause a "soft lockup" in the host system,...
kernel: PM / devfreq: Synchronize devfreq_monitor_[start/stop]
A flaw was found in the Linux kernel resulting from race conditions and a lack of synchronization in handling the delayed work timers in the devfreq component. This issue can lead to inconsistencies and a corruption of the timer list...
kernel: drm/ast: Fix soft lockup
CVE-2024-35952 describes an issue in the Linux kernel's AST graphics driver. The problem occurs in the astdpsetonoff function, where a lack of proper synchronization with the DisplayPort Microcontroller Unit DPMCU can result in an infinite loop. This can cause a "soft lockup" in the host system,...
Lunary Security Breach
Lunary is a production toolkit for LLM that is open sourced by lunary. A security vulnerability exists in Lunary v1.2.11 and earlier versions that stems from allowing the creation of multiple accounts with essentially the same email address, leading to incorrect synchronization and potential...
Astra Linux – Vulnerability in Qemu
A flaw was discovered in the QEMU NBD Server. This vulnerability allows for a denial-of-service DoS attack due to improper synchronization during socket closure, where a client keeps a socket open while the server is offline...
kernel: jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
A flaw was found in the jbd2 module in the Linux kernel. An assertion failure can be triggered when a specific sequence of transactions and operations is performed due to incorrect synchronization, potentially resulting in a denial of service...
CVE-2024-26831 net/handshake: Fix handshake_req_destroy_test1
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshakereqdestroytest1 Recently, handshakereqdestroytest1 started failing: Expected handshakereqdestroytest == req, but handshakereqdestroytest == 0000000000000000 req == 0000000060f99b40 not ok 11 reqdestroy...
CVE-2024-1902
CVE-2024-1902 affects lunary-ai/lunary. The issue is a session-reuse vulnerability where a removed user can alter an organization’s name using an old authorization token via the orgs.patch route. Root cause: lack of validation to verify membership in the organization before permitting changes, du...
CVE-2023-52635 PM / devfreq: Synchronize devfreq_monitor_[start/stop]
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreqmonitorstart/stop There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from canceldelayedworksync...
Propagation Error: "Server is not reachable. Configuration settings might be out of date"
When selecting propagate changes in the primary Storefront server, the propagation completes successfully however the following warning and error ispresent in the server details: Warning - "Propagated changes today at . Some servers were not synchronized." Error - "Server is not reachable...
[NetScaler] Service State doesn't sync to Secondary node in HA setup
When you build NetScaler HA pair with VPX on SDX platform. You may observe the issue that Primary doesn't sync service UP/DOWN events to Secondary node. The issue can impact SDX platforms:SDX 8900, SDX 15000, SDX 15000-50G, SDX 26000, and SDX 26000-50S...
PT-2025-53065
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc6-btrfs-next-134+ Description The Linux kernel contained a flaw in the btrfs subsystem related to the handling of free space tree deletion. Specifically, the code lacked proper synchronization when removi...
PT-2023-7323 · Unknown +5 · Tang Server +5
Name of the Vulnerable Software and Affected Versions: Tang server affected versions not specified Description: A race condition exists in the Tang server functionality for key generation and key rotation, resulting in a small time window where Tang private keys become readable by other processes...
kernel: Bluetooth: use hdev->workqueue when queuing hdev->{cmd,ncmd}_timer works
n the Linux kernel’s Bluetooth subsystem there is a flaw in the way Bluetooth HCI work items are queued. Under certain conditions, work associated with command timeouts hdev-cmd,ncmdtimer could be scheduled on the wrong workqueue while the intended workqueue is being drained. This occurs because...
kernel: jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
A flaw was found in the jbd2 module in the Linux kernel. An assertion failure can be triggered when a specific sequence of transactions and operations is performed due to incorrect synchronization, potentially resulting in a denial of service...
PT-2023-36408 · Gnu +1 · Linux +1
Уязвимость сетевого интерфейса B.A.T.M.A.N. Better Approach To Mobile Adhoc Networking ядра операционной системы Linux связана с некорректной синхронизации процесса удаления сетевого устройства и выполнения отложенных задач в функции batadv dat start timer в модуле distributed-arp-table.c...