6039 matches found
UBUNTU-CVE-2024-43869
In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via freeevent directly, this can potentially result in a leaked...
UBUNTU-CVE-2024-43870
In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via taskwork. However failures while adding an event's callback to the taskwork engi...
CVE-2024-43874 crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in sevsnpshutdownlocked Fix a null pointer dereference induced by DEBUGTESTDRIVERREMOVE. Return from sevsnpshutdownlocked if the pspdevice or the sevdevice structs are not initialized...
CVE-2024-43870 perf: Fix event leak upon exit
In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via taskwork. However failures while adding an event's callback to the taskwork engi...
CVE-2024-43870 perf: Fix event leak upon exit
In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via taskwork. However failures while adding an event's callback to the taskwork engi...
org.apache.dolphinscheduler:dolphinscheduler-alert-server (>=3.0.0 <=3.2.1), org.apache.dolphinscheduler:dolphinscheduler-api (>=3.0.0 <=3.0.6) +62 more potentially affected by CVE-2023-49109 +1 more via org.apache.dolphinscheduler:dolphinscheduler-task-api (>=2.0.0-alpha <=3.2.1)
org.apache.dolphinscheduler:dolphinscheduler-task-api MAVEN version =2.0.0-alpha, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =2.0.1, =3.0.0, =3.0.0, =3.0.0, =3.2.0 - org.apache.dolphinscheduler:dolphinscheduler-registry-all =3.1.0 -...
Khoj 安全漏洞
Khoj is an open source application from Khoj AI. It can be used to create ready-to-use personal AI agents for users. A security vulnerability exists in versions prior to Khoj 1.15.0 that stems from parameters not being properly cleaned, allowing users to insert arbitrary HTML into task...
SUSE CVE-2024-42300
In the Linux kernel, the following vulnerability has been resolved: erofs: fix race in zerofsgetgbuf In zerofsgetgbuf, the current task may be migrated to another CPU between zerofsgbufid and spinlock&gbuf-lock. Therefore, zerofsputgbuf will trigger the following issue which was found by stress...
CVE-2024-43856 dma: fix call order in dmam_free_coherent
In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent dmamfreecoherent frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devresdestroy to remove and free the data structure used to track the DMA allocation...
DEBIAN-CVE-2024-42300
In the Linux kernel, the following vulnerability has been resolved: erofs: fix race in zerofsgetgbuf In zerofsgetgbuf, the current task may be migrated to another CPU between zerofsgbufid and spinlock&gbuf-lock. Therefore, zerofsputgbuf will trigger the following issue which was found by stress...
UBUNTU-CVE-2024-42300
In the Linux kernel, the following vulnerability has been resolved: erofs: fix race in zerofsgetgbuf In zerofsgetgbuf, the current task may be migrated to another CPU between zerofsgbufid and spinlock&gbuf-lock. Therefore, zerofsputgbuf will trigger the following issue which was found by stress...
CVE-2024-42294 block: fix deadlock between sd_remove & sd_release
In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sdremove & sdrelease Our test report the following hung task: 2538.459400 INFO: task "kworker/0:0":7 blocked for more than 188 seconds. 2538.459427 Call trace: 2538.459430 switchto+0x174/0x338...
CVE-2023-52889 apparmor: Fix null pointer deref when receiving skb during sock creation
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created. SKCTXsk-label is updated in...
Revert "sched/fair: Make sure to try to detach at least one movable task"
...
Improper Preservation of Permissions in xxl-job
Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...
GHSA-CPFP-M5QW-C4R3 Improper Preservation of Permissions in xxl-job
Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...
CVE-2024-42681
Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...
CVE-2024-42681
Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...
XXL-JOB 安全漏洞
XXL-JOB is a distributed task scheduling platform by the individual developer xuxueli. A security vulnerability exists in XXL-JOB v.2.4.1, which is caused by an arbitrary code execution vulnerability in the Sub-Task component...
CVE-2024-42681
Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...