6045 matches found
J2EEFAST 安全漏洞
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the BpmTaskFromMapper.xml findPage...
vantage6 collaboration admins can extend their influence by expanding the collaboration
Impact Collaboration administrators can add extra organizations to their collaboration. When doing that, they extend their influence: for instance, for organizations that they include, they can then create new users for which they know the passwords, and use that to read task results of other...
GHSA-99R4-CJP4-3HMX vantage6 collaboration admins can extend their influence by expanding the collaboration
Impact Collaboration administrators can add extra organizations to their collaboration. When doing that, they extend their influence: for instance, for organizations that they include, they can then create new users for which they know the passwords, and use that to read task results of other...
kernel: ext4: fix task hung in ext4_xattr_delete_inode
In the Linux kernel, the following vulnerability has been resolved: ext4: fix task hung in ext4xattrdeleteinode Syzbot reported a hung task problem: ================================================================== INFO: task syz-executor232:5073 blocked for more than 143 seconds. Not tainted...
CVE-2021-47414
In the Linux kernel, the following vulnerability has been resolved: riscv: Flush current cpu icache before other cpus On SiFive Unmatched, I recently fell onto the following BUG when booting: 0.000000 ftrace: allocating 36610 entries in 144 pages 0.000000 Oops - illegal instruction 1 0.000000...
DEBIAN-CVE-2021-47454
In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPTCOUNT=y, when a CPU is offlined and then onlined again, we get: BUG: scheduling while atomic: swapper/1/0/0x00000000 no locks held by swapper/1/0...
CVE-2021-47454
In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPTCOUNT=y, when a CPU is offlined and then onlined again, we get: BUG: scheduling while atomic: swapper/1/0/0x00000000 no locks held by swapper/1/0...
UBUNTU-CVE-2021-47454
In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPTCOUNT=y, when a CPU is offlined and then onlined again, we get: BUG: scheduling while atomic: swapper/1/0/0x00000000 no locks held by swapper/1/0...
CVE-2021-47454
CVE-2021-47454 describes a Linux kernel vulnerability affecting powerpc SMP idle handling. The issue arises with PREEMPT_COUNT=y: when a CPU is offlined and onlined, the idle task’s preempt count could be decremented in CPU offline, triggering a scheduling panic. The root cause is that powerpc ar...
PT-2024-25015 · Vantage6 · Vantage6
Name of the Vulnerable Software and Affected Versions: vantage6 versions prior to 4.5.0rc3 Description: The issue allows collaboration administrators to add extra organizations to their collaboration, extending their influence. They can create new users for which they know the passwords and use...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a reduction in the idle task preemption count when the CPU is offline...
ALSA-2024:3043 Moderate: ansible-core bug fix, enhancement, and security update
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
DEBIAN-CVE-2023-52813
In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATARESET We found a hungtask bug in testaeadveccfg as follows: INFO: task cryptomgrtest:391009 blocked for more than 120 seconds. "echo 0 /proc/sys/kernel/hungtasktimeoutsecs" disables this...
CVE-2023-52796
In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlanroutev6outbound helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlanprocessv6outbound by moving the flowi6 struct used for the route lookup in an non...
CVE-2023-52707
In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in epremovewaitqueue If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueue gets freed in the...
CVE-2023-52772
In the Linux kernel, the following vulnerability has been resolved: afunix: fix use-after-free in unixstreamreadactor syzbot reported the following crash 1 After releasing unix socket lock, u-oobskb can be changed by another thread. We must temporarily increase skb refcount to make sure this othe...
UBUNTU-CVE-2023-52813
In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATARESET We found a hungtask bug in testaeadveccfg as follows: INFO: task cryptomgrtest:391009 blocked for more than 120 seconds. "echo 0 /proc/sys/kernel/hungtasktimeoutsecs" disables this...
CVE-2023-52866
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Fix user-memory-access bug in uclogicparamsugeev2initeventhooks When CONFIGHIDUCLOGIC=y and CONFIGKUNITALLTESTS=y, launch kernel and then the below user-memory-access bug occurs. In...
CVE-2023-52851 IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF
In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF In the unlikely event that workqueue allocation fails and returns NULL in mlx5mkeycacheinit, delete the call to mlx5rumrresourcecleanup which frees th...
CVE-2023-52817 drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smcrreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpuregssmc file could result in an abnormal null pointer access when the smcrreg pointer is NULL...