RLSA-2021:1935 Low: rust-toolset:rhel8 security, bug fix, and enhancement update

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. The following packages have been upgraded to a later upstream version: rust 1.49.0. BZ1896712 Security Fixes: rust: use-after-free or double free in VecDeque::makecontiguous...

GHSA-Q28M-8XJW-8VR5 Puma's Keepalive Connections Causing Denial Of Service

This vulnerability is related to CVE-2019-16770. Impact The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted from having their requests starved by greedy persistent-connections saturating all threads in the same process...

Denial of Service (DoS)

Overview puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process...

Denial Of Service (DoS)

puma is vulnerable to denial of service DoS. The vulnerability exists as it was possible to monopolize a thread if the client does not reset and keeps requesting. This CVE exists due to an incomplete fix for CVE-2019-16770...

PT-2021-4448 · Nginx +5 · Nginx +5

Name of the Vulnerable Software and Affected Versions: Puma versions prior to 4.3.8 Puma versions prior to 5.3.1 Description: The issue is related to an incomplete fix for a previous problem, which allowed greedy persistent-connections to saturate all threads in the cluster, potentially starving...

Puma 资源管理错误漏洞

Puma is a web server for highly concurrent applications by Evan Phoenix, an individual developer in the United States. A security vulnerability exists in Puma. The vulnerability stems from a persistent connection in the program that saturates all threads in all processes in a cluster...

CVE-2020-11295

Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

Windows/x64 Inject All Processes With Meterpreter Reverse Shell Shellcode (655 bytes)

Shellcode Title: Windows/x64 - Inject All Processes with Meterpreter Reverse Shell 655 Bytes Shellcode Author: Bobby Cooke boku Tested on: Windows 10 v2004 x64 Compiled from: Kali Linux x8664 Shellcode Description: 64bit Windows 10 shellcode that injects all processes with Meterpreter reverse...

Performance-testing the Google I/O site

I've been looking at the performance of F1 websites recently, but before I dig into the last couple of teams, I figured I'd look a little closer to home, and dig into the Google I/O website. 1. Part 1: Methodology & Alpha Tauri 2. Part 2: Alfa Romeo 3. Part 3: Red Bull 4. Part 4: Williams 5. Part...

[SECURITY] Fedora 32 Update: rust-1.51.0-3.fc32

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

[SECURITY] Fedora 33 Update: rust-1.51.0-3.fc33

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

Fedora: Security Advisory for rust (FEDORA-2021-b1ba54add6)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for rust (FEDORA-2021-d7f74f0250)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: rust-1.51.0-3.fc34

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

SUSE: Security Advisory (SUSE-SU-2016:1784-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2017-20004

In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions...

UBUNTU-CVE-2017-20004

In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions...

CVE-2021-28938

Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. This occurs in opportunistic circumstances when there is concurrent query...

CVE-2021-28938

Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. This occurs in opportunistic circumstances when there is concurrent query...

CVE-2021-28938

Siren Federate contains a cross-context information leak vulnerability affecting multiple versions: 6.8.14-10.3.9, 6.9.x–7.6.x, 7.7.x–7.9.x, 7.10.x–7.11.x, and 7.11.x. In concurrent query execution by a low-privilege and a high-privilege user, the former may run with the latter's privileges, leak...