Rust: Multiple Vulnerabilities

Background A systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. Description Multiple vulnerabilities have been discovered in Rust. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...

CVE-2024-46734

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we have a race where we c...

md/dm-raid: don't call md_reap_sync_thread() directly

...

dm-raid: really frozen sync_thread during suspend

...

kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge

CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability...

CVE-2024-45296

The Jira Service Management Data Center/Server DoS issue (CVE-2024-45296) stems from the path-to-regexp dependency, which can generate pathological regular expressions causing DoS on the main thread. Affected: Jira Service Management DC/Server versions 10.2.0–10.5.0. CVSS 3.1 vector: AV:N/AC:L/PR...

CVE-2024-44991

In the Linux kernel, the following vulnerability has been resolved: tcp: prevent concurrent execution of tcpskexitbatch Its possible that two threads call tcpskexitbatch concurrently, once from the cleanupnet workqueue, once from a task that failed to clone a new netns. In the latter case, error...

Linux Kernel 5.6.13 Use-After-Free Exploit

Proof of concept exploit that uses a use-after-free vulnerability due to a race condition in MIDI devices in Linux Kernel version 5.6.13. // gcc -o exploit exploit.c -masm=intel -static -s -lpthread define GNUSOURCE include include include include include include include include include include...

CVE-2024-23365 Use After Free in SCE-Mink

Memory corruption while releasing shared resources in MinkSocket listener thread...

PT-2024-19844 · Unknown · Minksocket

Name of the Vulnerable Software and Affected Versions: MinkSocket affected versions not specified Description: There is a memory corruption issue when releasing shared resources in the MinkSocket listener thread. This issue occurs due to improper handling of shared resources, leading to memory...

CVE-2024-44946

In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcmsendmsg for the same socket. syzkaller reported UAF in kcmrelease. 0 The scenario is 1. Thread A builds a skb with MSGMORE and sets kcm-seqskb. 2. Thread A resumes building skb from kcm-seqskb but is blocked by...

CVE-2024-44946

CVE-2024-44946 affects the Linux kernel kcm subsystem (kcm_sendmsg). The issue was a use-after-free/race: while MSG_MORE skb construction was in progress, another thread could touch it, leading to a double-free in kcm_release() when the skb remained in the write queue. The fix serialises kcm_send...

Malicious code in noblox.js-thread (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 062619601a008f4292eaf9453ebd17f78bda5a38e3f7cc9d06669c0366f09cb2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8085 Malicious code in noblox.js-thread (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 062619601a008f4292eaf9453ebd17f78bda5a38e3f7cc9d06669c0366f09cb2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-43900 media: xc2028: avoid use-after-free in load_firmware_cb()

In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in loadfirmwarecb syzkaller reported use-after-free in loadfirmwarecb 1. The reason is because the module allocated a struct tuner in tunerprobe, and then the module initialization failed, the...

ROS-20240826-08

A vulnerability in the source/blender/imbuf/intern/dds/DirectDrawSurface.cpp component of the Blender software suite of the Blender 3D computer graphics software suite is related to an incorrect assumption about the thread size. thread size. Exploitation of the vulnerability allows an attacker...

DEBIAN-CVE-2022-48921

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix fault in reweightentity Syzbot found a GPF in reweightentity. This has been bisected to commit 4ef0c5c6b5ba "kernel/sched: Fix schedfork access an invalid schedtaskgroup" There is a race between schedpostfork and...

CVE-2022-48921

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix fault in reweightentity Syzbot found a GPF in reweightentity. This has been bisected to commit 4ef0c5c6b5ba "kernel/sched: Fix schedfork access an invalid schedtaskgroup" There is a race between schedpostfork and...

UBUNTU-CVE-2022-48921

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix fault in reweightentity Syzbot found a GPF in reweightentity. This has been bisected to commit 4ef0c5c6b5ba "kernel/sched: Fix schedfork access an invalid schedtaskgroup" There is a race between schedpostfork and...

CVE-2022-48921 sched/fair: Fix fault in reweight_entity

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix fault in reweightentity Syzbot found a GPF in reweightentity. This has been bisected to commit 4ef0c5c6b5ba "kernel/sched: Fix schedfork access an invalid schedtaskgroup" There is a race between schedpostfork and...