4527 matches found
Updated thunderbird packages fix security vulnerabilities
Memory corruption in WebGL API. CVE-2024-6600 Race condition in permission assignment. CVE-2024-6601 Memory corruption in thread creation. CVE-2024-6603 Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13. CVE-2024-6604...
MGASA-2024-0274 Updated thunderbird packages fix security vulnerabilities
Memory corruption in WebGL API. CVE-2024-6600 Race condition in permission assignment. CVE-2024-6601 Memory corruption in thread creation. CVE-2024-6603 Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13. CVE-2024-6604...
Mozilla: Memory corruption in thread creation
The Mozilla Foundation Security Advisory describes this flaw as: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption...
Mozilla: Memory corruption in thread creation
The Mozilla Foundation Security Advisory describes this flaw as: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption...
Mozilla: Memory corruption in thread creation
The Mozilla Foundation Security Advisory describes this flaw as: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption...
Mozilla: Memory corruption in thread creation
The Mozilla Foundation Security Advisory describes this flaw as: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption...
CVE-2024-21176
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.4.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...
RUSTSEC-2024-0405 op_panic in the base runtime can force a panic in the runtime's containing thread
Affected versions use denocore releases that expose Deno.core.ops.oppanic to the JS runtime in the base core This function when called triggers a manual panic in the thread containing the runtime. It can be fixed by stubbing out the exposed op: javascript Deno.core.ops.oppanic = msg = throw new...
Mozilla: Memory corruption in thread creation
The Mozilla Foundation Security Advisory describes this flaw as: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption...
Mozilla: Memory corruption in thread creation
The Mozilla Foundation Security Advisory describes this flaw as: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption...
Mozilla: Memory corruption in thread creation
The Mozilla Foundation Security Advisory describes this flaw as: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption...
CVE-2024-21176
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.4.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...
UBUNTU-CVE-2024-21176
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.4.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...
CVE-2022-48865
In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is observed: 4.498085 RIP: 0010:tipcmonprep+0x4e/0x130 tipc ... 4.520030 Call Trace: 4.520689 4.521236 tipclinkbuildprotomsg+0x375/0x750...
CVE-2022-48865 tipc: fix kernel panic when enabling bearer
In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is observed: 4.498085 RIP: 0010:tipcmonprep+0x4e/0x130 tipc ... 4.520030 Call Trace: 4.520689 4.521236 tipclinkbuildprotomsg+0x375/0x750...
CVE-2022-48865 tipc: fix kernel panic when enabling bearer
In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is observed: 4.498085 RIP: 0010:tipcmonprep+0x4e/0x130 tipc ... 4.520030 Call Trace: 4.520689 4.521236 tipclinkbuildprotomsg+0x375/0x750...
CVE-2022-48862 vhost: fix hung thread due to erroneous iotlb entries
In the Linux kernel, the following vulnerability has been resolved: vhost: fix hung thread due to erroneous iotlb entries In vhostiotlbaddrangectx, range size can overflow to 0 when start is 0 and last is ULONGMAX. One instance where it can happen is when userspace sends an IOTLB message with...
CVE-2022-48862
The CVE-2022-48862 vulnerability is in the Linux kernel vhost/vhost.c and related vhost/vsock.c handling of IOTLB entries. The root cause is a range-size overflow in vhost_iotlb_add_range_ctx(): when start = 0 and last = ULONG_MAX, an entry with size = 0 is created, and subsequent packet processi...
kernel: tls: race between async notify and socket close
A race condition vulnerability was found in the tls subsystem of the Linux kernel. The submitting thread that calls recvmsg/sendmsg may exit as soon as the async crypto handler calls complete; any code past that point risks touching already freed data. This could lead to a use-after-free issue an...
Rocky Linux 9 : firefox (RLSA-2024:4500)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4500 advisory. Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 CVE-2024-6604 Mozilla: Race condition in permission...