CVE-2024-36907

...

CVE-2024-36884 iommu/arm-smmu: Use the correct type in nvidia_smmu_context_fault()

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidiasmmucontextfault This was missed because of the function pointer indirection. nvidiasmmucontextfault is also installed as a irq function, and the 'void ' was changed to a struct...

SUSE CVE-2023-52836

In the Linux kernel, the following vulnerability has been resolved: locking/wwmutex/test: Fix potential workqueue corruption In some cases running with the test-wwmutex code, I was seeing odd behavior where sometimes it seemed flushworkqueue was returning before all the work threads were finished...

Important: kernel

Issue Overview: An issue was discovered in fs/iouring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service deadlock because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25...

RHEL 9 : glibc (RHSA-2024:3423)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3423 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...

RHEL 9 : glibc (RHSA-2024:3411)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3411 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...

Fedora: Security Advisory for rust (FEDORA-2024-bbb141c1ed)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: rust-scx_rustland-0.0.3-2.fc40

A BPF component dispatcher that implements the low level sched-ext functionalities and a user-space counterpart scheduler, written in Rust, that implements the actual scheduling policy. This is used within schedext, which is a Linux kernel feature which enables implementing kernel thread schedule...

[SECURITY] Fedora 40 Update: rust-scx_rusty-0.5.4-2.fc40

A multi-domain, BPF / user space hybrid scheduler used within schedext, which is a Linux kernel feature which enables implementing kernel thread schedulers in BPF and dynamically loading them. https://github.com/sched-ext/scx/tree/main...

DEBIAN-CVE-2021-47506

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfssetlease. A delegation break runs a callback which immediately in nfsd4cbrecallprepare adds the delegation to delrecalllru...

UBUNTU-CVE-2021-47506

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfssetlease. A delegation break runs a callback which immediately in nfsd4cbrecallprepare adds the delegation to delrecalllru...

PoolParty - A Set Of Fully-Undetectable Process Injection Techniques Abusing Windows Thread Pools

A collection of fully-undetectable process injection techniques abusing Windows Thread Pools. Presented at Black Hat EU 2023 Briefings under the title - injection-techniques-using-windows-thread-pools-35446"The Pool Party You Will Never Forget: New Process Injection Techniques UsingWindows Thread...

BIT-PRESTASHOP-2024-34716 PrestaShop vulnerable to XSS via customer contact form in FO, through file upload

PrestaShop is an open source e-commerce web application. A cross-site scripting XSS vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled throu...

CVE-2023-52705

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix underflow in second superblock position calculations Macro NILFSSB2OFFSETBYTES, which computes the position of the second superblock, underflows when the argument device size is less than 4096 bytes. Therefore, when...

Apache Tomcat 9.0.0.M1 < 9.0.0.M19 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.0.M19. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.0.m19security-9 advisory. - In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connecto...

RHEL 9 : glibc (RHSA-2024:3339)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3339 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...

Apache Tomcat 8.5.0 < 8.5.38

The version of Tomcat installed on the remote host is prior to 8.5.38. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.38security-8 advisory. - The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessi...

CVE-2021-47377

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

kernel: mm/slub: add missing TID updates on slab deactivation

In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slaballocnode assumes that c-slab is stable as long as the TID stays the same. However, two places in slaballoc currently don't update the TID when deactivatin...

kernel: bpf, cpumap: Make sure kthread is running before map update returns

A race condition was found in the Linux kernel's BPF cpumap implementation in the kthread lifecycle management. A local user can trigger this issue by running XDP redirect operations when the per-CPU kthread is stopped prematurely before processing queued frames, causing the cleanup code to find ...