eventfd double close

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

curl 安全漏洞

curl is a cURL open source tool for transferring data from or to a server. A security vulnerability exists in curl versions 7.10.5 through 8.11.1 that stems from incorrectly closing the same eventfd file descriptor twice when closing the connection channel after completing threaded name resolutio...

PT-2025-9012

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.7-770 2 Description A vulnerability in the Linux kernel has been identified, which can cause the system to crash when using touchscreen and framebuffer on certain devices, such as the Nokia 770. The issue is...

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts

Disclaimer Do not use the related technologies described in...

GHSA-RP9H-RF7G-HWGR s2n-tls has undefined behavior at process exit

Impact s2n-tls uses the Linux atexit function to register functions that clean up the global state when the process exits. In multi-threaded environments, the atexit handler may clean up state which is still in use by other threads. When this occurs, the exiting process may experience a...

PT-2024-10339 · Aim · Aim

Name of the Vulnerable Software and Affected Versions: aimhubio/aim version 3.25.0 Description: A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service DoS attack. The issue arises when a large number of tracked metrics are retrieved simultaneously from the Aim web API,...

Exploit for CVE-2024-47176

CVE-2024-47176 Vulnerability Scanner for CUPS A simple tool t...

[SECURITY] Fedora 39 Update: clamav-1.0.7-1.fc39

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

[SECURITY] Fedora 41 Update: clamav-1.0.7-1.fc41

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

CVE-2024-45296

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event...

[SECURITY] Fedora 39 Update: community-mysql-8.0.39-1.fc39

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

Fedora: Security Advisory (FEDORA-2024-5d9dc19f2d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the request_threaded_irq() function in the gpiolib component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the requestthreadedirq function in the gpiolib component of the Linux operating system is related to the repeated release of memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

Exploit for OS Command Injection in Php

Fastest CVE-2024-4577 Exploitation Tool Description: PHP C...

[SECURITY] Fedora 39 Update: frr-8.5.5-1.fc39

FRRouting is free software that manages TCP/IP based routing protocols. It ta kes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga...

SUSE CVE-2024-42110

In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: Move ntbnetdevrxhandler to call netifrx from netifrx The following is emitted when using idxd DSA dmanegine as the data mover for ntbtransport that ntbnetdev uses. 74412.546922 BUG: using smpprocessorid in...

SUSE CVE-2024-42150

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: remove separate irq request for MSI and INTx When using MSI or INTx interrupts, requestirq for pdev-irq will conflict with requestthreadedirq for txgbe-misc.irq, to cause system crash. So remove txgberequestirq for...

DEBIAN-CVE-2024-42150

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: remove separate irq request for MSI and INTx When using MSI or INTx interrupts, requestirq for pdev-irq will conflict with requestthreadedirq for txgbe-misc.irq, to cause system crash. So remove txgberequestirq for...

DEBIAN-CVE-2024-42110

In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: Move ntbnetdevrxhandler to call netifrx from netifrx The following is emitted when using idxd DSA dmanegine as the data mover for ntbtransport that ntbnetdev uses. 74412.546922 BUG: using smpprocessorid in...

UBUNTU-CVE-2024-42110

In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: Move ntbnetdevrxhandler to call netifrx from netifrx The following is emitted when using idxd DSA dmanegine as the data mover for ntbtransport that ntbnetdev uses. 74412.546922 BUG: using smpprocessorid in...