CVE-2024-50073

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Fix use-after-free in gsmcleanupmux BUG: KASAN: slab-use-after-free in gsmcleanupmux+0x77b/0x7b0 drivers/tty/ngsm.c:3160 ngsm Read of size 8 at addr ffff88815fe99c00 by task poc/3379 CPU: 0 UID: 0 PID: 3379 Comm: poc N...

SUSE CVE-2024-50019

In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASKPARKED state. However...

CVE-2024-49993

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention condition in the f2fs file system when stopping gc threads, which could lead to post-release...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact

Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable issues, CVE-2023-22081, CVE-2023-22067, and CVE-2023-5676 Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability i...

CVE-2024-47813 Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

Race Condition

Overview terra-notebook-utils is an Utilities for the Terra notebook environment. Affected versions of this package are vulnerable to Race Condition in task submission due to improper thread synchronization. The issue could lead to crashes or inconsistent task states when tasks are submitted from...

CVE-2024-46845

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Only clear timer if a kthread exists The timerlat tracer can use user space threads to check for osnoise and timer latency. If the program using this is killed via a SIGTERM, the threads are shutdown one at a ti...

CVE-2024-46845

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Only clear timer if a kthread exists The timerlat tracer can use user space threads to check for osnoise and timer latency. If the program using this is killed via a SIGTERM, the threads are shutdown one at a ti...

CVE-2024-46845 tracing/timerlat: Only clear timer if a kthread exists

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Only clear timer if a kthread exists The timerlat tracer can use user space threads to check for osnoise and timer latency. If the program using this is killed via a SIGTERM, the threads are shutdown one at a ti...

CVE-2024-46734 btrfs: fix race between direct IO write and fsync when using same fd

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we have a race where we c...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: A...

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. CVEs: CVE-2024-21147, CVE-2024-21145, CVE-2024-21140, CVE-2024-21144, CVE-2024-21138, CVE-2024-21131 and CVE-2024-27267 Vulnerability Details CVEID:CVE-2024-21147...

CVE-2024-33060

Memory corruption when two threads try to map and unmap a single node simultaneously...

CVE-2024-33060

CVE-2024-33060 is a use-after-free race in Qualcomm’s DSP/adsprpc driver (fastrpc_mmap) that can occur when global and local mappings are concurrently created and freed. The vulnerability centers on fastrpc_mmap_create, fastrpc_mmap_add, and related epilogue paths (mem_map_to_dsp, munmap/mmap_fre...

CVE-2024-33060 Use After Free in DSP Service

Memory corruption when two threads try to map and unmap a single node simultaneously...

CVE-2024-33060 Use After Free in DSP Service

Memory corruption when two threads try to map and unmap a single node simultaneously...

IBM Lotus Notes Sametime Room Name Bruteforce

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'enumerable' class MetasploitModule 'IBM Lotus Notes Sametime Room Name Bruteforce', 'Description' = %q This module bruteforces Sametime meeting room names via t...

IBM Lotus Notes Sametime User Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'enumerable' class MetasploitModule 'IBM Lotus Notes Sametime User Enumeration', 'Description' = %q This module extracts usernames using the IBM Lotus Notes...

MAL-2024-8086 Malicious code in noblox.js-threads (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff6e7081bd0620aa9d7475eb55589362075317d25dceecf4c6df7ce2230ce28e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...