CVE-2022-49549 x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when thresholdcreatebank fails In mcethresholdcreatedevice, if thresholdcreatebank fails, the previously allocated threshold banks array @bp will be leaked because the call to mcethresholdremovedevice...

CVE-2022-49549 x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when thresholdcreatebank fails In mcethresholdcreatedevice, if thresholdcreatebank fails, the previously allocated threshold banks array @bp will be leaked because the call to mcethresholdremovedevice...

CVE-2022-49549

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when thresholdcreatebank fails In mcethresholdcreatedevice, if thresholdcreatebank fails, the previously allocated threshold banks array @bp will be leaked because the call to mcethresholdremovedevice...

CVE-2022-49549

The CVE-2022-49549 entry concerns a Linux kernel memory-leak in the x86 MCE/AMD path: when threshold_create_bank() fails inside mce_threshold_create_device(), the previously allocated threshold banks array (bp) could be leaked because threshold_remove_device() only frees it if the bank creation s...

CVE-2022-49549 x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when thresholdcreatebank fails In mcethresholdcreatedevice, if thresholdcreatebank fails, the previously allocated threshold banks array @bp will be leaked because the call to mcethresholdremovedevice...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. ctl is a tool of the FreeBSD Foundation . Provides SCSI target device emulation. A security vulnerability exists in Linux kernel that stems from the presence of data...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory leak in the event that thresholdcreatebank fails...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from listen setting the threshold for pre-allocated rings too high...

Insufficient Verification Of Data Authenticity

quic-go is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is due to improper handling of ICMP "Packet Too Large" messages, allowing an off-path attacker to inject such packets and disrupt QUIC connections by setting the MTU to a value below the minimum threshold o...

openSUSE Security Advisory (SUSE-SU-2024:4050-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Tornado 安全漏洞

Tornado is a Python web framework and asynchronous networking library from the Chinese Tornado Technology Tornado community. The library scales to thousands of open connections through the use of non-blocking network I/O, making it well suited for long-time polling, WebSockets, and other...

CVE-2024-53054

...

PT-2024-35520 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A deadlock issue in the Linux kernel has been identified, which can be triggered by deleting a large number of cpuset cgroups and setting cpu on and off repeatedly. This issue is cause...

SUSE-SU-2024:4006-1 Security update for SUSE Manager Server 4.3

This update fixes the following issues: cobbler: - Security issues fixed: CVE-2024-47533: Prevent privilege escalation from none to admin bsc1231332 - Other bugs fixed: Increase start timeout for cobblerd unit bsc1219450 Provide syncsinglesystem for DHCP modules to improve performance bsc1219450...

kernel: x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when thresholdcreatebank fails In mcethresholdcreatedevice, if thresholdcreatebank fails, the previously allocated threshold banks array @bp will be leaked because the call to mcethresholdremovedevice...

CVE-2024-50157

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Avoid CPU lockups due fifo occupancy check loop Driver waits indefinitely for the fifo occupancy to go below a threshold as soon as the pacing interrupt is received. This can cause soft lockup on one of the processor...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from waiting for fifo occupancy to fall below a threshold in an FPGA could result in a soft CPU lockup...

AZL-52192 CVE-2024-51744 affecting package influxdb for versions less than 2.7.5-4

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

Imperva Adaptive Threshold for Layer 7 DDoS Attacks Reduces Risk of Business Disruption

Today’s fast-paced digital landscape demands an optimized user experience that is always available to engage end users. However, businesses are constantly under threat from a variety of attacks that seek to disrupt that experience, including DDoS attacks. And the risk is growing. According to the...

AZL-49653 CVE-2024-45770 affecting package pcp for versions less than 6.3.2-1

A vulnerability was found in Performance Co-Pilot PCP. This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges...