156 matches found
USN-7407-1 linux-hwe-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...
USN-7392-3 linux-aws vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero CVE-2024-26982 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2reconnectserver CVE-2024-35870 In th...
USN-7387-3: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...
VulnCheck KEV: CVE-2024-9593
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute...
UBUNTU-CVE-2022-49375
In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: check return value after calling platformgetresource It will cause null-ptr-deref if platformgetresource returns NULL, we need check the return value...
CVE-2022-49150 rtc: gamecube: Fix refcount leak in gamecube_rtc_read_offset_from_sram
In the Linux kernel, the following vulnerability has been resolved: rtc: gamecube: Fix refcount leak in gamecubertcreadoffsetfromsram The offindcompatiblenode function returns a node pointer with refcount incremented, We should use ofnodeput on it when done Add the missing ofnodeput to release th...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from pl031 rtc features Null pointer dereference...
The vulnerability of the rtc component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the rtc component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2024-9593
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute code on t...
rtc: check if __rtc_read_time was successful in rtc_timer_do_work()
...
The vulnerability of the etimeclockwp_load_function_callback() function in the WordPress Content Management System allows a hacker to execute arbitrary code.
The vulnerability of the etimeclockwploadfunctioncallback function in the Time Clock plugin of the WordPress content management system is related to improper handling of code generation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
SUSE CVE-2024-56621
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Cancel RTC work during ufshcdremove Currently, RTC work is only cancelled during ufshcdwlsuspend. When ufshcd is removed in ufshcdremove, RTC work is not cancelled. Due to this, any further trigger of the RTC wor...
DEBIAN-CVE-2024-56739
In the Linux kernel, the following vulnerability has been resolved: rtc: check if rtcreadtime was successful in rtctimerdowork If the rtcreadtime call fails,, the struct rtctime tm; may contain uninitialized data, or an illegal date/time read from the RTC hardware. When calling rtctmtoktime later...
UBUNTU-CVE-2024-56621
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Cancel RTC work during ufshcdremove Currently, RTC work is only cancelled during ufshcdwlsuspend. When ufshcd is removed in ufshcdremove, RTC work is not cancelled. Due to this, any further trigger of the RTC wor...
DEBIAN-CVE-2024-53067
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Start the RTC update work later The RTC update work involves runtime resuming the UFS controller. Hence, only start the RTC update work after runtime power management in the UFS driver has been fully initialized...
DEBIAN-CVE-2024-53053
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix another deadlock during RTC update If ufshcdrtcwork calls ufshcdrpmputsync and the pm's usagecount is 0, we will enter the runtime suspend callback. However, the runtime suspend callback will wait to flush...
UBUNTU-CVE-2024-53053
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix another deadlock during RTC update If ufshcdrtcwork calls ufshcdrpmputsync and the pm's usagecount is 0, we will enter the runtime suspend callback. However, the runtime suspend callback will wait to flush...
SUSE CVE-2022-48953
In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpiinstallfixedeventhandler enables the event automatically on success, it is incorrect to call it before the handler routine passed to it is ready to handle event...
CVE-2024-9593
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute code on t...