CVE-2024-45019 net/mlx5e: Take state lock during tx timeout reporter

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take state lock during tx timeout reporter mlx5esafereopenchannels requires the state lock taken. The referenced changed in the Fixes tag removed the lock to fix another issue. This patch adds it back but at a later...

CVE-2024-45019 net/mlx5e: Take state lock during tx timeout reporter

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take state lock during tx timeout reporter mlx5esafereopenchannels requires the state lock taken. The referenced changed in the Fixes tag removed the lock to fix another issue. This patch adds it back but at a later...

CVE-2024-45019

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take state lock during tx timeout reporter mlx5esafereopenchannels requires the state lock taken. The referenced changed in the Fixes tag removed the lock to fix another issue. This patch adds it back but at a later...

CVE-2023-28827

A vulnerability has been identified in SIMATIC CP 1242-7 V2 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 IEC incl. SIPLUS variants All versions V3.5.20...

CVE-2023-28827

The CVE-2023-28827 issue is a NULL pointer dereference in the web server of Siemens devices (e.g., SIMATIC CP 1242-7 V2, CP 1243-1/7/8, HMI Comfort Panels, IPC DiagBase/DiagMonitor, WinCC Runtime Advanced, SIPLUS TIM 1531 IRC, TIM 1531 IRC) and related SIPLUS/TIM variants. The vulnerability arise...

PT-2024-7668 · Siemens · Simatic Cp 1242-7 V2 +11

Name of the Vulnerable Software and Affected Versions: SIMATIC CP 1242-7 V2 incl. SIPLUS variants versions prior to V3.5.20 SIMATIC CP 1243-1 incl. SIPLUS variants versions prior to V3.5.20 SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants versions prior to V3.5.20 SIMATIC CP 1243-1 IEC incl. SIPLUS...

CLSA-2024-1725876080 kernel: Fix of 44 CVEs

dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist CVE-2024-40956 - userfaultfd: fix a race between writeprotect and exitmmap CVE-2021-47461 - netfilter: nftables: use timestamp to check for set element timeout CVE-2024-27397 - x86/sev: Harden VC instruction emulation somewhat...

Server-Side Request Forgery in federated sharing API - ownCloud

Server-Side Request Forgery in federated sharing API may allow an unauthenticated attacker to identify internal servers. Furthermore, due to improper timeout handling, the server could be affected by a Denial of Service attack...

Cambium CnPilot R200/r201 Login Scanner And Config Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium cnPilot r200/r201 Login Scanner and Config Dump', 'Description' = % This module scans for Cambium cnPilot r200/r201 management login...

SevOne Network Performance Management Application Brute Force Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SevOne Network Performance Management Application Brute Force Login Utility', 'Description' = % This module scans for SevOne Network Performance...

IBM Lotus Notes Sametime User Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'enumerable' class MetasploitModule 'IBM Lotus Notes Sametime User Enumeration', 'Description' = %q This module extracts usernames using the IBM Lotus Notes...

AlienVault Authenticated SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.6.1 and below is susceptible to an authenticated SQL...

Failed to collect disk files location data. Timeout exceeded.

Challenge A Backup from Storage Snapshot BfSS job in Veeam Backup & Replication VBR for a vSphere virtual machine VM fails with the error: Failed to collect disk files location data. Timeout exceeded. Cause This error is displayed when the disk file location collection task, Map Disk Region, with...

SUSE CVE-2022-48906

In the Linux kernel, the following vulnerability has been resolved: mptcp: Correctly set DATAFIN timeout when number of retransmits is large Syzkaller with UBSAN uncovered a scenario where a large number of DATAFIN retransmits caused a shift-out-of-bounds in the DATAFIN timeout calculation:...

DEBIAN-CVE-2022-48906

In the Linux kernel, the following vulnerability has been resolved: mptcp: Correctly set DATAFIN timeout when number of retransmits is large Syzkaller with UBSAN uncovered a scenario where a large number of DATAFIN retransmits caused a shift-out-of-bounds in the DATAFIN timeout calculation:...

CVE-2022-48906

In the Linux kernel, the following vulnerability has been resolved: mptcp: Correctly set DATAFIN timeout when number of retransmits is large Syzkaller with UBSAN uncovered a scenario where a large number of DATAFIN retransmits caused a shift-out-of-bounds in the DATAFIN timeout calculation:...

CVE-2022-48906

In the Linux kernel, the following vulnerability has been resolved: mptcp: Correctly set DATAFIN timeout when number of retransmits is large Syzkaller with UBSAN uncovered a scenario where a large number of DATAFIN retransmits caused a shift-out-of-bounds in the DATAFIN timeout calculation:...

UBUNTU-CVE-2022-48906

In the Linux kernel, the following vulnerability has been resolved: mptcp: Correctly set DATAFIN timeout when number of retransmits is large Syzkaller with UBSAN uncovered a scenario where a large number of DATAFIN retransmits caused a shift-out-of-bounds in the DATAFIN timeout calculation:...

CVE-2022-48906 mptcp: Correctly set DATA_FIN timeout when number of retransmits is large

In the Linux kernel, the following vulnerability has been resolved: mptcp: Correctly set DATAFIN timeout when number of retransmits is large Syzkaller with UBSAN uncovered a scenario where a large number of DATAFIN retransmits caused a shift-out-of-bounds in the DATAFIN timeout calculation:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly set a timeout during a large number of DATAFIN retransmissions, resulting in a...