tomcat: Improper Handling of Exceptional Conditions

A vulnerability was found in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This issue led to a miscounting of active HTTP/2 streams, which in turn led to using an incorrect infinite timeout that allowed connections to remain...

tomcat: Improper Handling of Exceptional Conditions

A vulnerability was found in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This issue led to a miscounting of active HTTP/2 streams, which in turn led to using an incorrect infinite timeout that allowed connections to remain...

SUSE CVE-2024-42123

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix double free erraddr pointer warnings In amdgpuumcbadpagepollingtimeout, the amdgpuumchandlebadpages will be run many times so that double free erraddr in some special case. So set the erraddr to NULL to avoid the...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer CVE-2022-48627 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-526...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer CVE-2022-48627 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-526...

openssh: Possible remote code execution due to a race condition in signal handling affecting Red Hat Enterprise Linux 9

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server sshd. If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not...

DEBIAN-CVE-2024-42153

In the Linux kernel, the following vulnerability has been resolved: i2c: pnx: Fix potential deadlock warning from deltimersync call in isr When deltimersync is called in an interrupt context it throws a warning because of potential deadlock. The timer is used only to exit from waitforcompletion...

AZL-48111 CVE-2024-42123 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix double free erraddr pointer warnings In amdgpuumcbadpagepollingtimeout, the amdgpuumchandlebadpages will be run many times so that double free erraddr in some special case. So set the erraddr to NULL to avoid the...

DEBIAN-CVE-2024-42123

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix double free erraddr pointer warnings In amdgpuumcbadpagepollingtimeout, the amdgpuumchandlebadpages will be run many times so that double free erraddr in some special case. So set the erraddr to NULL to avoid the...

UBUNTU-CVE-2024-42145

In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ibumad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extract packets from this...

CVE-2024-42145 IB/core: Implement a limit on UMAD receive List

In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ibumad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extract packets from this...

CVE-2024-42095

In the Linux kernel, the following vulnerability has been resolved: serial: 8250omap: Implementation of Errata i2310 As per Errata i23100, Erroneous timeout can be triggered, if this Erroneous interrupt is not cleared then it may leads to storm of interrupts, therefore apply Errata i2310 solution...

CVE-2024-42095

In the Linux kernel, the following vulnerability has been resolved: serial: 8250omap: Implementation of Errata i2310 As per Errata i23100, Erroneous timeout can be triggered, if this Erroneous interrupt is not cleared then it may leads to storm of interrupts, therefore apply Errata i2310 solution...

CVE-2024-42095 serial: 8250_omap: Implementation of Errata i2310

In the Linux kernel, the following vulnerability has been resolved: serial: 8250omap: Implementation of Errata i2310 As per Errata i23100, Erroneous timeout can be triggered, if this Erroneous interrupt is not cleared then it may leads to storm of interrupts, therefore apply Errata i2310 solution...

CVE-2024-42095 serial: 8250_omap: Implementation of Errata i2310

In the Linux kernel, the following vulnerability has been resolved: serial: 8250omap: Implementation of Errata i2310 As per Errata i23100, Erroneous timeout can be triggered, if this Erroneous interrupt is not cleared then it may leads to storm of interrupts, therefore apply Errata i2310 solution...

AZL-68343 CVE-2024-41082 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...

AZL-48993 CVE-2024-41066 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Add tx check to prevent skb leak Below is a summary of how the driver stores a reference to an skb during transmit: txbufffreemapconsumerindex-skb = newskb; freemapconsumerindex = IBMVNICINVALIDMAP; consumerindex ++; Whe...

CVE-2024-41082 nvme-fabrics: use reserved tag for reg read/write command

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that under certain circumstances, the nvme command may exhaust all of adminq's labels if it issues...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from According to Errata i2310, an erroneous timeout may be triggered, which could lead to an interrupt storm if...