AMD NPU driver 输入验证错误漏洞

AMD NPU driver is a driver for an NPU module from UltraMicroelectronics AMD. A security vulnerability exists in AMD NPU driver that stems from incorrect user input validation. An attacker exploiting the vulnerability could supply an unexpectedly sized buffer, which could cause a system crash...

PT-2024-34550 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: Open 5GS version 2.7.1 Description: The issue allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, during the Packet...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper CPU buffer clearing on NMI return...

Online Shopping Portal html_table.php File Cross-Site Scripting Vulnerability

Online Shopping Portal is an online store system. Online Shopping Portal suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the scripts parameter of file...

Online Shopping Portal dymanic_table.php File Cross-Site Scripting Vulnerability

Online Shopping Portal is an online store system. Online Shopping Portal suffers from a cross-site scripting vulnerability that stems from a lack of valid filtering and escaping of user-supplied data in the scripts parameter of file...

CVE-2024-10919

A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cov/triggerUnitCover. The manipulation of the argument uuid leads to os command injection. The attack can be launched remotely. The exploit h...

USN-7088-3 linux-aws-5.4, linux-oracle-5.4 vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36402 Several security issues were discovered in the Linux kernel. An attacker could...

UBUNTU-CVE-2024-50113

In the Linux kernel, the following vulnerability has been resolved: firewire: core: fix invalid port index for parent device In a commit 24b7f8e5cd65 "firewire: core: use helper functions for self ID sequence", the enumeration over self ID sequence was refactored with some helper functions with...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when handling GPU page table switches...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when processing voice packets received from an ADSP containing arbitrary data...

PT-2025-2867 · Qualcomm · Snapdragon +22

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption that occurs when reading CPU state data during the suspension of a guest virtual machine. This corruption happens...

OESA-2024-2324 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is...

CVE-2024-0106

NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit DPU contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information...

UBUNTU-CVE-2024-50083

In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: requestsocksubflowv4: Possible SYN flooding on port :::20002. Sending cookies. ------------ cut here ------------ WARNING:...

The vulnerability of the mmu component in the Linux operating system allows attackers to increase their privileges.

The vulnerability of the mmu component in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...

AZL-51210 CVE-2024-50045 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: fix panic with metadatadst skb Fix a kernel panic in the brnetfilter module when sending untagged traffic via a VxLAN device. This happens during the check for fragmentation in brnfdevqueuexmit. It is...

DEBIAN-CVE-2022-48991

In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Any codepath that zaps page table entries must invoke MMU notifiers to ensure that secondary MMUs like KVM don't keep accessing pages which aren't mapped anymore...

UBUNTU-CVE-2022-48991

In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Any codepath that zaps page table entries must invoke MMU notifiers to ensure that secondary MMUs like KVM don't keep accessing pages which aren't mapped anymore...

DEBIAN-CVE-2024-49901

In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Assign msmgpu-pdev earlier to avoid nullptrs There are some cases, such as the one uncovered by Commit 46d4efcccc68 "drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails" where msmgpucleanup :...

SUSE CVE-2024-47719

In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN overflows which corrupts the selected area range during...