AZL-43354 CVE-2024-36968 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2capleflowctlinit l2capleflowctlinit can cause both div-by-zero and an integer overflow since hdev-lemtu may not fall in the valid range. Move MTU from hcidev to hciconn to validate MTU and...

CVE-2024-4009

Replay Attack in ABB, Busch-Jaeger, FTS Display version 1.00 and BCU version 1.3.0.33 allows attacker to capture/replay KNX telegram to local KNX Bus-System...

SUSE CVE-2024-36844

libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx-backend pointer. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message sent to the unit-test-server...

PT-2024-19840 · Lpac · Lpac

Name of the Vulnerable Software and Affected Versions: LPAC affected versions not specified Description: The issue involves memory corruption that occurs when creating an LPAC client, as the LPAC engine is allowed to access GPU registers. This results in a memory corruption problem...

[SECURITY] Fedora 39 Update: rust-zram-generator-1.1.2-11.fc39

This is a systemd unit generator that enables swap on zram. With zram, there is no physical swap device. Part of the available RAM is used to store compressed pages, essentially trading CPU cycles for memory. To activate, install zram-generator-defaults subpackage...

[SECURITY] Fedora 39 Update: rust-cpc-1.9.3-3.fc39

Evaluates math expressions, with support for units and conversion between units...

SUSE CVE-2024-36019

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fix cache corruption in regcachemapledrop When keeping the upper end of a cache block entry, the entry array must be indexed by the offset from the base register of the block, i.e. max - mas.index. The code was...

DEBIAN-CVE-2024-36844

libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx-backend pointer. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message sent to the unit-test-server...

DEBIAN-CVE-2024-36845

An invalid pointer in the modbusreceive function of libmodbus v3.1.6 allows attackers to cause a Denial of Service DoS via a crafted message sent to the unit-test-server...

CVE-2024-36844

libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx-backend pointer. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message sent to the unit-test-server...

CVE-2024-36845

An invalid pointer in the modbusreceive function of libmodbus v3.1.6 allows attackers to cause a Denial of Service DoS via a crafted message sent to the unit-test-server...

UBUNTU-CVE-2024-36845

An invalid pointer in the modbusreceive function of libmodbus v3.1.6 allows attackers to cause a Denial of Service DoS via a crafted message sent to the unit-test-server...

CVE-2024-36844

libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx-backend pointer. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message sent to the unit-test-server...

CVE-2024-36845

An invalid pointer in the modbusreceive function of libmodbus v3.1.6 allows attackers to cause a Denial of Service DoS via a crafted message sent to the unit-test-server...

CVE-2024-36844

libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx-backend pointer. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message sent to the unit-test-server...

SUSE CVE-2024-34161

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory...

SUSE CVE-2024-36016

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix possible out-of-bounds in gsm0receive Assuming the following: - side A configures the ngsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - side A switches to advance...

The vulnerability of the decode_deliver_report() function in the OFono mobile phone stack allows a hacker to execute arbitrary code.

The vulnerability of the decodedeliverreport function in the OFono mobile phone stack is related to the execution of an operation outside the buffer in memory when sending SMS messages in the PDU format. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the GPU-based terminal emulator protocol implementation, related to the lack of measures taken to clean data at the control level, allows a perpetrator to execute arbitrary code.

The vulnerability of the GPU-based terminal emulator protocol implementation is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially crafted requests within the filename variable...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a random hang in S4 in the drm/amd/pm module SMU v13.0.4/11...