164 matches found
UBUNTU-CVE-2024-35955
In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix possible use-after-free issue on kprobe registration When unloading a module, its state is changing MODULESTATELIVE - MODULESTATEGOING - MODULESTATEUNFORMED. Each change will take a time. ismoduletextaddress and...
CVE-2024-26976
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...
CVE-2024-26976
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...
CVE-2024-26846
In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...
CVE-2024-26846 nvme-fc: do not wait in vain when unloading module
In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...
CVE-2024-26846
In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...
Incorrect Authorization
Apache Pulsar is vulnerable to Incorrect Authorization. The vulnerability is due to improper permission checks, which allows an attacker to perform operations such as unloading topics or triggering compaction. Additionally, the vulnerability allows an authenticated user to read, create, modify, a...
April 2, 2024, update for OneNote 2016 (KB5002545)
April 2, 2024, update for OneNote 2016 KB5002545 This article discusses update 5002545 for Microsoft OneNote 2016 that was released on April 2, 2024.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to...
DEBIAN-CVE-2021-47141
In the Linux kernel, the following vulnerability has been resolved: gve: Add NULL pointer checks when freeing irqs. When freeing notification blocks, we index priv-msixvectors. If we failed to allocate priv-msixvectors see abortwithmsixvectors this could lead to a NULL pointer dereference if the...
SUSE CVE-2010-4225
Unspecified vulnerability in the modmono module for XSP in Mono 2.8.x before 2.8.2 allows remote attackers to obtain the source code for .aspx ASP.NET applications via unknown vectors related to an "unloading bug."...
SUSE CVE-2020-25632
A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of...
PT-2023-35090 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: A bug was fixed in the Linux Kernel that occurs when unloading amdgpu. The actual impact and attack plausibility of this issue have not yet been proven. Recommendations: For Linux Kernel...
PT-2023-34802 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: A bug was fixed in the Linux Kernel that occurs when unloading amdgpu. The actual impact and attack plausibility of this issue have not yet been proven. Recommendations: For Linux Kernel...
kernel: iavf: Fix adminq error handling
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavfallocasqbufs/iavfallocarqbufs allocates with dmaalloccoherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration of ASQ/ARQ registers. Witho...
PT-2025-26007 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises from the Linux kernel's KVM module not properly handling the unloading of modules, specifically when using try get module. This can lead to fatal errors, such as...
[SECURITY] Fedora 36 Update: direnv-2.32.1-1.fc36
direnv augments existing shells with a new feature that can load and unload environment variables depending on the current directory...
Memory corruption
Possible memory corruption due to improper check when application loader object is explicitly destructed while application is unloading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT...
grub2: Use-after-free in rmmod command
A flaw was found in grub2. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The...
CVE-2020-12981
An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service...
grub2: Use-after-free in rmmod command
A flaw was found in grub2. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The...