121 matches found
EUVD-2018-17849
Malware in sbrugna...
EUVD-2018-17881
Malware in sbrugna...
EUVD-2024-45139
Malicious code in bioql PyPI...
CVE-2025-22126
CVE-2025-22126 affects the Linux kernel md subsystem: a use-after-free can occur when iterating the mddev list during reboot/exit due to racing with deletions. The fix switches to list_for_each_entry and introduces a mddev_put_locked helper to prevent freeing the active mddev under the lock. Affe...
CVE-2024-50086
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...
CVE-2024-50086 ksmbd: fix user-after-free from session log off
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...
CVE-2024-50086 ksmbd: fix user-after-free from session log off
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...
CVE-2024-50086
Summary of findings (CVE-2024-50086): In the Linux kernel, the ksmbd component had a race between SMB2 session log off and SMB2 session setup that could lead to a user-after-free. The patch introduces a session_lock when SMB2_SESSION_EXPIRED is set and makes the session’s reference count apply to...
CVE-2024-50086
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...
CVE-2024-50086 ksmbd: fix user-after-free from session log off
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...
CVE-2024-47741 btrfs: fix race setting file private on concurrent lseek using same fd
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race setting file private on concurrent lseek using same fd When doing concurrent lseek2 system calls against the same file descriptor, using multiple threads belonging to the same process, we have a short time window...
CVE-2023-52913
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential context UAFs gemcontextregister makes the context visible to userspace, and which point a separate thread can trigger the I915GEMCONTEXTDESTROY ioctl. So we need to ensure that nothing uses the ctx ptr aft...
Moderate: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
CVE-2021-47614
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in addpbleprm When irdmahmcsdone fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of the SD in irdmahmcsdone...
CVE-2021-47614
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in addpbleprm When irdmahmcsdone fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of the SD in irdmahmcsdone...
CVE-2021-47614 RDMA/irdma: Fix a user-after-free in add_pble_prm
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in addpbleprm When irdmahmcsdone fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of the SD in irdmahmcsdone...
CVE-2021-47614
CVE-2021-47614 affects the Linux kernel RDMA/irdma subsystem. The issue is a use-after-free in add_pble_prm where the ‘chunk’ was freed while it remained on the PBLE info list if irdma_hmc_sd_one failed. The fix defers adding the PBLE entry until after successful SD setting in irdma_hmc_sd_one, p...
CVE-2021-47614 RDMA/irdma: Fix a user-after-free in add_pble_prm
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in addpbleprm When irdmahmcsdone fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of the SD in irdmahmcsdone...
tigervnc security update
1.13.1-10 - Drop patches that are already part of xorg-x11-server Resolves: RHEL-30755 Resolves: RHEL-30767 Resolves: RHEL-30761 1.13.1-9 - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents Resolves: RHEL-30755 - Fix CVE-2024-31083 tigervnc...
RLSA-2024:2616 Important: tigervnc security update
Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...