126 matches found
WordPress While Loading plugin <= 3.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin While Loading versions = 3.0...
CVE-2024-46678
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...
CVE-2024-46678
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...
AZL-49590 CVE-2024-46678 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...
UBUNTU-CVE-2024-46678
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...
CVE-2024-46678 bonding: change ipsec_lock from spin lock to mutex
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...
CVE-2024-46678
CVE-2024-46678 affects the Linux kernel bonding subsystem. The root cause was ipsec_lock being a spin lock used to protect ipsec_list, but bond’s xfrm operations may sleep, triggering scheduling-while-atomic. The patch changes bond->ipsec_lock from a spin lock to a mutex, ensuring xdo_dev_stat...
CVE-2024-46678 bonding: change ipsec_lock from spin lock to mutex
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipseclock from spin lock to mutex In the cited commit, bond-ipseclock is added to protect ipseclist, hence xdodevstateadd and xdodevstatedelete are called inside this lock. As ipseclock is a spin lock and such...
CVE-2024-40655
In bindAndGetCallIdentification of CallScreeningServiceHelper.java, there is a possible way to maintain a while-in-use permission in the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
SUSE CVE-2024-42290
In the Linux kernel, the following vulnerability has been resolved: irqchip/imx-irqsteer: Handle runtime power management correctly The power domain is automatically activated from clkprepare. However, on certain platforms like i.MX8QM and i.MX8QXP, the power-on handling invokes sleeping function...
CVE-2024-42290
In the Linux kernel, the following vulnerability has been resolved: irqchip/imx-irqsteer: Handle runtime power management correctly The power domain is automatically activated from clkprepare. However, on certain platforms like i.MX8QM and i.MX8QXP, the power-on handling invokes sleeping function...
CVE-2024-42290
In the Linux kernel, the following vulnerability has been resolved: irqchip/imx-irqsteer: Handle runtime power management correctly The power domain is automatically activated from clkprepare. However, on certain platforms like i.MX8QM and i.MX8QXP, the power-on handling invokes sleeping function...
CVE-2024-42290
In the Linux kernel, the following vulnerability has been resolved: irqchip/imx-irqsteer: Handle runtime power management correctly The power domain is automatically activated from clkprepare. However, on certain platforms like i.MX8QM and i.MX8QXP, the power-on handling invokes sleeping function...
CVE-2024-42290 irqchip/imx-irqsteer: Handle runtime power management correctly
In the Linux kernel, the following vulnerability has been resolved: irqchip/imx-irqsteer: Handle runtime power management correctly The power domain is automatically activated from clkprepare. However, on certain platforms like i.MX8QM and i.MX8QXP, the power-on handling invokes sleeping function...
RHEL 8 : git (RHSA-2024:4579)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4579 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...
CVE-2021-47454
In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPTCOUNT=y, when a CPU is offlined and then onlined again, we get: BUG: scheduling while atomic: swapper/1/0/0x00000000 no locks held by swapper/1/0...
CVE-2024-35952
In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fix soft lockup There is a while-loop in astdpsetonoff that could lead to infinite-loop. This is because the register, VGACRI-Dx, checked in this API is a scratch register actually controlled by a MCU, named DPMCU, in BM...
CVE-2024-35952
In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fix soft lockup There is a while-loop in astdpsetonoff that could lead to infinite-loop. This is because the register, VGACRI-Dx, checked in this API is a scratch register actually controlled by a MCU, named DPMCU, in BM...
CVE-2024-35952
CVE-2024-35952 concerns the Linux kernel: a hard-to-reproduce soft-lockup was caused by a loop in ast_dp_set_on_off() that could infinite-loop because VGACRI-Dx scratch registers—actually MCU-controlled by DPMCU in the BMC—are protected by scu-lock. If scu-lock is enabled, DPMCU cannot update the...
CVE-2024-35952 drm/ast: Fix soft lockup
In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fix soft lockup There is a while-loop in astdpsetonoff that could lead to infinite-loop. This is because the register, VGACRI-Dx, checked in this API is a scratch register actually controlled by a MCU, named DPMCU, in BM...