主题
-
OS X update for AVEVideoEncoder (CVE-2023-40390) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
-
OS X update for Bluetooth (CVE-2023-42974) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 10/31/2024 Description Deprecated Solution(s)
-
Gentoo Linux: CVE-2023-42950: WebKitGTK+: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 07/09/2024 Added 07/09/2024 Modified 01/28/2025 Description A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution. Solution(s) gentoo-linux-upgrade-net-libs-webkit-gtk References https://attackerkb.com/topics/cve-2023-42950 CVE - 2023-42950 202407-13
-
OS X update for IOKit (CVE-2023-42950) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
-
OS X update for IOUSBDeviceFamily (CVE-2023-42956) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
-
OS X update for IOKit (CVE-2023-42974) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 10/31/2024 Description Deprecated Solution(s)
-
OS X update for Accessibility (CVE-2023-40390) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/28/2024 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)
-
Ubuntu: (Multiple Advisories) (CVE-2023-52629): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/29/2024 Created 08/23/2024 Added 08/22/2024 Modified 01/23/2025 Description In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The original code puts flush_work() before timer_shutdown_sync() in switch_drv_remove(). Although we use flush_work() to stop the worker, it could be rescheduled in switch_timer(). As a result, a use-after-free bug can occur. The details are shown below: (cpu 0)|(cpu 1) switch_drv_remove()| flush_wo…
-
Debian: CVE-2024-3094: xz-utils -- Embedded Malicious Code Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/29/2024 Created 04/02/2024 Added 04/01/2024 Modified 04/02/2024 Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data int…
-
Alpine Linux: CVE-2024-3094: Vulnerability in Multiple Components Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/29/2024 Created 04/02/2024 Added 04/01/2024 Modified 10/02/2024 Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the dat…
-
Red Hat: CVE-2024-3094: xz: Embedded Malicious Code Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/29/2024 Created 04/02/2024 Added 04/01/2024 Modified 04/15/2024 Description Deprecated Solution(s)
-
Oracle Linux: (CVE-2024-3094): xz: Embedded Malicious Code Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/29/2024 Created 04/02/2024 Added 04/01/2024 Modified 04/15/2024 Description Deprecated Solution(s)
-
macOS: CVE-2024-3094: xz: Embedded Malicious Code Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/29/2024 Created 04/04/2024 Added 04/03/2024 Modified 04/05/2024 Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction w…
-
SUSE: CVE-2024-3094: xz: Embedded Malicious Code Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/29/2024 Created 04/02/2024 Added 04/01/2024 Modified 04/02/2024 Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction wi…
-
Ubuntu: (CVE-2024-3094): xz-utils: Embedded Malicious Code Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/29/2024 Created 04/02/2024 Added 04/01/2024 Modified 04/02/2024 Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data int…
-
Huawei EulerOS: CVE-2024-26668: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/02/2024 Created 07/17/2024 Added 07/17/2024 Modified 01/13/2025 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its better to reject this rather than having incorrect ratelimit. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_…
-
IBM WebSphere Application Server: CVE-2023-50313: IBM WebSphere Application Servercould provide weaker than expected security (CVE-2023-50313) Severity 6 CVSS (AV:A/AC:L/Au:N/C:C/I:N/A:N) Published 04/02/2024 Created 04/22/2024 Added 04/22/2024 Modified 01/28/2025 Description IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration.IBM X-Force ID:274812. Solution(s) ibm-was-install-8-5-0-0-ph61385 ibm-was-install-9-0-0-0-ph61385 ibm-was-upgrade-8-5-0-0-8-5-5-26 ibm-was-upgrade-9-0-0-0-9-0-5-20 References https://…
-
Debian: CVE-2024-26668: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/02/2024 Created 07/31/2024 Added 07/30/2024 Modified 07/30/2024 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its better to reject this rather than having incorrect ratelimit. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2024-26668 CVE - 2024-2666…
-
Debian: CVE-2024-26681: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/02/2024 Created 07/31/2024 Added 07/30/2024 Modified 07/30/2024 Description In the Linux kernel, the following vulnerability has been resolved: netdevsim: avoid potential loop in nsim_dev_trap_report_work() Many syzbot reports include the following trace [1] If nsim_dev_trap_report_work() can not grab the mutex, it should rearm itself at least one jiffie later. [1] Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 32383 Comm: kworker/0:2 Not tainted 6.8.0-rc2-syzkaller-00031-g861c0981648f #0 Hardware name: Google Googl…
-
Debian: CVE-2024-26680: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/02/2024 Created 07/31/2024 Added 07/30/2024 Modified 07/30/2024 Description In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc() maps extra AQ_CFG_RXDS_DEF bytes for PTP HWTS ring but then generic aq_ring_free() does not take this into account. Create and use a specific function to free HWTS ring to fix this issue. Trace: [215.351607] ------------[ cut here ]------------ [215.351612] DMA-API: atlantic 0000:4b:00.0: device driver frees DMA memor…
-
Huawei EulerOS: CVE-2024-26663: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/02/2024 Created 06/26/2024 Added 06/26/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() syzbot reported the following general protection fault [1]: general protection fault, probably for non-canonical address 0xdffffc0000000010: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000080-0x0000000000000087] ... RIP: 0010:tipc_udp_is_known_peer+0x9c/0x250 net/tipc/udp_media.c:291 ... Call Trace…
-
Debian: CVE-2024-26667: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/02/2024 Created 07/31/2024 Added 07/30/2024 Modified 07/30/2024 Description In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup The commit 8b45a26f2ba9 ("drm/msm/dpu: reserve cdm blocks for writeback in case of YUV output") introduced a smatch warning about another conditional block in dpu_encoder_helper_phys_cleanup() which had assumed hw_pp will always be valid which may not necessarily be true. Lets fix the other conditional block by making sure hw_pp …
-
Huawei EulerOS: CVE-2024-26661: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/02/2024 Created 06/26/2024 Added 06/26/2024 Modified 11/11/2024 Description In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg is not NULL. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists hu…
-
Debian: CVE-2024-26664: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/02/2024 Created 05/08/2024 Added 05/08/2024 Modified 07/03/2024 Description In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2024-26664 CVE - 2024-26664 DSA-5681-1
-
SUSE: CVE-2024-26674: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/02/2024 Created 06/24/2024 Added 06/24/2024 Modified 08/28/2024 Description In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups During memory error injection test on kernels >= v6.4, the kernel panics like below. However, this issue couldn't be reproduced on kernels <= v6.3. mce: [Hardware Error]: CPU 296: Machine Check Exception: f Bank 1: bd80000000100134 mce: [Hardware Error]: RIP 10:<ffffffff821b9776> {__get_user_nocheck_4+0x6/0x20} mce: [Har…
文件
-
-
- 5 资源中心
-
- 28 资源中心
-
- 9 资源中心
-
- 3 资源中心
-
- 27 资源中心
-
- 4 资源中心
-
- 2 资源中心
-
- 6 资源中心
-
- 43 资源中心
-
- 13 资源中心
-
- 7 资源中心
