5.5
CVE-2024-26903 - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a normal connection andβ¦
9.8
CVE-2024-30980 -
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page.
5.9
CVE-2024-30979 -
Cross Site Scripting vulnerability in Cyber Cafe Management System 1.0 allows a remote attacker to execute arbitrary code via the compname parameter in edit-computer-details.php.
5.5
CVE-2024-26868 - nfs: fix panic when nfs4_ff_layout_prepare_ds() fails
In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4_ff_layout_prepare_ds() fails We've been seeing the following panic in production BUG: kernel NULL pointer dereference, address: 0000000000000065 PGD 2f485f067 P4D 2f485f067 PUD 2cc5d8067 PMD 0 RIP: 0010:β¦
5.5
CVE-2024-26909 - soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on pmic_glink_altβ¦
5.5
CVE-2024-26902 - perf: RISCV: Fix panic on pmu overflow handler
In the Linux kernel, the following vulnerability has been resolved: perf: RISCV: Fix panic on pmu overflow handler (1 << idx) of int is not desired when setting bits in unsigned long overflowed_ctrs, use BIT() instead. This panic happens when running 'perf record -e branches' on sophgo sg2042. [β¦
5.5
CVE-2024-26832 - mm: zswap: fix missing folio cleanup in writeback race path
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not invalidated and recycleβ¦
4.7
CVE-2024-31463 - Ironic-image allows unauthenticated local access to Ironic API
Ironic-image is an OpenStack Ironic deployment packaged and configured by Metal3. When the reverse proxy mode is enabled by the `IRONIC_REVERSE_PROXY_SETUP` variable set to `true`, 1) HTTP basic credentials are validated on the HTTPD side in a separate container, not in the Ironic service itself anβ¦
4.7
CVE-2024-26897 - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete The ath9k_wmi_event_tasklet() used in ath9k_htc assumes that all the data structures have been fully initialised by the time it runs. However, because of β¦
5.5
CVE-2024-26919 - usb: ulpi: Fix debugfs directory leak
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpi_unregister_interface tries to remove a debugfs directory named after the ulpi device itself. This results inβ¦