Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option.

gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in  https://github.com/grpc/grpc/pull/32309 https://www.google.com/url

qt5-script: ошибка сборки на LoongArch

Rejected reason: We issued this CVE pre-maturely, as we have subsequently realized that this issue points out a problem that there really is no safe measures around or protections for.

Добавить в phosh.service Alias=display-manager.service

Уязвимость подсистемы проверки разрешений Bluetooth ядра операционной системы Linux, позволяющая нарушителю выполнять произвольные команды

Уязвимость модуля ksmbd ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код

Уязвимость модуля ksmbd ядра операционных систем Linux, позволяющая нарушителю оказать влияние на целостность, доступность и конфиденциальность защищаемой информации и выполнить произвольный код

Уязвимость функции gfs2_evict_inode() в модуле fs/gfs2/super.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость реализации файловой системы relayfs ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или раскрыть защищаемую информацию

Уязвимость функции nft_set_lookup_global() подсистемы Netfilter ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии и вызвать отказ в обслуживании

Уязвимость подсистемы Netfilter ядра операционных систем Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Уязвимость драйвера IPVLAN ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии

Уязвимость функции io_poll_update() в модуле io_uring/io_uring.c ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии

Уязвимость функции read_descriptors() в модуле drivers/usb/core/sysfs.c драйвера USB ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость функции udf_close_lvid() в модуле fs/udf/super.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на доступность защищаемой информации

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled. We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.

Rejected reason: Duplicate of CVE-2023-3390.

A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.

An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and 0e388fce7aec40992eadee654193cad345d62663 for 5.15 stable).

A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.

An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.

An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udf_put_super and udf_close_lvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective about this.

Пакет падает при открытии ipynb-файлов