Lonial Con discovered that the netfilter subsystem in the Linux kernel did
not properly handle element deactivation in certain cases, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1085)
Notselwyn discovered that the netfilter subsystem in the Linux kernel did
not properly handle verdict parameters in certain cases, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1086)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Network drivers;
– PWM drivers;
(CVE-2024-26597, CVE-2024-26599)
More Stories
pgadmin4-8.6-1.fc40 python-libgravatar-1.0.4-1.fc40
FEDORA-2024-4d4ceb61f7 Packages in this update: pgadmin4-8.6-1.fc40 python-libgravatar-1.0.4-1.fc40 Update description: Update to pgadmin4-8.6 Read More
Google Chromium in Visuals Use-After-Free Vulnerability (CVE-2024-4671)
What is the Vulnerability?A new zero-day vulnerability has recently been discovered in the Visuals component of Chrome, which is responsible...
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful...
USN-6771-1: SQL parse vulnerability
It was discovered that SQL parse incorrectly handled certain nested lists. An attacker could possibly use this issue to cause...
ZDI-24-441: Delta Electronics CNCSoft-B DOPSoft Uncontrolled Search Path Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required...
ZDI-24-440: Delta Electronics InfraSuite Device Master ActiveMQ Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Authentication is...