Alertes de sécurité

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow.

Azure Monitor Agent Elevation of Privilege Vulnerability

Bluetooth: msft: fix slab-use-after-free in msft_do_close()

btrfs: fix information leak in btrfs_ioctl_logical_to_ino()

btrfs: make sure that WRITTEN is set on all metadata blocks

crypto: iaa - Fix nr_cpus < nr_iaa case

crypto: sun8i-ce - Fix use after free in unprepare

Denial of service when trying to parse malformed POST requests in aiohttp

Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails

Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl

drm/amd: check num of link levels when update pcie param

drm/amd/display: Skip on writeback when it's not applicable

Dynamics 365 Customer Insights Spoofing Vulnerability

Dynamics 365 Customer Insights Spoofing Vulnerability

fork: defer linking file vma until vma is fully initialized

fs/ntfs3: Fixed overflow check in mi_enum_attr()

gfs2: Fix slab-use-after-free in gfs2_qd_dealloc

GitHub: CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositories

gpiolib: cdev: fix uninitialised kfifo

gpiolib: cdev: Fix use after free in lineinfo_changed_notify

HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c.

HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called from H5G__ent_to_link in H5Glink.c).

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__ref_mem_setnull in H5Tref.c (called from H5T__conv_ref in H5Tconv.c) resulting in the corruption of the instruction pointer.

Incomplete fix for CVE-2024-1929

kprobes: Fix possible use-after-free issue on kprobe registration

ksmbd: fix potencial out-of-bounds when buffer offset is invalid

ksmbd: fix slab out of bounds write in smb_inherit_dacl()

Local Root Exploit via Configuration Dictionary

Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

Microsoft Brokering File System Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability

mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash

nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies

nscd: Stack-based buffer overflow in netgroup cache

NTFS Elevation of Privilege Vulnerability

peci: cpu: Fix use-after-free in adev_release()

powerpc/powernv: Add a null pointer check in opal_powercap_init()

rcu/nocb: Fix WARN_ON_ONCE() in the rcu_nocb_bypass_lock()

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()

smb: client: fix potential UAF in is_valid_oplock_break()

smb: client: fix potential UAF in smb2_is_network_name_deleted()

smb: client: fix potential UAF in smb2_is_valid_lease_break()

smb: client: fix use-after-free bug in cifs_debug_data_proc_show()

smb: client: fix use-after-free in smb2_query_info_compound()