Sicherheitswarnungen

9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.

accel/habanalabs: support mapping cb with vmalloc-backed coherent memory

af_unix: Fix null-ptr-deref in unix_stream_sendpage().

af_unix: Fix null-ptr-deref in unix_stream_sendpage().

ALSA: dice: fix buffer overflow in detect_stream_formats()

ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events

ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi()

ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd

ALSA: usb-audio: Fix potential overflow of PCM transfer buffer

ALSA: wavefront: Fix integer overflow in sample size validation

amd/amdkfd: enhance kfd process check in switch partition

amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw

Apache HTTP Server: CGI environment variable override

Apache HTTP Server: mod_md (ACME), unintended retry intervals

Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo

Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF

Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

Application Information Service Elevation of Privilege Vulnerability

arm64: mte: Do not warn if the page is already tagged in copy_highpage()

arrayLimit bypass in bracket notation allows DoS via memory exhaustion

ASoC: Intel: avs: Do not share the name pointer between components

ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list

atm/fore200e: Fix possible data race in fore200e_open()

Azure Container Apps Remote Code Execution Vulnerability

Azure Cosmos DB Spoofing Vulnerability

Azure Monitor Agent Remote Code Execution Vulnerability

be2net: pass wrb_params in case of OS2BMC

bfs: Reconstruct file type when loading from disk

binfmt_misc: restore write access before closing files opened by open_exec()

Bluetooth: 6lowpan: reset link-local header on ipv6 recv path

Bluetooth: bcsp: receive data only if registered

Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF

Bluetooth: hci_core: lookup hci_conn on RX path on protocol side

Bluetooth: hci_event: validate skb length for unknown CC opcode

Bluetooth: MGMT: cancel mesh send timer when hdev removed

Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern()

Bluetooth: SCO: Fix UAF on sco_conn_free

bpf: Check skb->transport_header is set in bpf_skb_check_mtu

bpf: Do not let BPF test infra emit invalid GSO types to stack

bpf: Fix invalid prog->stats access when update_effective_progs fails

bpf: Fix stackmap overflow check in __bpf_get_stackid()

bpf: Free special fields when update [lru_,]percpu_hash maps

bpf: Sync pending IRQ work before freeing ring buffer

btrfs: ensure no dirty metadata is written back for an fs with errors

btrfs: fix racy bitfield write in btrfs_clear_space_info_full()

c-ares has a Use After Free vulnerability when connection is cleaned up after error

can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data

can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header

can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs