CVE-2024-57998

In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in readfreq Pass the freq index to the assert function to make sure we do not read a freq out of the opp-rates table when called from the indexed variants:...

CVE-2024-57998

The CVE-2024-57998 issue affects the Linux kernel OPP (Operating Performance Points) subsystem. The vulnerability arises from a lack of proper index validation when reading the opp->rates[] table in _read_freq(), which could lead to a buffered read overflow. The patch adds an index parameter t...

CLSA-2025-1740470259 Fix CVE(s): CVE-2025-0395

SECURITY UPDATE: insufficient space allocation in assert function leading to buffer overflow - debian/patches/any/CVE-2025-0395.patch: Fix underallocation of abortmsgs struct to store the length of the message string - CVE-2025-0395...

CLSA-2025-1740230107 Fix CVE(s): CVE-2025-0395

SECURITY UPDATE: insufficient space allocation in assert function leading to buffer overflow - debian/patches/any/CVE-2025-0395.patch: Fix underallocation of abortmsgs struct to store the length of the message string - CVE-2025-0395...

USN-7259-3 eglibc vulnerability

USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this issue to cause a...

USN-7259-2 glibc vulnerability

USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this issue to cause a...

USN-7259-1: GNU C Library vulnerability

It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

MGASA-2025-0026 Updated glibc packages fix security vulnerability

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. CVE-2025-0395...

CVE-2025-0395

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...

CVE-2025-0395

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...

PT-2025-3866

Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.13 through 2.40 Description The issue is related to the assert function in the GNU C Library, which fails to allocate sufficient space for the assertion failure message string and size information. This may lead to a...

ROS-20240923-02

Vulnerability of ANGLE library in Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

The vulnerability of the BIND DNS server, related to the use of the assert() function or similar operators, allows attackers to cause a service failure.

The vulnerability of the BIND DNS server relates to the use of the assert function or similar operators. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted requests...

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird on Linux operating systems allow a perpetrator to trigger a service failure.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird on Linux operating systems is related to the use of the assert function. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the DNS BIND server, related to the lack of use of the assert() function, allows a hacker to trigger a service failure.

The vulnerability of the DNS BIND server is related to the lack of use of the assert function. Exploiting this vulnerability allows a remote attacker to cause service failures...

The vulnerability of embedded software developed by Qualcomm, related to the lack of use of the assert() function, allows a malicious actor to cause service failures.

The vulnerability of embedded software developed for Qualcomm chips lies in the lack of utilization of the assert function. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Demon Routing Protocol Daemon (rpd) in Juniper Networks’ Junos OS and Juniper Networks’ Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Demon Routing Protocol Daemon rpd in Juniper Networks’ Junos OS and Juniper Networks’ Junos OS Evolved operating systems is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow attackers to cause service interruptions...

ROS-20230420-02

A vulnerability in the iconv function of the glibc library is related to a flaw in the use of the assert function. The vulnerability allows an attacker acting remotely to cause a denial of service...

The vulnerability of the DNS BIND server, related to the lack of use of the assert() function, allows a hacker to trigger a service failure.

The vulnerability of the BIND DNS server relates to the processing of the Write Directive DS. BIND waits for this processing to complete, or until the timeout interval expires. As a result, the resumedslookup function is called, but it does not check whether the previous selection has been...

The vulnerability of the Garbage Collector component in Firefox browsers allows a hacker to trigger a service failure.

The vulnerability of the Garbage Collector component in Firefox browsers is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow a remote attacker to cause a service failure...