15 matches found
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. The ainputsendinputevent function caches the channelcallback in a local variable and then uses it without synchronization. A concurrent closure of a channel can free or reinitialize the callback, resulting in an use-after-free...
freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event
A heap buffer use after free has been discovered in FreeRDP. ainputsendinputevent caches channelcallback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free...
freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event
A heap buffer use after free has been discovered in FreeRDP. ainputsendinputevent caches channelcallback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free...
freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event
A heap buffer use after free has been discovered in FreeRDP. ainputsendinputevent caches channelcallback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free...
SUSE CVE-2026-24678
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecamchannelwrite. This vulnerability is fixed in 3.22.0...
CVE-2026-24683
FreeRDP is a free implementation of the Remote Desktop Protocol. ainputsendinputevent caches channelcallback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free. Prior to 3.22.0, This...
CVE-2026-24683
FreeRDP vulnerability CVE-2026-24683 affects the FreeRDP Remote Desktop Protocol implementation where ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization. A concurrent channel close can free or reinitialize the callback, leading to a use-a...
FreeRDP 资源管理错误漏洞
FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.22.0 contained a resource management vulnerability. This vulnerability stemmed from the use of ainputsendinputevent to cache channelcallback in local variables, which...
SUSE CVE-2024-55916
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet If the KVP or VSS daemon starts before the VMBus channel's ringbuffer is fully initialized, we can hit the panic below: hvutils: Registering HyperV Utility Drive...
CVE-2024-55916 Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet If the KVP or VSS daemon starts before the VMBus channel's ringbuffer is fully initialized, we can hit the panic below: hvutils: Registering HyperV Utility Drive...
CVE-2024-55916
The CVE-2024-55916 entry refers to a Linux kernel race where the KVP/VSS daemon may run before the VMBus ringbuffer is fully initialized. Concrete detail: a NULL pointer dereference can occur in hv_pkt_iter_first when the daemon opens / dev/vmbus/hv_kvp and registers before vmbus_open() completes...
CVE-2017-9059
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service resource consumption by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak...
CVE-2017-9059
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service resource consumption by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak...
CVE-2017-9059
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service resource consumption by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak...
CVE-2017-9059
The CVE-2017-9059 vulnerability affects the Linux kernel’s NFSv4 implementation (up to version 4.11.1). The root cause is an improper channel callback shutdown during unmount of an NFSv4 filesystem, described as a module reference and kernel daemon leak. Impact stated in the sources is a local de...