6109 matches found
CVE-2024-47752
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning Fix a smatch static checker warning on vdech264reqif.c. Which leads to a kernel crash when fb is NULL...
CVE-2024-47753
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning Fix a smatch static checker warning on vdecvp8reqif.c. Which leads to a kernel crash when fb is NULL...
CVE-2024-47752
CVE-2024-47752 concerns the Linux kernel media/vcodec/mediatek H264 stateless decoder. The provided description states that a smatch static checker warning in vdec_h264_req_if.c led to a kernel crash when the framebuffer pointer (fb) was NULL. The vulnerability is within the Mediatek vcodec path ...
CVE-2024-47753
CVE-2024-47753 affects the Linux kernel media/mediatek/vcodec VP8 stateless decoder. The issue stems from a smatch static checker warning in vdec_vp8_req_if.c that can cause a kernel crash when fb is NULL. A fix was applied to resolve the smatch warning and prevent the NULL framebuffer crash; ref...
CVE-2024-47753 media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning Fix a smatch static checker warning on vdecvp8reqif.c. Which leads to a kernel crash when fb is NULL...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a smatch warning in the VP8 stateless decoder by the mediatek vcodec driver...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a smatch warning for the H264 stateless decoder in the media:mediatek:vcodec subsystem...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a smatch warning in the H264 multi-state stateless decoder by the mediatek vcodec driver...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
Important: containernetworking-plugins security update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
CVE-2024-20093
In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1699...
PT-2024-18580 · Mediatek · Mediatek
Name of the Vulnerable Software and Affected Versions: MediaTek products affected versions not specified Description: The issue is related to a possible out of bounds read in vdec due to a missing bounds check, which could lead to local information disclosure with System execution privileges...
BIT-PYTHON-2022-45061
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...
PT-2024-9202 · Libjxl +5 · Libjxl +5
Name of the Vulnerable Software and Affected Versions: LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99 libjpeg affected versions not specified libmozjs-115-0-115.15.0-4.1 libmozjs-128-0-128.5.1-3.1 libjxl-devel-0.11.1-1.1 qt6-webengine Description: An out-of-bounds...
PT-2024-8851
Name of the Vulnerable Software and Affected Versions libjxl libjxl-devel-0.11.1-1.1 libmozjs-115-0-115.15.0-4.1 libmozjs-128-0-128.5.1-3.1 jpeg-xl affected versions not specified Description A stack buffer overflow exists in the libjxl library's JPEG XL decoder. A specially crafted file can caus...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
grafana-pcp security update
An update is available for grafana-pcp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Grafana plugin for Performance Co-Pilot includes datasources for...