1683 matches found
CVE-2022-31146
Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will...
CVE-2022-31146
Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will...
UBUNTU-CVE-2022-31146
Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will...
Wasmtime 资源管理错误漏洞
Wasmtime, a Bytecode Consortium project, is a standalone wasm-optimized runtime for WebAssembly and WASI only. A resource management error vulnerability exists in the code generator Cranelift in Wasmtime version 0.37.0, which stems from the fact that its developers may incorrectly be missing...
GHSA-5FHJ-G3P3-PQ9G Wasmtime vulnerable to Use After Free with `externref`s
There is a bug in Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection GC. This means that if a GC happens at runtime then the collector will mistakenly think some Wasm stack frames do not have live...
CVE-2022-31146
CVE-2022-31146 affects Wasmtime (Cranelift) in the migration to the regalloc2 allocator (Wasmtime 0.37.0). The bug may cause metadata for reference-typed functions to be missing during GC, making the GC pass think there are no live references, leading to use-after-free when values are later acces...
CVE-2022-31146
Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will...
CVE-2022-31146 Use After Free in Wasmtime
Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will...
[SECURITY] Fedora 35 Update: golang-starlark-0-0.7.20210113gite81fc95.fc35
Starlark is a dialect of Python intended for use as a configuration language. Like Python, it is an untyped dynamic language with high-level data types, first-class functions with lexical scope, and garbage collection. Unlike CPython, independent Starlark threads execute in parallel, so Starlark...
June 14, 2022-KB5014630 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server, version 2016
June 14, 2022-KB5014630 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server, version 2016 Release Date: June 14, 2022 Version: .NET Framework 4.8 The June 14, 2022 update for Windows 10, version 1607 and Windows Server, version 2016 includes cumulative...
June 14, 2022-KB5013887 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 20H2, Windows Server, version 20H2, Windows 10 Version 21H1, and Windows 10 Version 21H2
June 14, 2022-KB5013887 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 20H2, Windows Server, version 20H2, Windows 10 Version 21H1, and Windows 10 Version 21H2 Release Date: June 14, 2022 Version: .NET Framework 3.5 and 4.8 The June 14, 2022 update for Windows 10, versio...
June 14, 2022-KB5013890 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2
June 14, 2022-KB5013890 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 Release Date: June 14, 2022 Version: .NET Framework 3.5 and 4.8 The June 14, 2022 update for Microsoft server operating system version 21H2 includes cumulative reliability...
June 14, 2022-KB5013889 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11
June 14, 2022-KB5013889 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 Release Date: June 14, 2022 Version: .NET Framework 3.5 and 4.8 The June 14, 2022 update for Windows 11 includes cumulative reliability improvements in .NET Framework 3.5 and 4.8. We recommend that you apply...
kernel: fget: check that the fd still exists after getting a ref to it
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...
kernel: fget: check that the fd still exists after getting a ref to it
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...
NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2022-0041)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: - A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. This bug could only be triggered...
kernel: fget: check that the fd still exists after getting a ref to it
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...
kernel: Use After Free in unix_gc() which could result in a local privilege escalation
A vulnerability was found in unixdgramrecvmsg in net/unix/afunix.c in the Linux kernel's garbage collection for Unix domain socket file handlers. In this flaw, a missing cleanup may lead to a use-after-free due to a race problem. This flaw allows a local user to crash the system or escalate their...
kernel: fget: check that the fd still exists after getting a ref to it
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on...
kernel: Use After Free in unix_gc() which could result in a local privilege escalation
A vulnerability was found in unixdgramrecvmsg in net/unix/afunix.c in the Linux kernel's garbage collection for Unix domain socket file handlers. In this flaw, a missing cleanup may lead to a use-after-free due to a race problem. This flaw allows a local user to crash the system or escalate their...