3779 matches found
The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
SUSE CVE-2024-44959
In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...
SUSE CVE-2024-44982
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup FB if dpuformatpopulatelayout fails If the dpuformatpopulatelayout fails, then FB is prepared, but not cleaned up. This ends up leaking the pincount on the GEM object and causes a splat during DRM file closur...
CVE-2024-44959
In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...
DEBIAN-CVE-2024-44982
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup FB if dpuformatpopulatelayout fails If the dpuformatpopulatelayout fails, then FB is prepared, but not cleaned up. This ends up leaking the pincount on the GEM object and causes a splat during DRM file closur...
UBUNTU-CVE-2024-44982
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup FB if dpuformatpopulatelayout fails If the dpuformatpopulatelayout fails, then FB is prepared, but not cleaned up. This ends up leaking the pincount on the GEM object and causes a splat during DRM file closur...
CVE-2024-44959
In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...
CVE-2024-44959
In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...
UBUNTU-CVE-2024-44959
In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...
CVE-2024-44959
The CVE-2024-44959 entry concerns the Linux kernel tracefs component. It describes a root cause in the in-kernel memory reclaim path where structure layout randomization of struct inode can cause overlapping or misused RCU fields during freeing, potentially triggering list corruption (list_del) a...
CVE-2024-44959 tracefs: Use generic inode RCU for synchronizing freeing
In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...
CVE-2024-44959 tracefs: Use generic inode RCU for synchronizing freeing
In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...
The vulnerability of the Layout component in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.
The vulnerability of the Layout component in Google Chrome and Microsoft Edge is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
OESA-2024-2029 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the...
PT-2024-31367 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises when physical memory for the kernel image is allocated, and it does not consider the extra memory required for offsetting the image start to match it with the lower 20...
OPENSUSE-SU-2024:0254-2 Security update for chromium, gn, rust-bindgen
This update for chromium, gn, rust-bindgen fixes the following issues: - Chromium 127.0.6533.119 boo1228941 CVE-2024-7532: Out of bounds memory access in ANGLE CVE-2024-7533: Use after free in Sharing CVE-2024-7550: Type Confusion in V8 CVE-2024-7534: Heap buffer overflow in Layout CVE-2024-7535:...
CLSA-2024-1723795896 harfbuzz: Fix of CVE-2023-25193
CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh...
kernel: nfs: fix panic when nfs4_ff_layout_prepare_ds() fails
A vulnerability was found in the fflayoutcancelio function in the Linux kernel. Improper error checking with the mirrords structure fails to check if it is NULL, leading to a potential NULL pointer dereference. This issue could lead to crashes...
CVE-2024-34134
Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...
CVE-2024-34127
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...