101 matches found
kernel: use-after-free due to race condition occurring in dvb_register_device()
A race condition flaw leading to a use-after-free issue was found in the Linux kernel media subsystem in the DVB core device driver. It could occur in the dvbregisterdevice function due to the fileoperations structure fops being dynamically allocated and later kfreed. A local user could use this...
kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c
A memory leak issue was found in the Linux kernel media subsystem in the TTUSB DEC driver. It could occur in the ttusbdecexitdvb function because of the lack of a dvbfrontenddetach call. A local user could trigger this flaw by repeatedly plugging and unplugging the device, potentially causing a...
CLSA-2023-1695715460 kernel: Fix of 24 CVEs
xen/xenbus: don't let xenbusgrantring remove grants in error case CVE-2022-23040 - xen/xenbus: Fix granting of vmalloc'd memory - xen/blkfront: don't use gnttabqueryforeignaccess for mapped status CVE-2022-23036 - xen/grant-table: add gnttabtryendforeignaccess CVE-2022-23036 - xen/blkfront: don't...
CLSA-2023-1690294029 kernel: Fix of 29 CVEs
ALSA: pcm: Fix races among concurrent prealloc proc writes CVE-2022-1048 - ALSA: pcm: Fix races among concurrent prepare and hwparams/hwfree calls CVE-2022-1048 - ALSA: pcm: Fix races among concurrent read/write and buffer changes CVE-2022-1048 - ALSA: pcm: Fix races among concurrent hwparams and...
CLSA-2023-1682711481 kernel: Fix of 7 CVEs
mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...
SUSE CVE-2016-1654
The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service invalid read operation via unknown vectors...
CVE-2022-45919
A race condition flaw leading to a use-after-free issue was found in the Linux kernel media subsystem in the DVB CA EN50221 interface of the DVB core device driver. It could occur in the dvbcaen50221release function if there is a disconnect after an open, because of the lack of a waitevent. A loc...
CVE-2022-45885
A race condition flaw leading to a use-after-free issue was found in the Linux kernel media subsystem in the DVB core device driver. It could occur in the dvbfrontend function when closing the device node of dvbfrontend if the device is disconnected. A local user could use this flaw to crash the...
CVE-2022-45884
A race condition flaw leading to a use-after-free issue was found in the Linux kernel media subsystem in the DVB core device driver. It could occur in the dvbregisterdevice function due to the fileoperations structure fops being dynamically allocated and later kfreed. A local user could use this...
Kentico 跨站脚本漏洞
A cross-site scripting vulnerability exists in Kentico Xperience, an ASP.NET-based content management system CMS from Kentico U.S. The vulnerability stems from the fact that the product's media subsystem does not validate input data. An attacker could cause client-side code execution via XML...
The vulnerability of the media subsystem in Google Chrome web browser allows a hacker to execute arbitrary code.
The vulnerability of the media subsystem in Google Chrome browser is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
The vulnerability of the Google Chrome browser’s media subsystem, which allows a hacker to circumvent content security policies
The vulnerability of the Google Chrome browser’s media subsystem exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass content security policies by using a specially crafted HTML page...
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.
The vulnerability of the Google Chrome browser’s media subsystem is related to errors during the initialization of undefined data structures. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
CVE-2016-1654
The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service invalid read operation via unknown vectors...
Code injection
The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service invalid read operation via unknown vectors...
CVE-2016-1654
CVE-2016-1654 relates to the Chromium/Chrome media subsystem where an uninitialized memory read occurs in the media component, leading to a potential denial of service via invalid read operations. The issue was fixed in Chrome/Chromium builds around version 50.0.2661.75. Debian security advisorie...
CVE-2016-1654
Removed by vendor...
CVE-2016-1654
The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service invalid read operation via unknown vectors...
chromium-browser: uninitialized memory read in media
The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service invalid read operation via unknown vectors...
CVE-2016-1654
The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service invalid read operation via unknown vectors...