CVE-2023-52916

CVE-2023-52916 affects the Linux kernel’s media: aspeed driver. When displaying 1600x900 and memory is tight, the macro block capture can cause a system crash due to a memory overwrite; the issue is tied to an 8x8 block sizing, fixed by aligning the src-buf height to 8. The CVSS v3.1 base score i...

CVE-2023-52916

In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a possible memory overwrite that could crash the system when capturing a screen at a resolution of...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

Real POC published https://github.com/ynwarcs/CVE-2024-38063 and...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

Real POC published https://github.com/ynwarcs/CVE-2024-38063 and...

CVE-2024-21980

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity...

CVE-2024-21978

Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption...

CVE-2024-21980

The CVE-2024-21980 issue is in AMD SNP firmware (SEV-SNP). The root cause is improper restriction of write operations in SNP firmware, which could allow a local malicious hypervisor to overwrite a guest VM’s memory or the UMC seed, leading to loss of confidentiality and integrity. Documents consi...

CVE-2024-21980

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity...

AMD SEV-SNP 安全漏洞

AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. AMD SEV-SNP suffers from a security vulnerability that stems from an improper restriction of write operations allowing a malicious hypervisor to potentially...

ALPINE-CVE-2024-6197

libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes free on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort...

CVE-2024-6197 freeing stack buffer in utf8asn1str

libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes free on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort...

CVE-2024-6197 freeing stack buffer in utf8asn1str

libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes free on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort...

CVE-2024-6197

libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes free on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort...

curl: CVE-2024-6197: freeing stack buffer in utf8asn1str

The libcurl library at commit 04739054cdac5a0614fb94e3655e313c03399f35 contained an invalid invocation of the free function in the utf8asn1str function. The buffer being freed was located on the stack, which posed a security risk as the freed address could have been later returned by malloc calls...

CVE-2024-20880

Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory...

CVE-2024-20880

Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory...

CVE-2024-20880

Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory...

nginx 1.1.x < 1.1.19 / 1.0.x < 1.0.15 A Buffer Overflow Vulnerability

According to its Sever response header, the installed version of nginx is 1.0.x prior to 1.0.15 or 1.1.x prior to 1.1.19. It is, therefore, affected by the following issue : - Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through...

CVE-2024-30212

If a SCSI READ10 command is initiated via USB using the largest LBA 0xFFFFFFFF with it's default block size of 512 and a count of 1, the first 512 byte of the 0x80000000 memory area is returned to the user. If the block count is increased, the full RAM can be exposed. The same method works to wri...