102 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-46849
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after- free' Buffer 'card-dailink' is reallocated in...
USN-7307-1: xmltok library vulnerability
Tim Boddy discovered that Expat, contained within the xmltok library, did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessi...
The vulnerability of the drm/shmem-helpper components in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the drm/shmem-helpper component in the Linux operating system’s kernel is related to a memory reallocation error in the drmgemshmemmmap function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the sec_pkcs7_decoder_start_decrypt() function in Mozilla Firefox and Thunderbird email client allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the secpkcs7decoderstartdecrypt function in Mozilla Firefox and Thunderbird’s email client is related to the reallocation of memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
AZL-62417 CVE-2024-47537 affecting package gstreamer1 1.20.0-2
GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. And i...
UBUNTU-CVE-2024-47537
GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. And i...
The vulnerability of the irqchip/gic-v3-its components in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the irqchip/gic-v3-its components in the Linux operating system’s kernel is related to a memory reallocation error in the itsvpeirqdomainalloc function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the f2fs_do_shutdown() function in the f2fs file system of Linux kernels allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the f2fsdoshutdown function in the fs/f2fs/file.c file of the f2fs file system in the Linux operating system is related to the reallocation of previously released memory due to competitive access to resources race condition. Exploiting this vulnerability could allow an attack...
The vulnerability of the ftrace_location() function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ftracelocation function in the kernel/trace/ftrace.c module of the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...
DEBIAN-CVE-2024-46849
In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...
AZL-49795 CVE-2024-46849 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...
CVE-2024-46849 ASoC: meson: axg-card: fix 'use-after-free'
In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...
CVE-2024-46849 ASoC: meson: axg-card: fix 'use-after-free'
In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...
The vulnerability of the ps-pdf.cxx component of the HTMLDOC document conversion tool allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the ps-pdf.cxx component of the HTMLDOC document conversion tool is related to the reallocation of memory. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
The vulnerability of the gnutls_pkcs7_verify function in the pkcs7 component of the GnuTLS library allows a attacker to cause a service failure.
The vulnerability of the gnutlspkcs7verify function in the pkcs7 component of the GnuTLS library is related to the reallocation of memory. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
The vulnerability of the btrfs_load_zone_info() function in the Btrfs file system of Linux kernels allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the btrfsloadzoneinfo function in the fs/btrfs/zoned.c file of the Btrfs file system in Linux kernel is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the register_winch_irq() function in the User-Mode Linux (UML) subsystem of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the registerwinchirq function in the arch/um/drivers/line.c file of the User-Mode Linux subsystem driver for the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow a...
The vulnerability of the brcmf_notify_escan_complete() function in the Broadcom FullMAC driver for Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the brcmfmac/cfg80211.c file within the Broadcom FullMAC driver’s drivers/net/wireless/broadcom/brcm80211/ directory in the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability...
The vulnerability of the sess_free_buffer() function in the fs/cifs/sess.c module of the SMB file system in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the sessfreebuffer function in the fs/cifs/sess.c module of the SMB file system in Linux operating systems is related to the reallocation of previously released memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ext4Move_extents() function in the fs/ext4/move_extent.c file of the Linux kernel’s file system ext4 allows a attacker to cause a service failure.
The vulnerability of the ext4Moveextents function in the fs/ext4/moveextent.c file of the Linux kernel’s file system relates to the reallocation of allocated memory. Exploiting this vulnerability could allow an attacker to cause a service failure...