Lucene search
K

102 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2024-46849

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after- free' Buffer 'card-dailink' is reallocated in...

7.8CVSS6.5AI score0.0025EPSS
Exploits0References2
ubuntu
ubuntu
added 2025/02/26 10:33 p.m.17 views

USN-7307-1: xmltok library vulnerability

Tim Boddy discovered that Expat, contained within the xmltok library, did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessi...

5CVSS6.8AI score0.03565EPSS
Exploits0
bdu_fstec
bdu_fstec
added 2025/02/18 12:0 a.m.9 views

The vulnerability of the drm/shmem-helpper components in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the drm/shmem-helpper component in the Linux operating system’s kernel is related to a memory reallocation error in the drmgemshmemmmap function. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.4AI score0.00249EPSS
Exploits0References18Affected Software4
bdu_fstec
bdu_fstec
added 2025/01/06 12:0 a.m.10 views

The vulnerability of the sec_pkcs7_decoder_start_decrypt() function in Mozilla Firefox and Thunderbird email client allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the secpkcs7decoderstartdecrypt function in Mozilla Firefox and Thunderbird’s email client is related to the reallocation of memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS6.4AI score0.00919EPSS
Exploits0References15Affected Software4
osv
osv
added 2024/12/12 2:3 a.m.6 views

AZL-62417 CVE-2024-47537 affecting package gstreamer1 1.20.0-2

GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. And i...

9.8CVSS7.4AI score0.00956EPSS
Exploits0References1
osv
osv
added 2024/12/12 12:0 a.m.3 views

UBUNTU-CVE-2024-47537

GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. And i...

9.8CVSS5.8AI score0.00956EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2024/12/02 12:0 a.m.5 views

The vulnerability of the irqchip/gic-v3-its components in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the irqchip/gic-v3-its components in the Linux operating system’s kernel is related to a memory reallocation error in the itsvpeirqdomainalloc function. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.7AI score0.00248EPSS
Exploits0References53Affected Software8
bdu_fstec
bdu_fstec
added 2024/11/06 12:0 a.m.7 views

The vulnerability of the f2fs_do_shutdown() function in the f2fs file system of Linux kernels allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the f2fsdoshutdown function in the fs/f2fs/file.c file of the f2fs file system in the Linux operating system is related to the reallocation of previously released memory due to competitive access to resources race condition. Exploiting this vulnerability could allow an attack...

7.8CVSS7.2AI score0.00238EPSS
Exploits0References12Affected Software3
bdu_fstec
bdu_fstec
added 2024/10/23 12:0 a.m.9 views

The vulnerability of the ftrace_location() function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ftracelocation function in the kernel/trace/ftrace.c module of the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS6.5AI score0.00239EPSS
Exploits0References37Affected Software7
osv
osv
added 2024/09/27 1:15 p.m.2 views

DEBIAN-CVE-2024-46849

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

7.8CVSS6.2AI score0.0025EPSS
Exploits0References1
osv
osv
added 2024/09/27 1:15 p.m.10 views

AZL-49795 CVE-2024-46849 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

7.8CVSS6.7AI score0.0025EPSS
Exploits0References1
cvelist
cvelist
added 2024/09/27 12:42 p.m.37 views

CVE-2024-46849 ASoC: meson: axg-card: fix 'use-after-free'

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

0.0025EPSS
Exploits0References7
vulnrichment
vulnrichment
added 2024/09/27 12:42 p.m.18 views

CVE-2024-46849 ASoC: meson: axg-card: fix 'use-after-free'

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

6.9AI score0.0025EPSS
Exploits0References7
bdu_fstec
bdu_fstec
added 2024/09/23 12:0 a.m.6 views

The vulnerability of the ps-pdf.cxx component of the HTMLDOC document conversion tool allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the ps-pdf.cxx component of the HTMLDOC document conversion tool is related to the reallocation of memory. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

9.8CVSS7.7AI score0.02282EPSS
Exploits1References7Affected Software4
bdu_fstec
bdu_fstec
added 2024/09/23 12:0 a.m.6 views

The vulnerability of the gnutls_pkcs7_verify function in the pkcs7 component of the GnuTLS library allows a attacker to cause a service failure.

The vulnerability of the gnutlspkcs7verify function in the pkcs7 component of the GnuTLS library is related to the reallocation of memory. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.8CVSS6.9AI score0.01492EPSS
Exploits0References9Affected Software4
bdu_fstec
bdu_fstec
added 2024/08/07 12:0 a.m.5 views

The vulnerability of the btrfs_load_zone_info() function in the Btrfs file system of Linux kernels allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the btrfsloadzoneinfo function in the fs/btrfs/zoned.c file of the Btrfs file system in Linux kernel is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS7.3AI score0.00288EPSS
Exploits0References22Affected Software3
bdu_fstec
bdu_fstec
added 2024/08/07 12:0 a.m.4 views

The vulnerability of the register_winch_irq() function in the User-Mode Linux (UML) subsystem of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the registerwinchirq function in the arch/um/drivers/line.c file of the User-Mode Linux subsystem driver for the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow a...

5.5CVSS6.8AI score0.00233EPSS
Exploits0References25Affected Software4
bdu_fstec
bdu_fstec
added 2024/05/30 12:0 a.m.6 views

The vulnerability of the brcmf_notify_escan_complete() function in the Broadcom FullMAC driver for Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the brcmfmac/cfg80211.c file within the Broadcom FullMAC driver’s drivers/net/wireless/broadcom/brcm80211/ directory in the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability...

5.5CVSS6.5AI score0.00233EPSS
Exploits0References23Affected Software2
bdu_fstec
bdu_fstec
added 2024/05/16 12:0 a.m.6 views

The vulnerability of the sess_free_buffer() function in the fs/cifs/sess.c module of the SMB file system in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the sessfreebuffer function in the fs/cifs/sess.c module of the SMB file system in Linux operating systems is related to the reallocation of previously released memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.00274EPSS
Exploits0References9Affected Software2
bdu_fstec
bdu_fstec
added 2024/05/15 12:0 a.m.5 views

The vulnerability of the ext4Move_extents() function in the fs/ext4/move_extent.c file of the Linux kernel’s file system ext4 allows a attacker to cause a service failure.

The vulnerability of the ext4Moveextents function in the fs/ext4/moveextent.c file of the Linux kernel’s file system relates to the reallocation of allocated memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00266EPSS
Exploits0References29Affected Software5
Rows per page
Query Builder