DEBIAN-CVE-2024-57925

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix a missing return value check bug In the smb2sendinterimresp, if ksmbdallocworkstruct fails to allocate a node, it returns a NULL pointer to the inwork pointer. This can lead to an illegal memory write of...

UBUNTU-CVE-2024-57925

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix a missing return value check bug In the smb2sendinterimresp, if ksmbdallocworkstruct fails to allocate a node, it returns a NULL pointer to the inwork pointer. This can lead to an illegal memory write of...

CVE-2024-57925 ksmbd: fix a missing return value check bug

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix a missing return value check bug In the smb2sendinterimresp, if ksmbdallocworkstruct fails to allocate a node, it returns a NULL pointer to the inwork pointer. This can lead to an illegal memory write of...

CVE-2024-57925

CVE-2024-57925 affects the Linux kernel’s ksmbd component. A NULL pointer returned by ksmbd_alloc_work_struct() in smb2_send_interim_resp() could allow an illegal memory write to in_work->response_buf during kzalloc() on the in_work structure. The connected documents confirm a fix that adds a ...

PT-2025-2940 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: Kernel software affected versions not specified Description: The issue allows kernel software installed and running inside a Guest VM to exploit memory shared with the GPU Firmware, enabling it to write data outside the Guest's virtualised GP...

PT-2025-2942 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: Kernel software affected versions not specified Description: The issue allows kernel software installed and running inside a Guest VM to exploit memory shared with the GPU Firmware, enabling it to write data outside the Guest's virtualised GP...

SUSE-SU-2024:4411-1 Security update for mozjs115

This update for mozjs115 fixes the following issues: - CVE-2024-11498: Fixed resource exhaustion via Stack overflow in libjxl bsc1233786 - CVE-2024-11403: Fixed out of Bounds Memory Read/Write in libjxl bsc1233766 - CVE-2024-50602: Fixed DoS via XMLResumeParser in libexpat bsc1232602...

CVE-2024-51471

IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow an authenticated user to cause a denial-of-service when trace is enabled due to information being written into memory outside of the intended buffer size...

PT-2024-17709 · Velocidex · Velocidex Winpmem

Name of the Vulnerable Software and Affected Versions: Velocidex WinPmem versions below 4.1 Description: The issue allows a user space program to trick the driver into writing a 0 into any chosen memory location by using an IO Control. In conjunction with information leakage from the WinPmem...

SUSE CVE-2024-47541

GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...

PT-2025-3035 · Apple · Macos Sonoma +2

Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.7.2 macOS Sonoma versions prior to 14.7.3 macOS Sequoia versions prior to 15.2 Description: An out-of-bounds write issue was addressed with improved input validation. This issue may allow an app to cause...

The vulnerabilities of the Linux kernel functions wcd938x_set_swr_port() and wcd938x_get_swr_port(), which allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerabilities of the functions wcd938xsetswrport and wcd938xgetswrport in the Linux kernel’s sound/soc/codecs/wcd938x.c module are related to memory writing beyond the bounds of the allocated buffer. Exploiting these vulnerabilities could allow a remote attacker to compromise the...

CVE-2024-9369

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-9369

CVE-2024-9369: Insufficient data validation in Mojo within Google Chrome (Chromium) allowed a remote attacker, who had compromised the renderer process, to perform an out-of-bounds memory write via a crafted HTML page. The issue is confirmed in Chrome/Chromium and has high impact. Public fix/upda...

CVE-2024-9369

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-9369

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-9369

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-9369

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

KLA77555 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Security vulnerability in Enhanced Tracking Protection’s Strict mode can be...

Astra Linux – Vulnerability in Chromium

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: High...