CVE-2022-49372 tcp: tcp_rtx_synack() can be called from process context

In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context Laurent reported the enclosed report 1 This bug triggers with following coditions: 0 Kernel built with CONFIGDEBUGPREEMPT=y 1 A new passive FastOpen TCP socket is created. This...

CVE-2022-49372 tcp: tcp_rtx_synack() can be called from process context

In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context Laurent reported the enclosed report 1 This bug triggers with following coditions: 0 Kernel built with CONFIGDEBUGPREEMPT=y 1 A new passive FastOpen TCP socket is created. This...

CVE-2022-49372

CVE-2022-49372 affects the Linux kernel where tcp_rtx_synack() can be invoked from process context during a Fast Open TCP backlog/backlog processing sequence when CONFIG_DEBUG_PREEMPT is enabled. The issue arises as a SYN retransmit is processed in process context, cooking a SYN-ACK in that conte...

CVE-2022-49372

In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context Laurent reported the enclosed report 1 This bug triggers with following coditions: 0 Kernel built with CONFIGDEBUGPREEMPT=y 1 A new passive FastOpen TCP socket is created. This...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the tcprtxsynack function that may be called in a process environment, resulting in a statistic function err...

CVE-2024-11803

Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability ...

CVE-2024-11787

Fuji Electric Monitouch V-SFT V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerabili...

CVE-2024-7508 Trimble SketchUp Viewer SKP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Trimble SketchUp Viewer SKP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that th...

CVE-2024-9254

CVE-2024-9254 describes a use-after-free in Foxit PDF Reader/Editor related to annotation handling. The flaw occurs when processing Annotation objects without validating an object’s existence before performing operations, enabling an attacker to execute arbitrary code in the signer’s process. Exp...

CVE-2024-8826

CVE-2024-8826 affects PDF-XChange Editor. The flaw is in parsing XPS files, caused by insufficient validation leading to an out-of-bounds read that can allow remote code execution. Exploitation requires user interaction (visiting a malicious page or opening a malicious file). The sources describe...

CVE-2024-9726 Trimble SketchUp Viewer SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Trimble SketchUp Viewer SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that t...

CVE-2024-11531

The CVE-2024-11531 entry concerns IrfanView, where an out-of-bounds read in CGM file parsing can lead to remote code execution. The flaw stems from insufficient validation of data during CGM parsing, allowing an attacker to read past the end of an allocated buffer and execute code in the current ...

CVE-2024-6816

IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a...

IrfanView 安全漏洞

IrfanView is an image viewer. It supports image browsing, image editing, image format conversion and so on. IrfanView suffers from a code execution vulnerability that can be exploited by an attacker to execute code in the context of the current process...

IrfanView 安全漏洞

IrfanView is an image viewer by the individual developer Irfan Skiljan. It supports image browsing, image editing, image format conversion and more. IrfanView suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context of the current proces...

CVE-2024-52574

A vulnerability has been identified in Teamcenter Visualization V14.2 All versions V14.2.0.14, Teamcenter Visualization V14.3 All versions V14.3.0.12, Teamcenter Visualization V2312 All versions V2312.0008, Teamcenter Visualization V2406 All versions V2406.0005, Tecnomatix Plant Simulation V2302...

CVE-2024-52572

A vulnerability has been identified in Teamcenter Visualization V14.2 All versions V14.2.0.14, Teamcenter Visualization V14.3 All versions V14.3.0.12, Teamcenter Visualization V2312 All versions V2312.0008, Teamcenter Visualization V2406 All versions V2406.0005, Tecnomatix Plant Simulation V2302...

CVE-2024-52571

Teamcenter Visualization and Tecnomatix Plant Simulation are affected by an out-of-bounds write vulnerability when parsing crafted WRL files. Affected products and versions include: Teamcenter Visualization V14.2 (<0.14), V14.3 (<0.12), V2312 (<0.0008), V2406 (<0.0005); Tecnomatix Pla...

CVE-2024-47940

Solid Edge SE2024 is affected by CVE-2024-47940 due to an out-of-bounds read while parsing specially crafted PSM/PAR files, allowing code execution in the process context. Affected: Siemens Solid Edge SE2024 (all versions

CVE-2024-47940

A vulnerability has been identified in Solid Edge SE2024 All versions V224.0 Update 9. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attacker to execute code in the context of the curre...