419 matches found
RHEL 8 : firefox (RHSA-2021:0989)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0989 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
UBUNTU-CVE-2021-23981
A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...
Out-of-bounds (OOB) Read
firefox:trusty is vulnerable to out-of-bounds read. It can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers...
Security Vulnerabilities fixed in Firefox ESR 68.11 — Mozilla
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. WebRTC used the memory address of a class instance as a connection identifier. Unfortunately, this value is...
Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method
The Mozilla Foundation Security Advisory describes this flaw as: When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially...
Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method
The Mozilla Foundation Security Advisory describes this flaw as: When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially...
virglrenderer vrend_renderer.c resource management error vulnerability
virglrenderer is a VirGL virtual OpenGL renderer. virglrenderer 0.8.1 and earlier versions have a resource management error vulnerability in the vrendrenderer.c file. The vulnerability stems from mismanagement of system resources e.g., memory, disk space, files, etc. by a networked system or...
DEBIAN-CVE-2020-8003
A double-free vulnerability in vrendrenderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrendrendererresourceallocatedtexture is not an appropriate place for a free...
CVE-2020-8003
A double-free vulnerability in vrendrenderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrendrendererresourceallocatedtexture is not an appropriate place for a free...
CVE-2020-8003
A double-free vulnerability in vrendrenderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrendrendererresourceallocatedtexture is not an appropriate place for a free...
UBUNTU-CVE-2020-8003
A double-free vulnerability in vrendrenderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrendrendererresourceallocatedtexture is not an appropriate place for a free...
Double free
A double-free vulnerability in vrendrenderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrendrendererresourceallocatedtexture is not an appropriate place for a free...
CVE-2020-8003
A double-free vulnerability in vrendrenderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrendrendererresourceallocatedtexture is not an appropriate place for a free...
CVE-2020-8003
A double-free vulnerability in vrendrenderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrendrendererresourceallocatedtexture is not an appropriate place for a free...
CVE-2020-8003
CVE-2020-8003 applies to virglrenderer, specifically a double-free in vrend_renderer.c that can cause a denial of service when a texture allocation fails. The root cause is that vrend_renderer_resource_allocated_texture is not an appropriate place for a free. Public documentation in the connected...
CVE-2020-8003
A double-free vulnerability in vrendrenderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrendrendererresourceallocatedtexture is not an appropriate place for a free...
CVE-2020-8003
A double-free vulnerability in vrendrenderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrendrendererresourceallocatedtexture is not an appropriate place for a free...
CVE-2020-0004
In generateCrop of WallpaperManagerService.java, there is a possible sysui crash due to image exceeding maximum texture size. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2020-0004
In generateCrop of WallpaperManagerService.java, there is a possible sysui crash due to image exceeding maximum texture size. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2019-8632
Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data...