2519 matches found
Debian: Security Advisory (DLA-3418-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update
Debian LTS Advisory DLA-3418-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost May 11, 2023 https://wiki.debian.org/LTS Package : nvidia-graphics-drivers-legacy-390xx Version : 390.157-1deb10u1 CVE ID : CVE-2022-34670 CVE-2022-34674 CVE-2022-34675 CVE-2022-34677...
kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values
A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...
CVE-2023-30624
Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled...
GHSA-CH89-5G45-QWC7 Undefined Behavior in Rust runtime functions
Impact Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled with LLVM 16 which causes some writes, which are critical for correctness, to be...
CVE-2023-30624
Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled...
CVE-2023-30624 Wasmtime has Undefined Behavior in Rust runtime functions
Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled...
CVE-2023-30624 Wasmtime has Undefined Behavior in Rust runtime functions
Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled...
CVE-2023-30624 Wasmtime has Undefined Behavior in Rust runtime functions
Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled...
Wasmtime 安全漏洞
Wasmtime, a Bytecode Consortium project, is a standalone wasm-optimized runtime for WebAssembly and WASI only. A security vulnerability exists in wasmtime versions 6.0.1 and earlier, 7.0.0, and 8.0.0, which stems from the fact that Wasmtime's implementation of managing per-instance state e.g.,...
Adverserial use of `make_bitflags!` macro can cause undefined behavior
The macro relied on an expression of the form Enum::Variant always being a variant of the enum. However, it may also be an associated integer constant, in which case there's no guarantee that the value of said constant consists only of bits valid for this bitflag type. Thus, code like this could...
GHSA-QVC4-78GW-PV8P Adverserial use of `make_bitflags!` macro can cause undefined behavior
The macro relied on an expression of the form Enum::Variant always being a variant of the enum. However, it may also be an associated integer constant, in which case there's no guarantee that the value of said constant consists only of bits valid for this bitflag type. Thus, code like this could...
Undefined Behavior in Rust runtime functions
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-ch89-5g45-qwc7. For more information see the GitHub-hosted security advisory...
RUSTSEC-2023-0092 Undefined Behavior in Rust runtime functions
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-ch89-5g45-qwc7. For more information see the GitHub-hosted security advisory...
PT-2023-22821 · Rust +2 · Rust +2
Name of the Vulnerable Software and Affected Versions: Wasmtime versions prior to 6.0.2 Wasmtime versions prior to 7.0.1 Wasmtime versions prior to 8.0.1 Description: Wasmtime's implementation of managing per-instance state contains LLVM-level undefined behavior, which can cause runtime-level...
Parsing borsh messages with ZST which are not-copy/clone is unsound
Affected versions of borsh cause undefined behavior when zero-sized-types ZST are parsed and the Copy/Clone traits are not implemented/derived. For instance if 1000 instances of a ZST are deserialized, and the ZST is not copy this can be achieved through a singleton, then accessing/writing to...
GHSA-FJX5-QPF4-XJF2 Parsing borsh messages with ZST which are not-copy/clone is unsound
Affected versions of borsh cause undefined behavior when zero-sized-types ZST are parsed and the Copy/Clone traits are not implemented/derived. For instance if 1000 instances of a ZST are deserialized, and the ZST is not copy this can be achieved through a singleton, then accessing/writing to...
Adverserial use of `make_bitflags!` macro can cause undefined behavior
The macro relied on an expression of the form Enum::Variant always being a variant of the enum. However, it may also be an associated integer constant, in which case there's no guarantee that the value of said constant consists only of bits valid for this bitflag type. Thus, code like this could...
RUSTSEC-2023-0035 Adverserial use of `make_bitflags!` macro can cause undefined behavior
The macro relied on an expression of the form Enum::Variant always being a variant of the enum. However, it may also be an associated integer constant, in which case there's no guarantee that the value of said constant consists only of bits valid for this bitflag type. Thus, code like this could...
Parsing borsh messages with ZST which are not-copy/clone is unsound
Affected versions of borsh cause undefined behavior when zero-sized-types ZST are parsed and the Copy/Clone traits are not implemented/derived. For instance if 1000 instances of a ZST are deserialized, and the ZST is not copy this can be achieved through a singleton, then accessing/writing to...