Code injection

tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc-mismatch operator new vs operator delete error...

CVE-2023-45510

tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc-mismatch operator new vs operator delete error...

CVE-2023-45510

tsMuxer (git-2539d07) is reported to contain an alloc-dealloc-mismatch (operator new[] vs operator delete) error. Multiple sources (Red Hat CVE, NVD, OSV, CVE lists, CNNVD, PT-2023-29566) corroborate this description for tsMuxer. Public details do not specify affected platforms beyond the git com...

CVE-2023-45510

tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc-mismatch operator new vs operator delete error...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux Kernel suffers from a memory misreference vulnerability that originates from a confusion in the instruction responsible for freeing memory in the vmxnet3rqallocrxbuf,...

CLSA-2023-1692110840 Fix CVE(s): CVE-2018-7409

SECURITY UPDATE: Fix buffer overflow - debian/patch/CVE-2018-7409: fix unicodetoansicopy, don't include NUL-terminator in length in unicodetoansialloc, make sure that the error handling doesn't overrun the buffer - CVE-2018-7409...

kernel: net: gso: fix panic on frag_list with mixed head alloc types

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix panic on fraglist with mixed head alloc types Since commit 3dcbdb134f32 "net: gso: Fix skbsegment splat when splitting gsosize mangled skb having linear-headed fraglist", it is allowed to change gsosize of a GRO...

kernel: NULL pointer dereference in traffic control subsystem

A NULL pointer dereference flaw was found in qdiscgraft in net/sched/schapi.c in the Linux kernel. This issue may allow a local unprivileged user to trigger a denial of service if the allocworkqueue function return is not validated in time of failure, resulting in a system crash or leaked interna...

ABB Heap-Based Buffer Overflow in Wind River VxWorks (CVE-2019-12257)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

ABB Improper Restriction of Operations Within the Bounds of a Memory Buffer in Wind River VxWorks (CVE-2019-12261)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

ABB Improper Neutralization of Argument Delimiters in a Command in Wind River VxWorks (CVE-2019-12262)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

ABB Improper Restriction of Operations Within the Bounds of a Memory Buffer in Wind River VxWorks (CVE-2019-12260)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

ABB Integer Underflow in Wind River VxWorks (CVE-2019-12255)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

kernel: NFSv4.2 fix problems with __nfs42_ssc_open

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with nfs42sscopen A destination server while doing a COPY shouldn't accept using the passed in filehandle if its not a regular filehandle. If allocfilepseudo has failed, we need to decrement a reference on th...

kernel: NULL pointer dereference in traffic control subsystem

A NULL pointer dereference flaw was found in qdiscgraft in net/sched/schapi.c in the Linux kernel. This issue may allow a local unprivileged user to trigger a denial of service if the allocworkqueue function return is not validated in time of failure, resulting in a system crash or leaked interna...

kernel: NULL pointer dereference in traffic control subsystem

A NULL pointer dereference flaw was found in qdiscgraft in net/sched/schapi.c in the Linux kernel. This issue may allow a local unprivileged user to trigger a denial of service if the allocworkqueue function return is not validated in time of failure, resulting in a system crash or leaked interna...

PT-2023-35767 · Dav1D · Dav1D

Name of the Vulnerable Software and Affected Versions: dav1d affected versions not specified Description: The issue is related to a heap-use-after-free read error. Technical details about the crash include the picture copy props, dav1d picture alloc copy, and dav1d apply grain functions...

In the Linux kernel before 6.2 mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the alloc_memory_type error case to be reached.

...

SUSE CVE-2023-23005

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the allocmemorytype return value expects it to be NULL in the error case, whereas it is actually an error pointer. NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the...

CVE-2023-23005

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the allocmemorytype return value expects it to be NULL in the error case, whereas it is actually an error pointer. NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the...