Denial Of Service (DoS)

upx is vulnerable to denial of service. The vulnerability exists due to an assertion abort in upx MemBuffer::alloc in mem.cpp which allows attackers to cause a denial of service abort via a crafted file...

PT-2022-34760 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.12 Description: The issue concerns an integer overflow in the i2c mux alloc function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

PT-2022-34668 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.143 Description: The issue is related to an out of bounds access in the snd emu10k1 pcm channel alloc function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linu...

PT-2022-34683 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.213 Description: The issue concerns an out of bounds access in the snd emu10k1 pcm channel alloc function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kern...

PT-2022-34613 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: The issue concerns an out of bounds access in the snd emu10k1 pcm channel alloc function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kerne...

PT-2022-33686 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.15.61 through v5.15.63 Description: The issue is related to missing mmap lock calls in the binder alloc function when using the VMA. The actual impact and attack plausibility have not yet been proven. Recommendations:...

UBUNTU-CVE-2022-2978

A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function securityinodealloc to fail with following call to function nilfsmdtdestroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system...

PT-2022-7112 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel NILFS file system affected versions not specified Description: The issue is related to a use after free flaw in the Linux kernel NILFS file system. This flaw can be triggered when a user causes the security inode alloc function t...

QEMU: QXL: integer overflow in cursor_alloc() can lead to heap buffer overflow

A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on th...

AZL-41338 CVE-2021-33450 affecting package nasm 2.16.01-1

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmcalloc in nasmlib/alloc.c...

AZL-41956 CVE-2021-33452 affecting package nasm 2.16.01-1

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmmalloc in nasmlib/alloc.c...

DEBIAN-CVE-2021-33450

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmcalloc in nasmlib/alloc.c...

DEBIAN-CVE-2021-33452

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmmalloc in nasmlib/alloc.c...

UBUNTU-CVE-2021-33450

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmcalloc in nasmlib/alloc.c...

UBUNTU-CVE-2021-33452

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmmalloc in nasmlib/alloc.c...

Nasm 安全漏洞

Nasm is an open source programming tool software by The Nasm Development Team team. A security vulnerability exists in Nasm version 2.16rc0, which stems from a memory leak in its nasmlib/alloc.c component...

A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.

...

GSD-2022-1003377 drm/amdgpu/psp: move PSP memory alloc from hw_init to sw_init

drm/amdgpu/psp: move PSP memory alloc from hwinit to swinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.46 by commit...

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.

...

Tuxera NTFS-3G Buffer Overflow Vulnerability (CNVD-2022-82646)

Tuxera NTFS-3G is an open source, cross-platform set of drivers from Tuxera Finland for reading and writing to NTFS partitions. tuxera NTFS-3G is vulnerable to a buffer overflow vulnerability that originates from a boundary error in ntfsmftrecalloc when handling untrusted input, which can be...