Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid accessing metadata when the pointer is invalid in objecterr. objecterr reports details about an object for further debugging, such as the freelist pointer, redzone, etc. However, if the pointer is invalid, attempti...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a lack of memory allocation failure checking, which could lead to a null pointer dereference...

Adobe Photoshop 安全漏洞

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. A heap buffer overflow vulnerability exists in Adobe Photoshop Desktops. The vulnerability is due to a failure to perform strict checksums on memory...

UBUNTU-CVE-2024-56566

In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid list corruption when removing a slab from the full list Boot with slubdebug=UFPZ. If allocated object failed in allocconsistencychecks, all objects of the slab will be marked as used, and then the slab will be...

CVE-2024-6600

Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on macOS. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...

CVE-2024-6600

CVE-2024-6600 describes a memory-out-of-bounds in Angle’s GLSL shader allocation on macOS when allocating more than 8192 ints in private shader memory, leading to potential memory corruption. Affected products per sources include Mozilla Firefox and Thunderbird (and ESR branches) with versions pr...

CVE-2024-6600 Memory corruption in WebGL API

Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on macOS. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...

Security Vulnerabilities fixed in Firefox ESR 115.13 — Mozilla

An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when...

Security Vulnerabilities fixed in Firefox 128 — Mozilla

An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. Clipboard code...

UBUNTU-CVE-2024-26770

In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Add missing null pointer checks to LED initialization devmkasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointe...

PT-2024-40047 · Ckb · Ckb

Name of the Vulnerable Software and Affected Versions: CKB affected versions not specified Description: An issue allows an adversary to create a message with a compressed size less than the package limit, but with a very large decompressed length, such as 1G. This can cause a node to consume a...

CVE-2023-4582

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. This bug only affects Firefox on macOS. Other operating systems are unaffected. This vulnerability affects Firefox 117, Firefo...

CVE-2023-4582

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. This bug only affects Firefox on macOS. Other operating systems are unaffected. This vulnerability affects Firefox 117, Firefo...

libssh 安全漏洞

libssh is a C development package from the libssh organization for accessing SSH services, which can perform remote commands, file transfers, and also provide a secure transport channel for remote programs. A security vulnerability exists in libssh that stems from a lack of allocation checking in...

SUSE CVE-2020-29361

An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc...

Foxit PDF Reader 缓冲区错误漏洞

Foxit PDF Reader is China Foxit Foxit company a PDF reader. Foxit PDF Reader suffers from a buffer overflow vulnerability that originates from the application failing to properly validate the allocation boundaries of an object when handling certain JavaScript, which can be exploited by an attacke...

USN-5341-1 binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled checks for memory allocation when parsing relocs in a corrupt file. An attacker could possibly use this issue to cause a denial of service. CVE-2017-17122 It was discovered that GNU binutils incorrectly handled certain corrupt DWARF debug...

SUSE-SU-2019:2673-1 Security update for libpcap

This update for libpcap fixes the following issues: - CVE-2019-15165: Added sanity checks for PHB header length before allocating memory bsc1153332. - CVE-2018-16301: Fixed a buffer overflow bsc1153332...

OracleVM 3.3 / 3.4 : openjpeg (OVMSA-2017-0048)

The remote OracleVM system is missing necessary patches to address critical security updates : - Revert previous changes in patch for CVE-2016-5159 - Fix double free in patch for CVE-2016-5139 - Fix memory leaks and invalid read in ciobytein Related: 1419775 - Add two more allocation checks to...

SUSE-SU-2017:0529-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2016-10046: Prevent buffer overflow in draw.c caused by an incorrect length calculation bsc1017308 - CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped bsc1017310 - CVE-2016-10049: Corrupt RLE...