UBUNTU-CVE-2023-52529

In the Linux kernel, the following vulnerability has been resolved: HID: sony: Fix a potential memory leak in sonyprobe If an error occurs after a successful usballocurb call, usbfreeurb should be called...

DEBIAN-CVE-2024-25450

imlib2 v1.9.1 was discovered to mishandle memory allocation in the function initimlibfonts...

Knative Serving Security Vulnerability

Knative Serving is a Kubernetes-based build from Knative that supports the deployment and servicing of applications and features as serverless containers. A security vulnerability exists in Knative Serving that stems from a memory allocation error, which could lead to a denial of service by an...

kernel: usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()

In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with xhciallocstreamctx. When some error occurs, streaminfo-streamctxarray is not...

kernel: bpf, verifier: Fix memory leak in array reallocation for stack state

A flaw was found in the eBPF subsystem in the Linux kernel. An incorrect logic in a helper function for memory reallocation can cause memory leaks when a memory allocation error occurs, potentially leading to system instability and a denial of service...

Ubuntu 16.04 ESM / 18.04 ESM : SoundTouch vulnerabilities (USN-4826-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4826-1 advisory. It was discovered that SoundTouch incorrectly handled certain WAV files. A remote attacker could possibly use this issue to cause a denial of...

vrite Security Vulnerabilities

vrite is an open source collaborative space for creating, managing and deploying product documentation, technical blogs and knowledge bases from vrite, Inc. A security vulnerability exists in vrite versions prior to 0.3.0 that stems from the presence of a resource allocation error vulnerability...

RKE2 Security Vulnerability

RKE2 is the next generation Kubernetes distribution for Rancher. A security vulnerability exists in SUSE RKE2 that stems from the presence of a resource allocation error issue. An attacker can exploit the vulnerability to access the apiserver/supervisor port of the K3s server, resulting in a deni...

CVE-2023-38429

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation because of ksmbdsmb2checkmessage that may lead to out-of-bounds access...

PT-2025-26056 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, specifically in the fbtft core, where the smem len is not set before the fb deferred io init call. This issue arises because...

PT-2025-25890 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.0-10393-g7c2a8d3ac4c0 Description: The issue arises from the incorrect assignment of a signed error value to an unsigned variable fw level in the Linux kernel's cacheinfo module for arm64 architecture. This...

Apache 2.4.x - Buffer Overflow Exploit

Exploit Title: Apache 2.4.x - Buffer Overflow Exploit Author: Sunil Iyengar Vendor Homepage: https://httpd.apache.org/ Software Link: https://archive.apache.org/dist/httpd/ Version: Any version less than 2.4.51. Tested on 2.4.50 and 2.4.51 Tested on: Server Kali, Client MacOS Monterey CVE :...

CVE-2023-23005

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the allocmemorytype return value expects it to be NULL in the error case, whereas it is actually an error pointer. NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the...

SUSE CVE-2006-1526

Buffer overflow in the X render Xrender extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service crash, as demonstrated by the 1 XRenderCompositeTriStrip and 2 XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo, which leads to an incorrect memory...

SUSE CVE-2011-3003

Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation...

SUSE CVE-2011-3002

Almost Native Graphics Layer Engine ANGLE, as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via vecto...

SUSE CVE-2012-2393

epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service application crash via a crafted packet that triggers incorrect...

SUSE CVE-2012-5668

FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdffreefont function...

SUSE CVE-2017-11331

The wavopen function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service memory allocation error via a crafted wav file...

SUSE CVE-2019-19462

relayopen in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service such as relay blockage by triggering a NULL allocpercpu result...