347 matches found
GSD-2021-1002832 ipmi: fix initialization when workqueue allocation fails
ipmi: fix initialization when workqueue allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...
GSD-2021-1002787 ipmi: fix initialization when workqueue allocation fails
ipmi: fix initialization when workqueue allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.223 by commit...
GSD-2021-1002303 selinux: fix NULL-pointer dereference when hashtab allocation fails
selinux: fix NULL-pointer dereference when hashtab allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit...
UVI-2021-1002303 selinux: fix NULL-pointer dereference when hashtab allocation fails
selinux: fix NULL-pointer dereference when hashtab allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit...
GSD-2021-1002275 selinux: fix NULL-pointer dereference when hashtab allocation fails
selinux: fix NULL-pointer dereference when hashtab allocation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.82 by commit...
MixinPurchase:shareKey allows to generate keys without purchasing
Handle GiveMeTestEther Vulnerability details Impact the shareKey function allows a user to share some time with another user that doesn't already has/had a key and this generates a new key. This even allows to generate more keys than maxNumberOfKeys. attacker generates a lot of EOA adresses, buys...
CVE-2021-30291
Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...
reward tokens could get lost due to rounding down
Handle gpersoon Vulnerability details Impact The function depositRewardTokens divides the "amount" of tokens by allocatedTokensPerEpoch to calculate the endEpoch. When "amount" isn't a multiple of allocatedTokensPerEpoch the result of the division will be rounded down, effectively losing a number...
CVE-2021-37136
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack...
CVE-2021-28697
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...
CVE-2021-38203
A flaw was found in the btrfs filesystem in the Linux kernel that allows attackers to cause a denial of service via processes that trigger allocation of new system chunks when there is a shortage of free space in the system spaceinfo. The highest threat from this vulnerability is to system...
DEBIAN-CVE-2021-38203
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service deadlock via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system spaceinfo...
CVE-2021-38203
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service deadlock via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system spaceinfo...
[SECURITY] [DSA 4942-1] systemd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4942-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 20, 2021 https://www.debian.org/security/faq -...
Denial Of Service (DoS)
mruby is vulnerable to denial of service. It is possible due to a double free in mrbdefaultallocf called from mrbfree and objfree...
UVI-2021-1000528 net: zero-initialize tc skb extension on allocation
net: zero-initialize tc skb extension on allocation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.9 by commit...
GSD-2021-1000528 net: zero-initialize tc skb extension on allocation
net: zero-initialize tc skb extension on allocation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.9 by commit...
CVE-2021-29545 Heap buffer overflow in `SparseTensorToCSRSparseMatrix`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in converting sparse tensors to CSR Sparse matrices. This is because the...
Fee Distribution Re-Entrancy
Handle 0xsomeone Vulnerability details Impact The distribute function of NFTXFeeDistributor has no access control and will invoke a fallback on the fee receivers, meaning that a fee receiver can re-enter via this function to acquire their allocation repeatedly potentially draining the full balanc...
CVE-2018-21270
A flaw was found in nodejs-stringstream. Node.js stringstream module is vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream...