UBUNTU-CVE-2024-56566

In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid list corruption when removing a slab from the full list Boot with slubdebug=UFPZ. If allocated object failed in allocconsistencychecks, all objects of the slab will be marked as used, and then the slab will be...

DEBIAN-CVE-2024-56544

In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGESIZE 4096, MAXPAGEORDER 10, 64bit machine, pagealloc only support 4MB. If above this, trigger this warn and return NULL. udmabuf can change size limit, if change it t...

RLSA-2024:11299 Important: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: uninitialized stack memory in...

gstreamer1-plugins-good: integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

A flaw was found in the MP4/MOV demuxer and memory allocator in the GStreamer library. Processing a specially crafted input file can cause an integer overflow in the qtdemuxparsetheoraextension function. This issue leads to a small amount of memory being allocated to store a large input size,...

gstreamer1-plugins-good: integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

A flaw was found in the MP4/MOV demuxer and memory allocator in the GStreamer library. Processing a specially crafted input file can cause an integer overflow in the qtdemuxparsetheoraextension function. This issue leads to a small amount of memory being allocated to store a large input size,...

gstreamer1-plugins-good: integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

A flaw was found in the MP4/MOV demuxer and memory allocator in the GStreamer library. Processing a specially crafted input file can cause an integer overflow in the qtdemuxparsetheoraextension function. This issue leads to a small amount of memory being allocated to store a large input size,...

gstreamer1-plugins-good: integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

A flaw was found in the MP4/MOV demuxer and memory allocator in the GStreamer library. Processing a specially crafted input file can cause an integer overflow in the qtdemuxparsetheoraextension function. This issue leads to a small amount of memory being allocated to store a large input size,...

gstreamer1-plugins-good: integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

A flaw was found in the MP4/MOV demuxer and memory allocator in the GStreamer library. Processing a specially crafted input file can cause an integer overflow in the qtdemuxparsetheoraextension function. This issue leads to a small amount of memory being allocated to store a large input size,...

gstreamer1-plugins-good: integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

A flaw was found in the MP4/MOV demuxer and memory allocator in the GStreamer library. Processing a specially crafted input file can cause an integer overflow in the qtdemuxparsetheoraextension function. This issue leads to a small amount of memory being allocated to store a large input size,...

gstreamer1-plugins-good: integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

A flaw was found in the MP4/MOV demuxer and memory allocator in the GStreamer library. Processing a specially crafted input file can cause an integer overflow in the qtdemuxparsetheoraextension function. This issue leads to a small amount of memory being allocated to store a large input size,...

gstreamer1-plugins-good: integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

A flaw was found in the MP4/MOV demuxer and memory allocator in the GStreamer library. Processing a specially crafted input file can cause an integer overflow in the qtdemuxparsetheoraextension function. This issue leads to a small amount of memory being allocated to store a large input size,...

CVE-2024-47606

A flaw was found in the MP4/MOV demuxer and memory allocator in the GStreamer library. Processing a specially crafted input file can cause an integer overflow in the qtdemuxparsetheoraextension function. This issue leads to a small amount of memory being allocated to store a large input size,...

CVE-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

CVE-2024-50253

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of nrwords in bpfiterbitsnew Check the validity of nrwords in bpfiterbitsnew. Without this check, when multiplication overflow occurs for nrbits e.g., when nrwords = 0x0400-0001, nrbits becomes 64, stack...

DEBIAN-CVE-2024-53049

In the Linux kernel, the following vulnerability has been resolved: slub/kunit: fix a WARNING due to unwrapped kmalloccachenoprof 'modprobe slubkunit' will have a warning as shown below. The root cause is that kmalloccachenoprof was directly used, which resulted in no alloctag being allocated. Th...

UBUNTU-CVE-2024-53065

In the Linux kernel, the following vulnerability has been resolved: mm/slab: fix warning caused by duplicate kmemcache creation in kmembucketscreate Commit b035f5a6d852 "mm: slab: reduce the kmalloc minimum alignment if DMA bouncing possible" reduced ARCHKMALLOCMINALIGN to 8 on arm64. However, wi...

AZL-53603 CVE-2024-50277 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: dm: fix a crash if blkallocdisk fails If blkallocdisk fails, the variable md-disk is set to an error value. cleanupmappeddevice will see that md-disk is non-NULL and it will attempt to access it, causing a crash on this statement...

FreeBSD : FreeBSD -- Unbounded allocation in ctl(4) CAM Target Layer (8caa5d60-a174-11ef-9a62-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8caa5d60-a174-11ef-9a62-002590c1f29c advisory. The command ctlpersistentreserveout allows the caller to specify an arbitrary size which will be passed...

Mimalloc Can Allocate Memory with Bad Alignment

This crate depended on a promise regarding alignments made by the author of the mimalloc allocator to avoid using aligned allocation functions where possible for performance reasons. Since then, the mimalloc allocator's logic changed, making it break this promise. This caused this crate to return...

CVE-2024-39281

The CVE-2024-39281 issue affects FreeBSD where the command ctl_persistent_reserve_out lets a caller specify an arbitrary size passed to the kernel memory allocator, enabling unbounded allocation in the ctl(4) CAM Target Layer and potentially causing a host DoS. The FreeBSD security advisory SA-24...