1000 matches found
SUSE CVE-2018-11212
An issue was discovered in libjpeg 9a and 9d. The allocsarray function in jmemmgr.c allows remote attackers to cause a denial of service divide-by-zero error via a crafted file...
SUSE CVE-2019-25033
Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGNUP macro. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...
SUSE CVE-2019-25032
Unbound before 1.9.5 allows an integer overflow in the regional allocator via regionalalloc. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...
SUSE CVE-2020-14308
In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts...
SUSE CVE-2020-26243
Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being...
SUSE CVE-2020-29370
An issue was discovered in kmemcacheallocbulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71...
SUSE CVE-2021-20235
There's a flaw in the zeromq server in versions before 4.3.3 in src/decoderallocators.hpp. The decoder static allocator could have its sized changed, but the buffer would remain the same as it is a static buffer. A remote, unauthenticated attacker who sends a crafted request to the zeromq server...
SUSE CVE-2021-32762
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis librar...
SUSE CVE-2022-23036
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
SUSE CVE-2022-23561
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive...
SUSE CVE-2022-36086
linkedlistallocator is an allocator usable for nostd systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because...
GSD-2023-1002190 mm: Always release pages to the buddy allocator in memblock_free_late().
mm: Always release pages to the buddy allocator in memblockfreelate. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.164 by commit...
GSD-2023-1002126 mm: Always release pages to the buddy allocator in memblock_free_late().
mm: Always release pages to the buddy allocator in memblockfreelate. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.89 by commit...
GSD-2023-1001818 mm: Always release pages to the buddy allocator in memblock_free_late().
mm: Always release pages to the buddy allocator in memblockfreelate. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.229 by commit...
GSD-2023-1001720 mm: Always release pages to the buddy allocator in memblock_free_late().
mm: Always release pages to the buddy allocator in memblockfreelate. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...
PT-2023-34796 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: The issue is related to the memblock free late function, where pages are not always released to the buddy allocator. This could potentially lead to security vulnerabilities, although the actu...
RUSTSEC-2022-0080 parity-util-mem Unmaintained
The crate has been deprecated and will receive no updates with no repository source. The crate has a warning surrounding it's use related to global allocator use that may lead to UB...
parity-util-mem Unmaintained
The crate has been deprecated and will receive no updates with no repository source. The crate has a warning surrounding it's use related to global allocator use that may lead to UB...
PT-2022-37431 · Unknown · Parity-Util-Mem
Name of the Vulnerable Software and Affected Versions: parity-util-mem affected versions not specified Description: The issue concerns the use of a global allocator that may lead to undefined behavior UB. There is a warning related to its use. Recommendations: At the moment, there is no informati...
Mimalloc Can Allocate Memory with Bad Alignment
This crate depended on a promise regarding alignments made by the author of the mimalloc allocator to avoid using aligned allocation functions where possible for performance reasons. Since then, the mimalloc allocator's logic changed, making it break this promise. This caused this crate to return...