Xen: A transaction conflict can crash C Xenstored (XSA-440)

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

PT-2023-5953 · Qualcomm · Qualcomm Embedded Platform

Name of the Vulnerable Software and Affected Versions: Qualcomm embedded platform affected versions not specified Description: The issue is related to a transient Denial of Service DOS in the modem when triggering a camping on a 5G cell. It is also associated with a software vulnerability in...

ASB-A-275041864

In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2023-2054)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-20230420-02

A vulnerability in the iconv function of the glibc library is related to a flaw in the use of the assert function. The vulnerability allows an attacker acting remotely to cause a denial of service...

Code injection

Libreswan 4.9 allows remote attackers to cause a denial of service assert failure and daemon restart via crafted TS payload with an incorrect selector length...

CVE-2023-23009

CVE-2023-23009 affects Libreswan 4.9, enabling remote DoS via a crafted TS payload with an incorrect selector length, causing an assert failure and daemon restart. Connected advisories confirm multiple distributions (e.g., MiracleLinux, TencentOS Server, RHEL/CentOS/Oracle Linux families) referen...

CVE-2023-23009

Libreswan 4.9 allows remote attackers to cause a denial of service assert failure and daemon restart via crafted TS payload with an incorrect selector length...

SUSE CVE-2007-3372

The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service exit via empty TXT data over D-Bus, which triggers an assert error...

SUSE CVE-2018-4207

In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks...

SUSE CVE-2018-4208

In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks...

SUSE CVE-2019-9821

A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. This vulnerability affects Firefox 67...

SUSE CVE-2021-28687

HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of...

SUSE CVE-2022-24939

A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error...

Lack of input validation: The contract does not perform any checks on the inputs passed to the functions, which could allow an attacker to pass malicious data and trigger wrong behavior or errors.

Lines of code Vulnerability details Impact function readInt208 ReturndataPointer rdPtr internal pure returns int208 value assembly returndatacopy0, rdPtr, 0x20 value := mload0 This function reads the int208 at rdPtr in returndata. However, it does not perform any checks on the input rdPtr to ensu...

Stack overflow

A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error...

CVE-2022-24938

A malformed packet causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error...

CVE-2022-24938

A malformed packet causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error...

Stack overflow

A malformed packet causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error...

CVE-2022-24938

CVE-2022-24938 affects the Ember ZNet stack (as used in Silicon Labs Gecko SDK). A malformed Zigbee/ZW packet can trigger a stack overflow in Ember ZNet, causing an assertion failure and a reset that immediately clears the error. Some sources specify Ember ZNet versions 7.0.1 or earlier. The prov...