724 matches found
UBUNTU-CVE-2025-0395
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
CVE-2025-0395
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
CVE-2025-0395
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
GNU C Library 安全漏洞
The GNU C Library is an open source, free C language compiler from the GNU community released under the LGPL license. GNU C Library suffers from a buffer overflow vulnerability that stems from not allocating enough space for assertion failure message strings and size information when the assert...
CVE-2024-57923 btrfs: zlib: fix avail_in bytes for s390 zlib HW compression path
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length passed to zlibcompressfolios can be arbitrary, always setting strm.availin to a multiple of PAGESIZE may cause read-in bytes to exceed t...
CVE-2024-6352
A malformed packet can cause a buffer overflow in the APS layer of the Ember ZNet stack and lead to an assert...
CVE-2024-57806
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction atomicity bug when enabling simple quotas Set squota incompat bit before committing the transaction that enables the feature. With the config CONFIGBTRFSASSERT enabled, an assertion failure occurs regarding...
PT-2025-3866
Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.13 through 2.40 Description The issue is related to the assert function in the GNU C Library, which fails to allocate sufficient space for the assertion failure message string and size information. This may lead to a...
PT-2025-54615
Insufficient epoch key slot processing in OpenVPN 2.7 alpha1 through 2.7 rc5 allows remote authenticated users to trigger an assert resulting in a denial of service...
DEBIAN-CVE-2024-56635
In the Linux kernel, the following vulnerability has been resolved: net: avoid potential UAF in defaultoperstate syzbot reported an UAF in defaultoperstate 1 Issue is a race between device and netns dismantles. After calling rtnlunlock from netdevruntodo, we can not assume the netns of each devic...
CVE-2024-56635 net: avoid potential UAF in default_operstate()
In the Linux kernel, the following vulnerability has been resolved: net: avoid potential UAF in defaultoperstate syzbot reported an UAF in defaultoperstate 1 Issue is a race between device and netns dismantles. After calling rtnlunlock from netdevruntodo, we can not assume the netns of each devic...
CVE-2024-56635 net: avoid potential UAF in default_operstate()
In the Linux kernel, the following vulnerability has been resolved: net: avoid potential UAF in defaultoperstate syzbot reported an UAF in defaultoperstate 1 Issue is a race between device and netns dismantles. After calling rtnlunlock from netdevruntodo, we can not assume the netns of each devic...
Malicious code in id-assert-authz-grant-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17fc73e5465b1055fbe2c1e33fd53d7b12d3ba44276ed9b4bdd77537d89dba51 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-20139
In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001270; Issue ID: MSV-1600...
CVE-2024-20139
In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001270; Issue ID: MSV-1600...
Vulnerability of the usb_ep_get() function (hw/net/core.c) in the QEMU hardware emulation software, allowing a hacker to cause a service failure
The vulnerability of the usbepget function hw/net/core.c in the QEMU hardware emulation software is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a attacker to cause a system failure...
SUSE CVE-2024-46866
In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: add missing bo locking in showmeminfo bomeminfo wants to inspect bo state like tt and the ttm resource, however this state can change at any point leading to stuff like NPD and UAF, if the bo lock is not held. Grab...
CVE-2024-46811
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index may exceed array range within fpuupdatebwboundingbox Why Coverity reports OVERRUN warning. soc.numstates could be 40. But array range of bwparams-clktable.entries is 8. How Assert if soc.numstates great...
CVE-2024-46811
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index may exceed array range within fpuupdatebwboundingbox Why Coverity reports OVERRUN warning. soc.numstates could be 40. But array range of bwparams-clktable.entries is 8. How Assert if soc.numstates great...
UBUNTU-CVE-2024-46866
In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: add missing bo locking in showmeminfo bomeminfo wants to inspect bo state like tt and the ttm resource, however this state can change at any point leading to stuff like NPD and UAF, if the bo lock is not held. Grab...