Azure Linux 3.0 Security Update: bind (CVE-2023-5517)

The version of bind installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5517 advisory. - A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: -...

Azure Linux 3.0 Security Update: kernel (CVE-2024-23850)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23850 advisory. - In btrfsgetrootref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failur...

CVE-2021-35101

Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile...

CVE-2022-25689

Denial of service in Modem due to reachable assertion in Snapdragon Mobile...

CVE-2022-33272

Transient DOS in modem due to reachable assertion...

CVE-2022-33250

Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover...

CVE-2022-33251

Transient DOS due to reachable assertion in Modem because of invalid network configuration...

CVE-2022-22060

Assertion occurs while processing Reconfiguration message due to improper validation...

CVE-2022-40508

Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported...

Security Bulletin: Vulnerability in GNU glibc affects IBM Integrated Analytics System [CVE-2024-33601]

Summary Redhat provided GNU glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-33601 Vulnerability Details CVEID:CVE-2024-33601 DESCRIPTION: glibc is vulnerable to a denial of service, caused by a memory allocation failure...

CVE-2024-6351

A malformed packet can cause a buffer overflow in the NWK/APS layer of the Ember ZNet stack and lead to an assert...

Updated glibc packages fix security vulnerability

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. CVE-2025-0395...

DFG JIT Use-After-Free

DFG's doesGC is incorrect about the HasIndexedProperty operation's behavior on StringObjects. This can lead to a use-after-free condition. See also https://bugs.chromium.org/p/project-zero/issues/detail?id=1699 for a similar issue. The DFG JIT compiler attempts to determine whether a DFG IR...

CVE-2025-0395

A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...

CVE-2023-37022

Open5GS MME versions = 2.6.4 contain a reachable assertion in the UE Context Release Request packet handler. A packet containing an invalid MMEUES1APID field causes Open5gs to crash; an attacker may repeatedly send such packets to cause denial of service...

CVE-2023-37004

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial Context Setup Response message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

CVE-2025-0395

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...

CVE-2025-0395

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...

CVE-2025-0395

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...

CVE-2025-0395

Summary (CVE-2025-0395) : The GNU C Library (glibc) versions 2.13 to 2.40 contain a buffer overflow in the assert() failure path where the failure message and size information are not allocated sufficiently, potentially overflowing the heap if the message size aligns to a page boundary. Connected...