194 matches found
CVE-2024-7730 Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb()
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element...
CVE-2024-7730
CVE-2024-7730 references a heap buffer overflow in the QEMU virtio-snd device. The vulnerability arises when reading input audio in virtio_snd_pcm_in_cb, where the iov isn’t validated to fit the data buffer, enabling an out-of-bounds write if the virtio queue element size equals virtio_snd_pcm_st...
CVE-2024-7730 Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb()
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element...
CVE-2024-7730
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element...
QEMU 安全漏洞
QEMU Quick Emulator is a suite of simulation processor software by Fabrice Bellard, an individual developer in France. The software is fast and cross-platform. A security vulnerability exists in QEMU, which stems from the presence of a heap buffer overflow that could trigger an out-of-bounds writ...
SUSE-SU-2024:1944-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: - Update to version 2.44.2 bsc1225071: - CVE-2024-23252: Fixed a vulnerability where processed web content may lead to a denial-of-service. bsc1222010 - CVE-2024-23254: Fixed a vulnerability where a malicious website may exfiltrate audio dat...
[SECURITY] [DSA 5684-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5684-1 [email protected] https://www.debian.org/security/ Alberto Garcia May 09, 2024 https://www.debian.org/security/faq -...
SUSE: Security Advisory (SUSE-SU-2024:1269-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 22.04 LTS / 23.10 : WebKitGTK vulnerabilities (USN-6732-1)
The remote Ubuntu 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6732-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a...
SUSE SLES15: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2024:1269-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1269-1 advisory. - CVE-2024-23252: Fixed denial of service via crafted web content bsc1222010. - CVE-2024-23254: Fixed possible audio data...
SUSE-SU-2024:1270-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: - CVE-2024-23252: Fixed denial of service via crafted web content bsc1222010. - CVE-2024-23254: Fixed possible audio data exilftration cross-origin via malicious website bsc1222010. - CVE-2024-23263: Fixed lack of Content Security Policy...
SUSE-SU-2024:1269-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: - CVE-2024-23252: Fixed denial of service via crafted web content bsc1222010. - CVE-2024-23254: Fixed possible audio data exilftration cross-origin via malicious website bsc1222010. - CVE-2024-23263: Fixed lack of Content Security Policy...
CVE-2024-23254
A vulnerability was found in WebKit, where a remote attacker is able to exfiltrate audio data cross-origin by convincing a victim to visit a specially crafted website, which results in obtaining sensitive information...
CVE-2024-23254
The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, Safari 17.4. A malicious website may exfiltrate audio data cross-origin...
CVE-2024-23254
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin...
Design/Logic Flaw
The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, Safari 17.4. A malicious website may exfiltrate audio data cross-origin...
CVE-2024-23254
CVE-2024-23254 concerns WebKit/WebKitGTK components where a malicious website could exfiltrate audio data cross-origin. The initial entry notes the issue is fixed in Apple platforms: tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4, iPadOS 17.4, watchOS 10.4, and Safari 17.4. Public disclosur...
CVE-2024-23254
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin...
CVE-2024-23254
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin...
PT-2024-19767 · Apple · Macos Sonoma +4
Name of the Vulnerable Software and Affected Versions: Safari versions prior to 17.4 iOS versions prior to 17.4 iPadOS versions prior to 17.4 macOS Sonoma versions prior to 14.4 Description: The issue was addressed through improved state management, affecting Private Browsing tabs which may be...