PT-2023-33584 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.17 Description: The issue is related to the allocation of a zone buffer in the pstore/zone using GFP ATOMIC. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

PT-2023-34034 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.87 Description: The issue is related to the allocation of a zone buffer in the pstore/zone using GFP ATOMIC. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

CVE-2022-25717 Use-After-Free Issue in Display

Memory corruption in display due to double free while allocating frame buffer memory...

PT-2023-12800 · Qualcomm · Snapdragon +41

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in the display due to a double free error that occurs while allocating frame buffer memory. This problem can lead t...

FreeBSD : freerdp -- multiple vulnerabilities (1f0421b1-8398-11ed-973d-002b67dfc673)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1f0421b1-8398-11ed-973d-002b67dfc673 advisory. - FreeRDP is a free remote desktop protocol library and clients. In affected versions there is...

MGASA-2022-0447 Updated freerdp packages fix security vulnerability

In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. CVE-2022-39316 Affected versions of FreeRDP are missing a range check for input...

Low: openjpeg2

Issue Overview: A flaw was found in the opj2decompress program in openjpeg2 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free on an uninitialized pointer, leading to a segmentation...

OESA-2022-2120 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp and wlfreerdp. Security Fixes: FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are...

CVE-2022-39320

An out-of-bounds read vulnerability exists due to a boundary condition within the urbdrc channel. Attempting an integer addition on narrow types leads to the allocation of a buffer too small to hold the data written. A malicious server can trick a FreeRDP based client to read out-of-bound data an...

Heap overflow

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

CVE-2022-1325

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer...

CVE-2022-1325

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer...

DEBIAN-CVE-2022-1325

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer...

CVE-2022-1325

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer...

GREYC Clmg 安全漏洞

CImg is a small open source C++ toolkit for image processing from GREYC Open Source. A security vulnerability exists in GREYC Clmg. An attacker exploits the vulnerability to trick an application into allocating a huge buffer size such as 64GB when reading a file from disk or a virtual buffer...

CVE-2022-20379

In lwisbufferalloc of lwisbuffer.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

GHSA-674J-7M97-J2P9 curl FTP path confusion leads to NIL byte out of bounds write

curl can be coerced into writing a zero byte out of bounds. This bug can trigger when curl is told to work on an FTP URL, with the setting to only issue a single CWD command --ftp-method singlecwd or the libcurl alternative CURLOPTFTPFILEMETHOD. curl then URL-decodes the given path, calls strlen ...

GSD-2022-1002378 ALSA: oss: Fix PCM OSS buffer allocation overflow

ALSA: oss: Fix PCM OSS buffer allocation overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.237 by commit...

GSD-2022-1002284 ALSA: oss: Fix PCM OSS buffer allocation overflow

ALSA: oss: Fix PCM OSS buffer allocation overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.188 by commit...

GSD-2022-1002152 ALSA: oss: Fix PCM OSS buffer allocation overflow

ALSA: oss: Fix PCM OSS buffer allocation overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.109 by commit...