11 matches found
Astra Linux – Vulnerability in gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxupdatetracks function within matroska-demux.c. The vulnerability occurs when the gstcapsisequal function is called with invalid caps...
EUVD-2025-124960
In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel's BPF subsystem. This...
SUSE CVE-2025-38672
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-dma: Use dmabuf from GEM object instance" This reverts commit e8afa1557f4f963c9a511bd2c6074a941c308685. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field becomes...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix for NPE during rxcomplete. There is a missing validation of usbnetgoingaway in the critical path. The usbsubmiturb function lacks this validation, while usbnetqueueskb includes this check. This inconsistency causes a...
UBUNTU-CVE-2022-49733
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTLDSPSYNC There is a small race window at sndpcmosssync that is called from OSS PCM SNDCTLDSPSYNC ioctl; namely the function calls sndpcmossmakeready at first, then takes the paramslock mutex for t...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the media:mediatek:vcodec module in mtkvcodecmemfree, which sometimes fails to check if a buffer is NULL,...
CVE-2023-51394 Potential DoS for EFR32xxx parts in high traffic environments due to null buffer dereference / crash
High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash...
UBUNTU-CVE-2019-7663
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tifdirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file...
Debian DLA-1159-1 : graphicsmagick security update
Maor Shwartz, Jeremy Heng and Terry Chia discovered two security vulnerabilities in Graphicsmagick, a collection of image processing tool s. CVE-2017-16352 Graphicsmagick was vulnerable to a heap-based buffer overflow vulnerability found in the 'Display visual image directory' feature of the...
CVE-2017-16353
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile...
CVE-2017-16353
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile...