PT-2022-7681

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a use-after-free vulnerability in the Linux kernel, specifically in the amdgpu module. This vulnerability may allow an attacker to impact the confidentiality,...

Vulnerability Spotlight: Callback Technologies CBFS Filter denial-of-service vulnerabilities

Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered three denial-of-service vulnerabilities in Callback Technologies CBFS Filter. Callback Technologies has a CBFS file storage solution for use in customizing data persistence on devices. To accompany...

Luna Moth Gang Invests in Call Centers to Target Businesses with Callback Phishing Campaigns

The Luna Moth campaign has extorted hundreds of thousands of dollars from several victims in the legal and retail sectors. The attacks are notable for employing a technique called callback phishing or telephone-oriented attack delivery TOAD, wherein the victims are social engineered into making a...

Callback Technologies CBFS Filter 代码问题漏洞

Callback Technologies CBFS Filter is an interceptor from Callback Technologies, USA. Allows you to intercept and react to file system, registry and process manager operations as they occur. A code issue vulnerability exists in Callback Technologies CBFS Filter version 20.0.8317, which stems from ...

Callback Technologies CBFS Filter 代码问题漏洞

Callback Technologies CBFS Filter is an interceptor from Callback Technologies, USA. Allows you to intercept and react to file system, registry and process manager operations as they occur. A code issue vulnerability exists in Callback technologies CBFS Filter version 20.0.8317, which stems from ...

Callback technologies CBFS Filter handle_ioctl_83150 null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2022-1647 Callback technologies CBFS Filter handleioctl83150 null pointer dereference vulnerability November 22, 2022 CVE Number CVE-2022-43588 SUMMARY A null pointer dereference vulnerability exists in the handleioctl83150 functionality of Callback technologies...

Callback technologies CBFS Filter handle_ioctl_0x830a0_systembuffer null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2022-1649 Callback technologies CBFS Filter handleioctl0x830a0systembuffer null pointer dereference vulnerability November 22, 2022 CVE Number CVE-2022-43590 SUMMARY A null pointer dereference vulnerability exists in the handleioctl0x830a0systembuffer functionalit...

Callback Technologies CBFS Filter 代码问题漏洞

Callback Technologies CBFS Filter is an interceptor from Callback Technologies, USA. Allows you to intercept and react to file system, registry and process manager operations as they occur. A code issue vulnerability exists in Callback Technologies CBFS Filter version 20.0.8317, which stems from ...

Callback technologies CBFS Filter handle_ioctl_8314C null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2022-1648 Callback technologies CBFS Filter handleioctl8314C null pointer dereference vulnerability November 22, 2022 CVE Number CVE-2022-43589 SUMMARY A null pointer dereference vulnerability exists in the handleioctl8314C functionality of Callback technologies...

CVE-2022-45474

drachtio-server 0.8.18 has a request-handler.cpp eventcb use-after-free for any request...

PT-2022-36773 · Flac · Flac

Name of the Vulnerable Software and Affected Versions: FLAC affected versions not specified Description: The issue is related to a stack-buffer-overflow error. Technical details about the error include the crash type being a Stack-buffer-overflow WRITE 8. The crash state involves several function...

PT-2022-27530 · Unknown · Drachtio-Server

Name of the Vulnerable Software and Affected Versions: drachtio-server version 0.8.18 Description: The issue is related to a use-after-free error in the event cb function within request-handler.cpp for any request. Recommendations: For drachtio-server version 0.8.18, consider disabling the event ...

kernel: dm: fix use-after-free in dm_cleanup_zoned_dev()

In the Linux kernel, the following vulnerability has been resolved: dm: fix use-after-free in dmcleanupzoneddev dmcleanupzoneddev uses queue, so it must be called before blkcleanupdisk starts its killing: blkcleanupdisk-blkcleanupqueue-kobjectput-blkreleasequeue-...

kernel: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb

In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9khifusbrxcb Syzbot reported use-after-free Read in ath9khifusbrxcb 0. The problem was in incorrect htchandle-drvpriv initialization. Probable call trace which can trigger use-after-free:...

kernel: dm thin: fix use-after-free crash in dm_sm_register_threshold_callback

In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dmsmregisterthresholdcallback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dmpoolregistermetadatathreshold+0x40/0x80 Read of size 8 at addr ffff8881b9d50068 by...

kernel: veth: ensure skb entering GRO are not cloned.

In the Linux kernel, the following vulnerability has been resolved: veth: ensure skb entering GRO are not cloned. After commit d3256efd8e8b "veth: allow enabling NAPI even without XDP", if GRO is enabled on a veth device and TSO is disabled on the peer device, TCP skbs will go through the NAPI...

The function _execute could be called externally

Lines of code Vulnerability details Author: rotcivegaf Impact The execute use a modifier to only can called internally, also specified in the documentation of the function: Must be called internally. But this modifier can be pass if a contract call the execute or bulkExecute and in the returnDust...

Counterparty-exchange owner may alter policy manager in execution callback, altering the price of subsequent order matching

Lines of code Vulnerability details Impact In the context of bulkExecute, with a sqeuence of executions requested, transferring ETH, ERC721 or ERC1155 may result in a hook/callback to a counterparty on receipt of ETH or one of these tokens. If this counterparty is also the exchange owner, or is...

Buffer Over Read

wolfSSL is vulnerable to buffer overreads. The vulnerability exists if callback functions are enabled via the WOLFSSLCALLBACKS flag which allows an attacker to trigger a buffer over-read on the heap of 5 bytes...

Reentrancy in _close() allows single lender to steal all deposits from other lenders

Lines of code Vulnerability details Impact Upon calling close, a lender's credit position is deleted AFTER the transfer out of their deposit. Therefore, an ERC777 will allow the lender to call close again and receive the same amount of funds. The lender will be able to reenter the contract as man...