58 matches found
PT-2025-8642 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, related to the usage of RCU NONIDLE during the cfi slowpath diag function. This can result in an invalid RCU state in the cpuid...
UBUNTU-CVE-2022-48994
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...
CVE-2022-48994 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...
Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations
Impact Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption could, following an additional and particular...
Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks
Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband i.e., modem refers to a processor on the device that's responsible for handling all connectivity, su...
SUSE-SU-2024:0870-1 Security update for glibc
This update for glibc fixes the following issues: Security issues fixed: - qsort: harden handling of degenerated / non transient compare function bsc1218866 Other issues fixed: - getaddrinfo: translate ENOMEM to EAIMEMORY bsc1217589, BZ 31163 - aarch64: correct CFI in rawmemchr bsc1217445, BZ 311...
Stable Channel Update for Desktop
The Stable channel has been updated to 121.0.6167.85 for Mac and Linux and 121.0.6167.85/.86 to Windows which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Security Fixes and Rewards Note: Access to bug details and links may be kept...
Summary: MTE As Implemented
By Mark Brand, Project Zero In mid-2022, Project Zero was provided with access to pre-production hardware implementing the ARM MTE specification. This blog post series is based on that review, and includes general conclusions about the effectiveness of MTE as implemented, specifically in the...
openSUSE: Security Advisory for rust, (openSUSE-SU-2022:0843-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:0843-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1102-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
glibc security update
2.28-72.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...
SUSE SLES12 Security Update : glibc (SUSE-SU-2019:1958-2)
This update for glibc fixes the following issues : Security issues fixed : CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match bsc1127308. CVE-2009-5155: Fixed a denial of service in parseregexp bsc1127223. Non-security issues fixed: Added...
SUSE SLES12 Security Update : glibc (SUSE-SU-2019:1958-1)
This update for glibc fixes the following issues : Security issues fixed : CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match bsc1127308. CVE-2009-5155: Fixed a denial of service in parseregexp bsc1127223. Non-security issues fixed: Added...
SUSE-SU-2019:1958-2 Security update for glibc
This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match bsc1127308. - CVE-2009-5155: Fixed a denial of service in parseregexp bsc1127223. Non-security issues fixed: -...
SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2019:1102-1)
This update for glibc fixes the following issues : Security issues fixed : CVE-2019-9169: regex: fix read overrun bsc1127308, BZ 24114 CVE-2016-10739: Fully parse IPv4 address strings bsc1122729, BZ 20018 CVE-2009-5155: ERE '0|0|\1|0' causes regexec undefined behavior bsc1127223, BZ 18986...
The use of hardware defense against ROP: HA-CFI technical analysis-vulnerability warning-the black bar safety net
0x00 Preface With vulnerability mitigation technology continues to evolve, some common exploit tools such as ROP becomes more and more difficult, from ENDGAME Cody Pierce published an articlethe blog, saying that the ROP of Doom has arrived, the new vulnerability mitigation techniques for the...
CVE-2009-2911
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to 1 cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, 2 cause a denial of service...