MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the MediaTek chips that stems from a lack of boundary checking in the vdec component, which could result in an out-of-bounds write...

Google Chrome heap buffer overflow vulnerability (CNVD-2024-38577)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a heap buffer overflow vulnerability, which is caused by incorrect boundary checking in Skia. An attacker can exploit this vulnerability to cause an overflow buffer to execute arbitrary code on the system ...

Google Chrome heap buffer overflow vulnerability (CNVD-2024-38578)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a heap buffer overflow vulnerability that is caused by incorrect boundary checking in Skia. An attacker can exploit this vulnerability to cause an overflow buffer to execute arbitrary code on the system or...

No title provided

REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: x86/xen: Add some null pointer checking to smp.c The Linux kernel CVE team has assigned CVE-2024-26908 to this issue...

CVE-2024-43891

In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENTFILEFLFREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would hav...

CVE-2024-43891 tracing: Have format file honor EVENT_FILE_FL_FREED

In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENTFILEFLFREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would hav...

CVE-2024-43891

In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENTFILEFLFREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would hav...

CVE-2024-45169

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...

CVE-2022-48938

In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overflow, defeating the...

CVE-2022-48938 CDC-NCM: avoid overflow in sanity checking

In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overflow, defeating the...

CVE-2022-48938 CDC-NCM: avoid overflow in sanity checking

In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overflow, defeating the...

UBUNTU-CVE-2021-4441

In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynqqspiexecmemop In zynqqspiexecmemop, kzalloc is directly used in memset, which could lead to a NULL pointer dereference on failure of kzalloc. Fix this bug by adding a chec...

GO-2022-0790 Subdomain checking of whitelisted domains could allow unintended redirects in oauth2-proxy in github.com/oauth2-proxy/oauth2-proxy

Subdomain checking of whitelisted domains could allow unintended redirects in oauth2-proxy in github.com/oauth2-proxy/oauth2-proxy...

CVE-2024-43882 exec: Fix ToCToU between perm check and set-uid/gid usage

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

CVE-2024-43882

CVE-2024-43882 is a Linux kernel race Condition (ToCToU) in exec path: permission checks for a file are done at do_filp_open(), but the metadata (mode/UID/GID) used later in execve() can be changed before execution, enabling potential root privilege escalation. The issue is exploitable in scenari...

CVE-2024-43882

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

CVE-2024-43875 PCI: endpoint: Clean up error handling in vpci_scan_bus()

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Clean up error handling in vpciscanbus Smatch complains about inconsistent NULL checking in vpciscanbus: drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpciscanbus error: we previously assumed 'vpcibus' could b...

Amazon Linux 2 : webkitgtk4 (ALAS-2024-2623)

The version of webkitgtk4 installed on the remote host is prior to 2.42.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2623 advisory. A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS...

CVE-2024-6918

CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists that could cause a crash of the Accutech Manager when receiving a specially crafted request over port 2536/TCP...

CVE-2024-6918

CVE-2024-6918 is a CWE-120 buffer overflow affecting Schneider Electric Accutech Manager. Connected docs indicate it can cause a crash of the Accutech Manager when handling a specially crafted request over port 2536/TCP, potentially affecting versions up to 2.8.0.0 (and earlier per some sources)....