CVE-2021-32928

The Sentinel LDK Run-Time Environment installer Versions 7.6 and prior adds a firewall rule named “Sentinel License Manager” that allows incoming connections from private networks using TCP Port 1947. While uninstalling, the uninstaller fails to close Port 1947...

PT-2024-11246 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak vulnerability has been resolved in the Linux kernel. The issue is related to the ip mc add1 src function, where an unreferenced object is created, leading to a memory lea...

DEBIAN-CVE-2020-36385

An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctxlist in some ucmamigrateid situations where ucmaclose is called, aka CID-f5449e74802c...

UBUNTU-CVE-2020-36385

An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctxlist in some ucmamigrateid situations where ucmaclose is called, aka CID-f5449e74802c...

PT-2021-8256 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a deadlock in AP/VLAN handling. When AP VLAN interfaces are up and the AP interface they belong to is closed, a deadlock occurs because the wiphy mutex is held...

DEBIAN-CVE-2020-28012

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rdainterpret uses a privileged pipe that lacks a close-on-exec flag...

Privilege Escalation

exim4 is vulnerable to privilege escalation. The vulnerability exists when allowfilter is true, using a missing close-on-exec flag for a privileged pipe...

CVE-2020-28012

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rdainterpret uses a privileged pipe that lacks a close-on-exec flag...

UBUNTU-CVE-2020-28012

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rdainterpret uses a privileged pipe that lacks a close-on-exec flag...

kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c

A use-after-free flaw was found in the Linux kernel’s GPU driver functionality when destroying GEM context. A local user could use this flaw to crash the system or potentially escalate their privileges...

Samsung keyboard access control error vulnerability

Samsung keyboard is a cell phone application from Samsung South Korea. It provides an input function. A security vulnerability exists in Samsung keyboard version prior to SMR Feb-2021 Release 1, which allows a close-range attacker to change arbitrary settings during the initialization state. No...

SAMSUNG keyboard 安全漏洞

Samsung keyboard is a cell phone application from Samsung South Korea. It provides an input function. A security vulnerability exists in Samsung keyboard version prior to SMR Feb-2021 Release 1, which allows a close-range attacker to change arbitrary settings during the initialization state. No...

OESA-2021-1005 mutt security update

Mutt is a small but very powerful text-based mail client for Unix operating systems.\r\n\r\n Security Fixes:\r\n\r\n Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was invalid. The connection was not...

OSV-2018-95 Heap-use-after-free in Envoy::FakeConnectionBase::close

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8783 Crash type: Heap-use-after-free READ 1 Crash state: Envoy::FakeConnectionBase::close Envoy::Event::DispatcherImpl::runPostCallbacks eventprocessactivesinglequeue...

MGASA-2020-0476 Updated jackit packages fix security vulnerability

posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. Exploitation success depends on multithreaded timing of that double close, which can result in unintended information disclosure,...

Updated jackit packages fix security vulnerability

posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. Exploitation success depends on multithreaded timing of that double close, which can result in unintended information disclosure,...

June 18, 2020—KB4567523 (OS Build 19041.331)

June 18, 2020—KB4567523 OS Build 19041.331 IMPORTANT We have been evaluating the public health situation, and we understand this is impacting our customers. In response to these challenges, we are prioritizing our focus on security updates. Starting in May 2020, we are pausing all optional...

Buffer not correctly recycled in Gzip Request inflation

Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see...

HTTP Request Smuggling

webrick is vulnerable to HTTP request smuggling. The vulnerability exists as the request parser allows invalid Transfer-Encoding header values of close and keep-alive to be parsed and interpreted incorrectly...

In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel prtd is assigned substream->runtime->private_data. Later prtd is freed. However prtd is not sanitized and set to NULL resulting in a dangling pointer. There are other functions that access the same memory (substream->runtime->private_data) with a NULL check such as msm_pcm_volume_ctl_put() which means this freed memory could be used.

...