13587 matches found
CVE-2024-52288 RMAC revert to the beginning of the session in libosdp
libosdp is an implementation of IEC 60839-11-5 OSDP Open Supervised Device Protocol and provides a C library with support for C++, Rust and Python3. In affected versions an unexpected REPLYCCRYPT or REPLYRMACI may be introduced into an active stream when they should not be. Once RMACI message can...
CVE-2024-50263 fork: only invoke khugepaged, ksm hooks if no error
In the Linux kernel, the following vulnerability has been resolved: fork: only invoke khugepaged, ksm hooks if no error There is no reason to invoke these hooks early against an mm that is in an incomplete state. The change in commit d24062914837 "fork: use mtdup to duplicate maple tree in dupmma...
CVE-2024-50229 nilfs2: fix potential deadlock with newly created symlinks
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential deadlock with newly created symlinks Syzbot reported that pagesymlink, called by nilfssymlink, triggers memory reclamation involving the filesystem layer, which can result in circular lock dependencies among...
drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream
...
GHSA-FMQ6-4W57-2W3V wasm3 uncontrolled memory allocation vulnerability
wasm3 at commit 139076a contains a memory leak in the Readutf8 function...
wasm3 uncontrolled memory allocation vulnerability
wasm3 at commit 139076a contains a memory leak in the Readutf8 function...
CVE-2024-35420
wac commit 385e1 was discovered to contain a heap overflow...
CVE-2024-35420
wac commit 385e1 was discovered to contain a heap overflow...
CVE-2024-35410
wac commit 385e1 was discovered to contain a heap overflow via the interpret function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted wasm file...
CVE-2024-35418
wac commit 385e1 was discovered to contain a heap overflow via the setupcall function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted wasm file...
CVE-2024-50175
In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: Remove usecount guard in stopstreaming The usecount check was introduced so that multiple concurrent Raw Data Interfaces RDIs could be driven by different virtual channels VCs on the CSIPHY input driving the...
CVE-2024-50210 posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()
In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pcclocksettime If getclockdesc succeeds, it calls fget for the clockid's fd, and get the clk-rwsem read lock, so the error path should release the lock to make the lock balance...
CVE-2024-35419
wac commit 385e1 was discovered to contain a heap overflow via the loadmodule function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted wasm file...
CVE-2024-35420
wac commit 385e1 was discovered to contain a heap overflow...
CVE-2024-35418
wac commit 385e1 was discovered to contain a heap overflow via the setupcall function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted wasm file...
CVE-2024-35418
wac commit 385e1 was discovered to contain a heap overflow via the setupcall function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted wasm file...
CVE-2024-35410
The CVE-2024-35410 issue affects wac (commit 385e1) and is caused by a heap overflow in the interpret function (source file: /wac-asan/wa.c). Exploitation leads to Denial of Service via a specially crafted WebAssembly (wasm) file. Connected records confirm the same root cause across multiple feed...
CVE-2024-35420
wac commit 385e1 was discovered to contain a heap overflow...
CVE-2024-35420
The CVE-2024-35420 entry concerns wac, a minimal WebAssembly interpreter written in C. Connected sources confirm a heap overflow in commit 385e1. The vulnerability affects the wac project as described, but the provided documents do not specify affected versions beyond commit 385e1, nor do they de...
CVE-2024-35410
wac commit 385e1 was discovered to contain a heap overflow via the interpret function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted wasm file...