1188 matches found
kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c
A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...
SUSE-SU-2020:1409-1 Security update for libxslt
This update for libxslt fixes the following issues: Security issues fixed: - CVE-2019-13118: Fixed a read of uninitialized stack data bsc1140101. - CVE-2019-13117: Fixed a uninitialized read which allowed to discern whether a byte on the stack contains certain special characters bsc1140095. -...
kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c
A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...
kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c
A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...
kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c
A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...
Arbitrary Code Execution
firefox is vulnerable to arbitrary code execution. A dangling pointer flaw was found in the way Firefox handled a certain Document Object Model DOM element. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user...
Arbitrary Code Execution
firefox is vulnerable to arbitrary code execution. A dangling pointer flaw was found in the Firefox Scalable Vector Graphics SVG text manipulation routine. A web page containing a malicious SVG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the...
Arbitrary Code Execution
firefox/thunderbird/seamonkey is vulnerable to arbitrary code execution. Several use-after-free and dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running...
SUSE-SU-2020:0920-1 Security update for libxslt
This update for libxslt fixes the following issue: - CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have led to information disclosure bsc1154609...
CVE-2020-1814
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in t...
CVE-2020-1814
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in t...
Race condition
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in t...
CVE-2020-1814
Mode C (normal): The vulnerability CVE-2020-1814 affects Huawei firewall products: NIP6800 and Secospace USG6600/USG9500. Affected software versions include NIP6800 V500R001C30, V500R001C60SPC500, V500R005C00 and USG6600/USG9500 variants V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V5...
CVE-2020-1814
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in t...
Security Advisory - Dangling Pointer Reference Vulnerability in Some Huawei Firewall Products
There is a dangling pointer reference vulnerability in some Huawei firewall products. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful explo...
CVE-2019-14055
Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdrago...
CVE-2019-14055
Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdrago...
macOS XNU - Missing Locking in checkdirs_callback() Enables Race with fchdir_common()
macOS XNU - Missing Locking in checkdirscallback Enables Race with fchdircommon On macOS, when a new mount point is created, the kernel uses checkdirs to, as a comment above the function explains: "Scan all active processes to see if any of them have a current or root directory onto which the new...
CVE-2017-18595
A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...
CVE-2019-5042
An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this vulnerability...