38 matches found
CVE-2021-47297 net: fix uninit-value in caif_seqpkt_sendmsg
In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caifseqpktsendmsg When nrsegs equal to zero in iovecfromuser, the object msg-msgiter.iov is uninit stack memory in caifseqpktsendmsg which is defined in syssendmsg. So we cann't just judge...
MGASA-2024-0177 Updated tcpdump packages fix security vulnerability
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. CVE-2024-2397...
Updated tcpdump packages fix security vulnerability
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. CVE-2024-2397...
Fedora 39 : tcpdump (2024-272860364f)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-272860364f advisory. Fix for CVE-2024-2397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
CVE-2024-2397 infinite loop in the PPP printer of tcpdump
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21...
CVE-2024-2397 infinite loop in the PPP printer of tcpdump
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21...
CVE-2024-2397
The CVE-2024-2397 issue is a bug in tcpdump affecting the git master branch (2023-06-05 to 2024-03-21) where packet data buffers management can cause an infinite loop when parsing crafted DLT_PPP_SERIAL .pcap files in the PPP printer. The vulnerability is not reported as present in released tcpdu...
CVE-2024-2397
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21...
UBUNTU-CVE-2024-26696
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix hang in nilfslookupdirtydatabuffers Syzbot reported a hang issue in migratepagesbatch called by mbind and nilfslookupdirtydatabuffers called in the log writer of nilfs2. While migratepagesbatch locks a folio and waits...
Apple IntelHD5000 Graphics Process Token Privilege Escalation Vulnerability
Summary A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds access inside of the KEXT leading to a use after free and invalid memory...
CVE-2018-11943
In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, while processing fastboot flash command, memory leak or unexpected behavior may occur due to processing of unintialized data buffers...
Command injection
In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, while processing fastboot flash command, memory leak or unexpected behavior may occur due to processing of unintialized data buffers...
[SECURITY] Fedora 26 Update: mingw-libzip-1.3.0-1.fc26
libzip is a C library for reading, creating, and modifying zip archives. Fi les can be added from data buffers, files, or compressed data copied directly f rom other zip archives. Changes made without closing the archive can be reverte d. The API is documented by man pages...
CVE-2016-5142
The Web Cryptography API aka WebCrypto implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted JavaScript code,...
CVE-2016-5142
The Web Cryptography API aka WebCrypto implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted JavaScript code,...
UBUNTU-CVE-2016-5142
The Web Cryptography API aka WebCrypto implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted JavaScript code,...
Tor: [tor] pre-emptive defenses, potential vulnerabilities
Replacing all tormalloc calls with torcalloc and tormalloczero ============================================================== Zeroing memory upon allocating it will prevent vulnerabilities that consist of transmitting data buffers which are not wholly initialized with the intended data or contain...
[SECURITY] Fedora 21 Update: libzip-0.11.2-5.fc21
libzip is a C library for reading, creating, and modifying zip archives. Fi les can be added from data buffers, files, or compressed data copied directly f rom other zip archives. Changes made without closing the archive can be reverte d. The API is documented by man pages...