Lucene search
K

38 matches found

Vulnrichment
Vulnrichment
added 2024/05/21 2:35 p.m.19 views

CVE-2021-47297 net: fix uninit-value in caif_seqpkt_sendmsg

In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caifseqpktsendmsg When nrsegs equal to zero in iovecfromuser, the object msg-msgiter.iov is uninit stack memory in caifseqpktsendmsg which is defined in syssendmsg. So we cann't just judge...

6.8AI score0.00226EPSS
Exploits0References8
OSV
OSV
added 2024/05/15 5:32 a.m.5 views

MGASA-2024-0177 Updated tcpdump packages fix security vulnerability

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. CVE-2024-2397...

6.2CVSS6.5AI score0.00289EPSS
Exploits0References3
Mageia
Mageia
added 2024/05/15 5:32 a.m.35 views

Updated tcpdump packages fix security vulnerability

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. CVE-2024-2397...

6.2CVSS7.1AI score0.00289EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/14 12:0 a.m.17 views

Fedora 39 : tcpdump (2024-272860364f)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-272860364f advisory. Fix for CVE-2024-2397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

6.2CVSS5.7AI score0.00289EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 1:22 p.m.21 views

CVE-2024-2397 infinite loop in the PPP printer of tcpdump

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21...

6.2CVSS6.2AI score0.00289EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/04/12 1:22 p.m.16 views

CVE-2024-2397 infinite loop in the PPP printer of tcpdump

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21...

6.2CVSS6.9AI score0.00289EPSS
Exploits0References3
CVE
CVE
added 2024/04/12 1:22 p.m.75 views

CVE-2024-2397

The CVE-2024-2397 issue is a bug in tcpdump affecting the git master branch (2023-06-05 to 2024-03-21) where packet data buffers management can cause an infinite loop when parsing crafted DLT_PPP_SERIAL .pcap files in the PPP printer. The vulnerability is not reported as present in released tcpdu...

6.2CVSS6.1AI score0.00289EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/04/12 1:22 p.m.63 views

CVE-2024-2397

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21...

6.2CVSS5.7AI score0.00289EPSS
Exploits0
OSV
OSV
added 2024/04/03 3:15 p.m.3 views

UBUNTU-CVE-2024-26696

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix hang in nilfslookupdirtydatabuffers Syzbot reported a hang issue in migratepagesbatch called by mbind and nilfslookupdirtydatabuffers called in the log writer of nilfs2. While migratepagesbatch locks a folio and waits...

5.5CVSS6.1AI score0.00191EPSS
Exploits0References23
Talos
Talos
added 2019/01/08 12:0 a.m.51 views

Apple IntelHD5000 Graphics Process Token Privilege Escalation Vulnerability

Summary A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds access inside of the KEXT leading to a use after free and invalid memory...

9.3CVSS8AI score0.00907EPSS
Exploits0
NVD
NVD
added 2018/11/27 4:29 p.m.18 views

CVE-2018-11943

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, while processing fastboot flash command, memory leak or unexpected behavior may occur due to processing of unintialized data buffers...

7.8CVSS7.5AI score0.00169EPSS
Exploits0References2
Prion
Prion
added 2018/11/27 4:29 p.m.17 views

Command injection

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, while processing fastboot flash command, memory leak or unexpected behavior may occur due to processing of unintialized data buffers...

4.6CVSS8AI score0.00169EPSS
Exploits0References2
Fedora
Fedora
added 2017/09/19 11:24 p.m.29 views

[SECURITY] Fedora 26 Update: mingw-libzip-1.3.0-1.fc26

libzip is a C library for reading, creating, and modifying zip archives. Fi les can be added from data buffers, files, or compressed data copied directly f rom other zip archives. Changes made without closing the archive can be reverte d. The API is documented by man pages...

6.5CVSS2.4AI score0.032EPSS
Exploits0
NVD
NVD
added 2016/08/07 7:59 p.m.24 views

CVE-2016-5142

The Web Cryptography API aka WebCrypto implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted JavaScript code,...

9.8CVSS9.7AI score0.01662EPSS
Exploits0References11
OSV
OSV
added 2016/08/07 7:59 p.m.2 views

CVE-2016-5142

The Web Cryptography API aka WebCrypto implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted JavaScript code,...

9.8CVSS7.4AI score
Exploits0References11
OSV
OSV
added 2016/08/07 12:0 a.m.4 views

UBUNTU-CVE-2016-5142

The Web Cryptography API aka WebCrypto implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted JavaScript code,...

9.8CVSS7.4AI score0.01662EPSS
Exploits0References4
Hacker One
Hacker One
added 2016/02/10 12:2 p.m.30 views

Tor: [tor] pre-emptive defenses, potential vulnerabilities

Replacing all tormalloc calls with torcalloc and tormalloczero ============================================================== Zeroing memory upon allocating it will prevent vulnerabilities that consist of transmitting data buffers which are not wholly initialized with the intended data or contain...

7.7AI score
Exploits0
Fedora
Fedora
added 2015/04/21 7:28 p.m.48 views

[SECURITY] Fedora 21 Update: libzip-0.11.2-5.fc21

libzip is a C library for reading, creating, and modifying zip archives. Fi les can be added from data buffers, files, or compressed data copied directly f rom other zip archives. Changes made without closing the archive can be reverte d. The API is documented by man pages...

7.5CVSS2.4AI score0.27692EPSS
Exploits1
Rows per page
Query Builder