The vulnerability of the Web Search component of the Google Chrome browser allows a hacker to circumvent existing security restrictions.

The vulnerability of Google Chrome’s Web Search component is related to the use of memory after deallocation. Exploiting this vulnerability could allow a remote attacker to bypass existing security restrictions...

PT-2025-8118 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been resolved, related to the allocation and deallocation of resources during boot. Specifically, the problem occurs when kfree is used directly to...

The vulnerability in the command-line utility BusyBox, related to memory usage after deallocation, allows a hacker to execute arbitrary code.

The vulnerability of the BusyBox command-line utility set is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

DEBIAN-CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

PT-2021-17907 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.14 Description: The issue arises when grant table v2 status pages are de-allocated as a guest switches back from v2 to v1, potentially allowing a guest to retain access to a page that was freed and perhaps re-used for...

USN-5163-1: Linux kernel vulnerabilities

Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information kernel memory. CVE-2021-3655 It was discovered that the Option USB Hi...

The vulnerability of Google Chrome’s browser permissions settings allows attackers to influence the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Google Chrome’s browser permissions setting relates to the use of memory after deallocation. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...

Ubuntu: Security Advisory (USN-5140-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Java-Script script handler in Google Chrome browsers allows attackers to influence privacy, integrity, and accessibility.

The vulnerability of the Java-Script script handler in Google Chrome browsers relates to the use of memory after deallocation. Exploiting this vulnerability could allow an attacker to compromise privacy, integrity, and accessibility of data...

CVE-2021-38467

A specific function code receives a raw pointer supplied by the user and deallocates this pointer. The user can then control what memory regions will be freed and cause use-after-free condition...

Race condition

A specific function code receives a raw pointer supplied by the user and deallocates this pointer. The user can then control what memory regions will be freed and cause use-after-free condition...

CVE-2021-38467

CVE-2021-38467 (AUVESY Versiondog) is a use-after-free vulnerability described in multiple sources as arising when a function receives a raw user-supplied pointer and deallocates it, allowing control over what memory is freed. The vulnerability affects Versiondog and has high impact on integrity ...

The vulnerability of the CSS Node-css-what selector analyzer, related to memory usage after deallocation, allows a attacker to cause a service failure.

The vulnerability of the CSS Node-css-what selector analyzer is related to an error in checking the size of input data. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

DEBIAN-CVE-2021-28701

Another race in XENMAPSPACEgranttable handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches back from v2...

ALPINE-CVE-2021-28694

IOMMU page mapping issues on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresse...

DEBIAN-CVE-2021-28697

grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...

CVE-2021-28695

IOMMU page mapping issues on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresse...

CVE-2021-28697

grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest...