CVE-2020-10690

There is a use-after-free problem seen due to a race condition between the release of ptpclock and cdev while resource deallocation. When a high privileged process allocates a ptp device file like /dev/ptpX and voluntarily goes to sleep. During this time if the underlying device is removed, it ca...

The vulnerability of Google Chrome’s Blink rendering module allows a hacker to gain unauthorized access to information and compromise its integrity and accessibility.

The vulnerability of Google Chrome’s Blink rendering module relates to the use of memory after deallocation. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to information and compromise its integrity and accessibility through a specially created HTML page...

The vulnerability of Google Chrome browsers, related to memory usage after deallocation, allows attackers to gain unauthorized access to information and compromise its integrity and accessibility.

The vulnerability of Google Chrome relates to the use of memory after deallocation. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to information and compromise its integrity and availability through a specially created HTML page...

The vulnerability of Google Chrome browsers, related to memory usage after deallocation, allows attackers to gain unauthorized access to information and compromise its integrity and accessibility.

The vulnerability of Google Chrome relates to the use of memory after deallocation. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to information and compromise its integrity and accessibility through a specially created HTML page...

The vulnerability of the SQLite database management system, related to memory usage after deallocation, allows a attacker to cause a service failure.

The vulnerability of the SQLite database management system is related to a window function error. Exploiting this vulnerability can allow an attacker to cause a service failure...

USN-4319-1 linux, linux-aws, linux-gcp, linux-gcp-5.3, linux-hwe, linux-kvm, linux-oracle, linux-oracle-5.3, linux-raspi2, linux-raspi2-5.3 vulnerabilities

It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service kernel memory exhaustion. CVE-2019-19046 Al Viro discovered that the vfs layer in the Linux...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4325-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4325-1 advisory. It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local...

USN-4302-1 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux-azure vulnerabilities

Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the resources of a parent level 1 guest in certain situations. An attacker could use this to expose sensitive information. CVE-2020-2732 Gregory Herrero discovere...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4301-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4301-1 advisory. It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations...

Ubuntu: Security Advisory (USN-4302-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Blink web page display mechanism in Google Chrome browsers allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service interruptions.

The vulnerability of Blink’s web page rendering mechanism in the Google Chrome browser relates to the use of memory after deallocation. Exploiting this vulnerability allows an attacker to compromise data integrity, gain unauthorized access to protected information, and cause service failures...

CVE-2019-20006

CVE-2019-20006 affects ezXML 0.8.3–0.8.6. The issue stems from ezxml_char_content: it stores a pointer to the internal address of a larger block in xml->txt, and that memory is later freed, leading to a segmentation fault. Connected sources reiter this exact behavior across multiple advisories...

CVE-2019-20006

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent puts a pointer to the internal address of a larger block as xml-txt. This is later deallocated using free, leading to a segmentation fault...

CVE-2019-10484

Use after free issue occurs when command destructors access dynamically allocated response buffer which is already deallocated during previous command teardwon sequence in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice ...

The vulnerability of the lmgrd component and the components of the FlexNet Publisher daemon vendor license manager allows a perpetrator to execute arbitrary code.

The vulnerability of the lmgrd component and the components of the FlexNet Publisher daemon vendor management system is related to the possibility of memory corruption during allocation or deallocation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Memory corruption

In tzdata there is possible memory corruption due to a mismatch between allocation and deallocation functions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...

CVE-2019-9290

CVE-2019-9290 affects the tzdata component in Android 10, where a mismatch between allocation and deallocation can cause memory corruption. This could enable local privilege escalation without user interaction. The Android 10 security release notes indicate this issue is addressed by patches in t...

PT-2019-6455 · FFmpeg +5 · Ffmpeg +5

Name of the Vulnerable Software and Affected Versions: FFmpeg version 4.2 Description: The issue is related to a memory leak in the ff v4l2 m2m create context function in v4l2 m2m.c of the FFmpeg multimedia library. This leak occurs due to incorrect memory deallocation before the removal of the...

The vulnerability in the Google Chrome web browser, related to memory usage after deallocation, allows a malicious actor to execute arbitrary code in the context of the current user or to cause a denial-of-service attack.

The vulnerability in the Google Chrome web browser relates to the use of memory after deallocation. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the context of the current user, or to cause a denial-of-service attack through a specially created HTML pag...

The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird, related to memory usage after deallocation, allows an attacker to execute arbitrary code or cause a service failure.

The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure...