Updated mpg123 packages fix security vulnerability

An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution may not be dismissed. The complexity required to exploit this fla...

MGASA-2024-0358 Updated mpg123 packages fix security vulnerability

An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution may not be dismissed. The complexity required to exploit this fla...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

K000148485: qt vulnerabilities CVE-2017-10905 and CVE-2014-0190

Security Advisory Description CVE-2017-10905 A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors. CVE-2014-0190 The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of...

Huawei EulerOS: Security Advisory for gdk-pixbuf2 (EulerOS-SA-2024-2904)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2024-50226

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In support of investigating an initialization failure report 1, cxltest was updated to register mock memory-devices after the mock root-port/bus device had been...

DEBIAN-CVE-2024-50226

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In support of investigating an initialization failure report 1, cxltest was updated to register mock memory-devices after the mock root-port/bus device had been...

UBUNTU-CVE-2024-50226

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In support of investigating an initialization failure report 1, cxltest was updated to register mock memory-devices after the mock root-port/bus device had been...

CVE-2024-50226 cxl/port: Fix use-after-free, permit out-of-order decoder shutdown

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In support of investigating an initialization failure report 1, cxltest was updated to register mock memory-devices after the mock root-port/bus device had been...

CVE-2024-50226 cxl/port: Fix use-after-free, permit out-of-order decoder shutdown

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In support of investigating an initialization failure report 1, cxltest was updated to register mock memory-devices after the mock root-port/bus device had been...

CVE-2024-50226

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In support of investigating an initialization failure report 1, cxltest was updated to register mock memory-devices after the mock root-port/bus device had been...

CVE-2024-50226

CVE-2024-50226 : Linux kernel vulnerability in the CXL port code. A use-after-free during teardown of a region with multiple endpoint decoders (example: decoders 7.0 and 14.0 sharing a switch-decoder 3.0) could allow out-of-order shutdown and leave stale references. The patch ensures: (1) proper ...

media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning

...

media: mediatek: vcodec: Fix H264 stateless decoder smatch warning

...

media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning

...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

The vulnerability of the svg_probe function in the libavformat/img2dec.c file of the FFmpeg multimedia library, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.

The vulnerability of the svgprobe function in the libavformat/img2dec.c file of the FFmpeg multimedia library relates to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause a service failure by using a specially created...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...