Lucene search
+L

55 matches found

OSV
OSV
added 2025/02/26 7:1 a.m.4 views

UBUNTU-CVE-2022-49546

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xffffc900002a9000 size 4096: comm "kexec", pid 14950, jiffies 4295110793 age 373.951s hex dump first 32 bytes: 7f 45 4c 4...

5.5CVSS6.7AI score0.0027EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/02/06 3:19 a.m.13 views

CVE-2021-35134

Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corruption in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

8.4CVSS7.3AI score0.00123EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/24 12:0 a.m.4 views

Rizin 缓冲区错误漏洞

Rizin is a free open source reverse engineering framework from the Rizin organization. It is used for analyzing binary files, disassembling code, debugging programs, as a forensic tool, as a scriptable command-line hex editor capable of opening disk files, and more. A security vulnerability exist...

7.8CVSS7.5AI score0.00414EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.6 views

SUSE CVE-2005-2617

The syscall32setuppages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insertvmstruct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers...

3.6CVSS6.5AI score0.00335EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.5 views

SUSE CVE-2014-8485

The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...

7.5CVSS7.8AI score0.07486EPSS
Exploits1References6
NVD
NVD
added 2022/12/13 8:15 a.m.35 views

CVE-2022-23523

In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the linux-loader crate entering an infinite loop if...

5.5CVSS0.00207EPSS
Exploits0References2
Prion
Prion
added 2022/12/13 8:15 a.m.15 views

Code injection

In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the linux-loader crate entering an infinite loop if...

1.7CVSS5.1AI score0.00207EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/12/13 7:41 a.m.83 views

CVE-2022-23523

CVE-2022-23523 affects rust-vmm/linux-loader. In versions before 0.8.1, the loader uses offsets/sizes from ELF headers to locate data. If an ELF header is crafted so these offsets point beyond the file end, Virtual Machine Monitors loading kernels with linux-loader could enter an infinite loop. T...

5.5CVSS4.5AI score0.00207EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/12/13 7:41 a.m.25 views

CVE-2022-23523 rust-vmm linux-loader vulnerable to Out-of-bounds Read

In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the linux-loader crate entering an infinite loop if...

4CVSS5.2AI score0.00207EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/12/12 10:35 p.m.30 views

linux-loader reading beyond EOF could lead to infinite loop

Impact The linux-loader crate used the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets pointed beyond the end of the file this could lead to an infinite loop. Virtual Machine Monitors using the linux-loader crate could enter an infinite loop i...

5.5CVSS0.6AI score0.00207EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/12/12 10:35 p.m.24 views

GHSA-52H2-M2CF-9JH6 linux-loader reading beyond EOF could lead to infinite loop

Impact The linux-loader crate used the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets pointed beyond the end of the file this could lead to an infinite loop. Virtual Machine Monitors using the linux-loader crate could enter an infinite loop i...

1.9CVSS4.5AI score0.00207EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.8 views

PT-2022-16049 · Unknown · Linux-Loader

Name of the Vulnerable Software and Affected Versions: linux-loader versions prior to 0.8.1 Description: The issue arises when the linux-loader crate uses offsets and sizes from ELF headers to determine read offsets. If these offsets point beyond the file's end, it could lead to an infinite loop ...

5.5CVSS5.2AI score0.00207EPSS
Exploits0References8
NVD
NVD
added 2022/09/02 12:15 p.m.27 views

CVE-2021-35134

Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corruption in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

8.4CVSS0.00123EPSS
Exploits0References1
Prion
Prion
added 2022/09/02 12:15 p.m.17 views

Memory corruption

Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corruption in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

4.6CVSS8.5AI score0.00123EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/02 11:31 a.m.28 views

CVE-2021-35134

Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corruption in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

8.4CVSS8.8AI score0.00123EPSS
Exploits0References1
CVE
CVE
added 2022/09/02 11:31 a.m.68 views

CVE-2021-35134

CVE-2021-35134 concerns memory corruption caused by insufficient validation of ELF headers, leading to an incorrect buffer size calculation during boot in Qualcomm Snapdragon components (Connectivity, Industrial IOT, Mobile). The issue is described across multiple sources: Qualcomm notes a vulner...

8.4CVSS8.5AI score0.00123EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/05/21 9:15 p.m.3 views

CVE-2022-31264

Solana solanarbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program...

7.5CVSS7.1AI score0.01302EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/05/21 8:4 p.m.31 views

CVE-2022-31264

Solana solanarbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program...

7.8AI score0.01302EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.14 views

Mageia: Security Advisory (MGASA-2017-0389)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.00958EPSS
Exploits0References4
OSV
OSV
added 2018/12/07 7:29 a.m.4 views

UBUNTU-CVE-2018-19931

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfdelf32swapphdrin in elfcode.h because the number of program headers is not restricted...

7.8CVSS6.9AI score0.01606EPSS
Exploits0References4
Rows per page
Query Builder