SUSE CVE-2022-35999

TensorFlow is an open source platform for machine learning. When Conv2DBackpropInput receives empty outbackprop inputs e.g. 3, 1, 0, 1, the current CPU/GPU kernels CHECK fail one with dnnl, the other with cudnn. This can be used to trigger a denial of service attack. We have patched the issue in...

SUSE CVE-2022-36000

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit aed36912609fc07229b4d0a7b44f3f48efc00fd0. The fix will be included in...

SUSE CVE-2022-36011

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit 1cf45b831eeb0cab8655c9c7c5d06ec6f45fc41b. The fix will be included in...

SUSE CVE-2022-36012

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes. We have patched the issue in GitHub commit ad069af92392efee1418c48ff561fd3070a03d7b. The fix will be included in TensorFlow 2.10.0. We wi...

SUSE CVE-2023-25725

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some...

Denial of service due to unlimited number of parts

Impact The multipart body parser accepts an unlimited number of file parts. The multipart body parser accepts an unlimited number of field parts. The multipart body parser accepts an unlimited number of empty parts as field parts. Patches This is fixed in v7.4.1 for Fastify v4.x and v6.0.1 for...

DEBIAN-CVE-2023-25725

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some...

USN-5869-1 haproxy vulnerability

Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote attacker could possibly use this issue to manipulate headers and bypass certain authentication checks and restrictions...

UBUNTU-CVE-2023-25725

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some...

PT-2023-35052 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.8 Description: The issue is related to the proc-empty-vm and proc-pid-vm tests in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

Design/Logic Flaw

When GELI reads a key file from standard input, it does not reuse the key file to initialize multiple providers at once resulting in the second and subsequent devices silently using a NULL key as the user key file. If a user only uses a key file without a user passphrase, the master key is...

Initial debug-host handler implementation could leak information and facilitate denial of service

Impact version 1.5.0 and 1.6.0 when using the new debug-host feature could expose unnecessary information about the host Patches Use 1.6.1 or newer Workarounds Downgrade to 1.4.0 or set debug-host to empty References https://github.com/fortio/proxy/pull/38 Q&A...

Redeemers will receive less collateral than expected if function completeRedemptions() is called with empty refundees list

Lines of code Vulnerability details Impact Function completeRedemptions is used by admin account to distribute collateral to users and also to refund redemption requests if the redemption cannot be serviced. function completeRedemptions address calldata redeemers, address calldata refundees,...

PT-2023-33139 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.12 Description: The issue is related to a wrong empty schemes assumption under online tuning in the damon sysfs set schemes function. The actual impact and attack plausibility have not yet been proven...

PT-2023-33564 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: The issue is related to the ext2 empty dir function in the Linux Kernel. It was introduced in version v5.19 and fixed in version v6.0.18. The actual impact and attack plausibility have not y...

dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process

A vulnerability was found in dotnet. This flaw occurs when parsing an empty HTTP response as a JSON.NET JObject that causes a stack overflow and crashes a process...

dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process

A vulnerability was found in dotnet. This flaw occurs when parsing an empty HTTP response as a JSON.NET JObject that causes a stack overflow and crashes a process...

dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process

A vulnerability was found in dotnet. This flaw occurs when parsing an empty HTTP response as a JSON.NET JObject that causes a stack overflow and crashes a process...

CVE-2022-48195

An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated instead, the nonce is empty. This causes authentication to fail in the best case, but if paired...

PT-2022-28120 · Mellium · Mellium.Im/Sasl

Name of the Vulnerable Software and Affected Versions: Mellium mellium.im/sasl versions prior to 0.3.1 Description: An issue was discovered in Mellium mellium.im/sasl when performing SCRAM-based SASL authentication. If the remote end advertises support for channel binding, no random nonce is...