CVE-2021-3497

CVE-2021-3497 affects GStreamer’s Matroska demuxing in the gst-plugins-good1.0 package: versions before 1.18.4 may access already-freed memory in error paths when processing certain malformed Matroska files. This use-after-free can lead to a crash and, per advisory sources, potentially arbitrary ...

Design/Logic Flaw

Vapor is a web framework for Swift. In Vapor before version 4.40.1, there is a DoS attack against anyone who Bootstraps a metrics backend for their Vapor app. The following is the attack vector: 1. send unlimited requests against a vapor instance with different paths. this will create unlimited...

USN-4462-1 linux-gke-5.0, linux-oem-osp1 vulnerability

It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service...

kernel: Memory leaks in xfs_attr_list.c error paths

A flaw was found in the Linux kernel's implementation of XFS file attributes. Two memory leaks were detected in xfsattrshortformlist and xfsattr3leaflistint when running a docker container backed by xfs/overlay2. A dedicated attacker could possible exhaust all memory and create a denial of servic...

DEBIAN-CVE-2016-9685

Multiple memory leaks in error paths in fs/xfs/xfsattrlist.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service memory consumption via crafted XFS filesystem operations...