DEBIAN-CVE-2024-50614

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

AZL-51888 CVE-2024-50615 affecting package blobfuse 1.4.5-17

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

AZL-51887 CVE-2024-50614 affecting package cppcheck for versions less than 2.18.3-1

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

UBUNTU-CVE-2024-50614

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

UBUNTU-CVE-2024-50615

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

UBUNTU-CVE-2024-50613

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpegl3encode.c mpegl3encoderclose...

CVE-2024-50613

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpegl3encode.c mpegl3encoderclose...

CVE-2024-50613

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpegl3encode.c mpegl3encoderclose...

TinyXML2 安全漏洞

TinyXML2 is a C++ based open source XML parser by Lee Thomason, an individual developer. A security vulnerability exists in TinyXML2 10.0.0 and earlier versions, which stems from a reachable assertion against UINTMAX/16 in tinyxml2.cpp XMLUtil::GetCharacterRef, which may cause the application to...

CVE-2024-50615

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

CVE-2024-50615

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

CVE-2024-50613

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpegl3encode.c mpegl3encoderclose...

CVE-2024-50615

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

CVE-2024-50615

Summary: CVE-2024-50615 affects TinyXML-2 up to and including 10.0.0, with a reachable assertion in XMLUtil::GetCharacterRef that may cause an application exit. The connected OSV entries document multiple security updates for tinyxml2 across platforms and note the same root cause (UINT_MAX/digit)...

SUSE CVE-2024-49935

In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exitroundrobin The kernel occasionally crashes in cpumaskclearcpu, which is called within exitroundrobin, because when executing clearbitnr, addr with nr set to 0xffffffff, the address calculation may caus...

The vulnerability of the fscache_exit() function in the file system of the Linux operating system’s kernel, allowing a attacker to compromise the confidentiality, integrity, and accessibility of protected information

The vulnerability of the fscacheexit function in the fs/netfs/fscachemain.c file of the Linux operating system’s file system netfs is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

AZL-51365 CVE-2024-50036 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

CVE-2022-48983

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...

CVE-2022-49018 mptcp: fix sleep in atomic at close time

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 inatomic: 1, irqsdisabled: 0, nonblock: 0, pid: 155, name:...

CVE-2022-48998 powerpc/bpf/32: Fix Oops on tail call tests

In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf/32: Fix Oops on tail call tests testbpf tail call tests end up as: testbpf: 0 Tail call leaf jited:1 85 PASS testbpf: 1 Tail call 2 jited:1 111 PASS testbpf: 2 Tail call 3 jited:1 145 PASS testbpf: 3 Tail call 4 jited...