28 matches found
UBUNTU-CVE-2022-50578
In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in classregister If classaddgroups returns error, the 'cp-subsys' need be unregister, and the 'cp' need be freed. We can not call ksetunregister here, because the 'cls' will be freed in callback...
CVE-2023-26495
An issue was discovered in Open Design Alliance Drawings SDK before 2024.1. A crafted DWG file can force the SDK to reuse an object that has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code...
xorg: xwayland: Use-after-free in SyncInitTrigger()
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...
PT-2025-9100 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A crash occurs due to a segmentation fault on an unknown address. The crash involves the chunk free object, pdfi free dict, and pdfi free font cff functions. Recommendations: At the moment,...
OSV-2024-1059 UNKNOWN READ in chunk_free_object
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538184 Crash type: UNKNOWN READ Crash state: chunkfreeobject fileclosefile sclose...
PT-2024-40571 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves several functions: chunk free object, file close file, and sclose. No...
PT-2024-40566 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves functions such as chunk free object and stream dct finalize. No informatio...
OSV-2024-1036 UNKNOWN READ in chunk_free_object
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71250 Crash type: UNKNOWN READ Crash state: chunkfreeobject fileclosefile sclose...
OSV-2024-861 UNKNOWN READ in chunk_free_object
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42537801 Crash type: UNKNOWN READ Crash state: chunkfreeobject gsmemorychunkunwrap gsjmemterm...
PT-2024-40857 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A crash occurred due to an unknown read issue, as reported by OSS-Fuzz. The crash state includes functions such as chunk free object, sclose, and sfclose. No information is available...
PT-2024-40866 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves functions such as chunk free object, gs memory chunk unwrap, and gs j mem...
PT-2024-40862 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves functions such as chunk free object, pdfi interpret content stream, and pd...
PT-2024-40782 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ, with a crash state involving functions such as chunk free object, s zlib free, and inflateEnd. No...
PT-2024-40781 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ, with a crash state involving functions such as chunk free object and stream dct finalize. No...
PT-2024-40783 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ, with a crash state involving functions such as chunk free object, gs memory chunk unwrap, and gs j...
CVE-2024-26957 s390/zcrypt: fix reference counting on zcrypt card objects
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...
PT-2024-40666 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves several function calls, including gs font finalize, chunk free object, and...
The vulnerability of the `chunk_free_object` function in the `gsmchunk.c` component of the Ghostscript software suite allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the chunkfreeobject function in the gsmchunk.c component of the Ghostscript document processing software lies in the handling of buffer overflows. Exploitation of this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even...
PT-2023-35630 · Git +1 · Libredwg
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read 8 crash has been reported. The crash state includes dwg free object, dwg free, and llvmfuzz.c. Recommendations: At the moment...
PT-2023-35542 · Git +1 · Libredwg
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash type of Heap-double-free was reported. The crash state involves dwg free object and dwg free functions in the llvmfuzz.c file. Recommendations: A...