K07560020: Linux kernel vulnerabilities CVE-2015-7884, CVE-2015-7885, CVE-2015-8543, CVE-2015-8569, and CVE-2015-8660

Security Advisory Description CVE-2015-7884 The vividfbioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application...

SUSE CVE-2019-17539

In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...

SUSE CVE-2020-27795

A segmentation fault was discovered in radare2 with adf command. In libr/core/cmdanal.c, when command "adf" has no or wrong argument, analfcndata core, input + 1 -- RAnalFunction fcn = ranalgetfcnin core-anal, core-offset, -1; returns null pointer for fcn causing segmentation fault later in...

SUSE CVE-2022-25258

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests ones with a large array index and ones associated with NULL function pointer retrieval. Memory corruption might occur...

kernel: sfc: fix use after free when disabling sriov

In the Linux kernel, the following vulnerability has been resolved: sfc: fix use after free when disabling sriov Use after free is detected by kfence when disabling sriov. What was read after being freed was vf-pcidev: it was freed from pcidisablesriov and later read in efxef10sriovfreevfvports,...

Denial Of Service (DoS)

fis-gtm is vulnerable to denial of service. The vulnerability exists due to lack of input validation in doverify.c which allows an attacker to crash the application by corrupting a function pointer...

PT-2022-37226 · Git +1 · Grok

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by an incorrect function pointer type. The crash occurs in the grk::BufferedStream::read function, which is called...

Use of Uninitialized Function Pointer

Description When providing a crafted input binary to radare2, the context-readaddr function pointer is never initialized before use. This is due to the switch statement responsible for the assignment not finding a matching value for its switch cases. Calling function c static bool...

OSV-2022-394 Incorrect-function-pointer-type in cv::split

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47190 Crash type: Incorrect-function-pointer-type Crash state: cv::split cv::split TestSplitAndMerge...

FIS GT.M Denial of Service Vulnerability (CNVD-2022-32799)

FIS GT.M is a database platform. A security vulnerability exists in FIS GT.M versions prior to V7.0-000, which stems from the lack of input validation in the call to doverify in srunix/doverify.c. The vulnerability can be exploited to attempt to jump to a NULL pointer by corrupting the function...

YottaDB has an unspecified vulnerability (CNVD-2022-31928)

YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in YottaDB r1.32 and earlier, which stems from missing input validation in the call to doverify in srunix/doverify.c. An attacker could use this vulnerability to attempt to jump to a NULL pointer by corrupting the...

YottaDB has an unspecified vulnerability (CNVD-2022-31932)

YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in YottaDB r1.32 and earlier versions, which can be exploited to gain control of the execution process by manipulating the value of the function pointer used by opwrite in srport/opwrite.c using carefully crafted...

DEBIAN-CVE-2021-44506

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. A lack of input validation in calls to doverify in srunix/doverify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer...

CVE-2021-44482

An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in calls to doverify in srunix/doverify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer...

CVE-2021-44486

An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can manipulate the value of a function pointer used in opwrite in srport/opwrite.c in order to gain control of the flow of execution...

CVE-2021-44486

An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can manipulate the value of a function pointer used in opwrite in srport/opwrite.c in order to gain control of the flow of execution...

Null pointer dereference

An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in calls to doverify in srunix/doverify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer...

UBUNTU-CVE-2021-44506

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. A lack of input validation in calls to doverify in srunix/doverify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer...

CVE-2021-44482

An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in calls to doverify in srunix/doverify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer...

CVE-2021-44506

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. A lack of input validation in calls to doverify in srunix/doverify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer...