CVE-2024-26903

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcommchecksecurity During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a normal connection and...

CVE-2024-26903 Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcommchecksecurity During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a normal connection and...

CVE-2024-26903 Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcommchecksecurity During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a normal connection and...

PT-2024-40693 · Git +1 · Tarantool

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ with a crash state of NULL, as reported by OSS-Fuzz. No additional details are provided about the...

CVE-2024-26794

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Attacker can profitable trade with the pool

Lines of code Vulnerability details Impact The swap invariant used is unstable with large pool reserves locked. An attacker can generate a profit by trading with the pool, hurting Liquidity Providers. Proof of Concept To find some vulernable configurations we fuzzed the swap function of the Prote...

Denial of Service via reachable assertion

A grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This was due to incorrect logic when handling GOAWAY frames. The attack is low-effort: it takes very little resources to construct and send the required sequence of frames. The impact on availability is hig...

Denial of service via HTTP/2 HEADERS frames padding

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.2. It is fixed in 1.20.0 and later releases. This vulnerability is caused by a logica...

Denial of Service via reachable assertion

A grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This was due to incorrect logic when handling GOAWAY frames. The attack is low-effort: it takes very little resources to construct and send the required sequence of frames. The impact on availability is hig...

SUSE CVE-2023-3044

An excessively large PDF page size found in fuzz testing, unlikely in normal PDF files can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate...

Design/Logic Flaw

An excessively large PDF page size found in fuzz testing, unlikely in normal PDF files can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate...

CVE-2023-3044

An excessively large PDF page size found in fuzz testing, unlikely in normal PDF files can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate...

CVE-2023-3044 Divide-by-zero in Xpdf 4.04 due to very large page size

An excessively large PDF page size found in fuzz testing, unlikely in normal PDF files can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate...

CVE-2023-3044

An excessively large PDF page size found in fuzz testing, unlikely in normal PDF files can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate...

AZL-26278 CVE-2023-30612 affecting package cloud-hypervisor for versions less than 31.1-1

Cloud hypervisor is a Virtual Machine Monitor for Cloud workloads. This vulnerability allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP request through the HTTP API socket. As a result, the Cloud Hypervisor process can be easily...

OSV-2023-310 UNKNOWN READ in memdup_suffix0

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57937 Crash type: UNKNOWN READ Crash state: memdupsuffix0 fuzz-efi-string.c centipede::RunOneInput...

OSV-2023-300 UNKNOWN READ in sd_event_new

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57913 Crash type: UNKNOWN READ Crash state: sdeventnew fuzz-lldp-rx.c centipede::RunOneInput...

GHSA-VFVJ-3M3G-M532 fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime

Summary Fuzz testing on crossplane/crossplane, by Ada Logics and sponsored by the CNCF, identified input to a function in the fieldpath package that can cause an out of memory panic. Applications that use the Paved type's SetValue method with user provided input without proper validation might us...

fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime

Summary Fuzz testing on crossplane/crossplane, by Ada Logics and sponsored by the CNCF, identified input to a function in the fieldpath package that can cause an out of memory panic. Applications that use the Paved type's SetValue method with user provided input without proper validation might us...

GHSA-V829-X6HH-CQFQ Crossplane-runtime contains Improper Input Validation via Compositions

Summary Fuzz testing, by Ada Logics and sponsored by the CNCF, identified a vulnerability in the fieldpath package from crossplane/crossplane-runtime that an already highly privileged Crossplane user able to create or update Compositions could leverage to cause an out of memory panic in Crossplan...