OSV-2024-574 Heap-buffer-overflow in spvtools::disassemble::InstructionDisassembler::EmitInstruction

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69549 Crash type: Heap-buffer-overflow READ 1 Crash state: spvtools::disassemble::InstructionDisassembler::EmitInstruction spvtools::DisassembleInstruction Parser::parseModule...

OSV-2024-552 UNKNOWN READ in ndpi_search_zoom

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69520 Crash type: UNKNOWN READ Crash state: ndpisearchzoom checkndpidetectionfunc ndpidetectionprocesspacket...

OSV-2024-551 Heap-buffer-overflow in mz_zip_mem_read_func

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69531 Crash type: Heap-buffer-overflow READ Crash state: mzzipmemreadfunc mzzipvalidatefile zipfuzzer.c...

OSV-2024-550 Heap-buffer-overflow in mz_zip_mem_read_func

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69528 Crash type: Heap-buffer-overflow READ Crash state: mzzipmemreadfunc mzzipreaderreadcentraldir mzzipreaderinitmem...

OSV-2024-548 Use-of-uninitialized-value in icalmemory_strdup

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69527 Crash type: Use-of-uninitialized-value Crash state: icalmemorystrdup icalparameternewfromvaluestring icalparseraddline...

OSV-2024-539 Security exception in com.github.javaparser.CommentsInserter.insertComments

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69451 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals com.github.javaparser.Position.equals...

OSV-2024-528 Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69348 Crash type: Security exception Crash state: com.github.javaparser.ast.validator.TreeVisitorValidator.accept com.github.javaparser.ast.expr.FieldAccessExpr.getMetaModel...

OSV-2024-518 Security exception in com.github.javaparser.CommentsInserter.insertComments

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69307 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals com.github.javaparser.Position.equals...

OSV-2024-517 Segv on unknown address in od_ec_dec_init

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68774 Crash type: Segv on unknown address Crash state: odecdecinit aomreaderinit av1decodetgtilesandwrapup...

OSV-2024-504 Heap-buffer-overflow in ultrahdr::getYuv420Pixel

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69101 Crash type: Heap-buffer-overflow READ 1 Crash state: ultrahdr::getYuv420Pixel std::1::function::funcultrahdr::JpegR::applyGainMap ultrahdr::JpegR::applyGainMap...

SUSE CVE-2021-47379

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd KASAN reports a use-after-free report when doing fuzz test: 693354.104835 ================================================================== 693354.105094 BUG:...

OSV-2024-503 Heap-buffer-overflow in pdf_save_viewer_state

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69157 Crash type: Heap-buffer-overflow WRITE 8 Crash state: pdfsaveviewerstate streamtotext pdfopenpage...

UBUNTU-CVE-2021-47476

In the Linux kernel, the following vulnerability has been resolved: comedi: niusb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in...

OSV-2024-496 UNKNOWN READ in chunk_free_object

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68460 Crash type: UNKNOWN READ Crash state: chunkfreeobject gsmemorychunkunwrap gsjmemterm...

OSV-2024-495 UNKNOWN READ in chunk_free_object

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68497 Crash type: UNKNOWN READ Crash state: chunkfreeobject szlibfree inflateEnd...

OSV-2024-493 UNKNOWN READ in chunk_free_object

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68425 Crash type: UNKNOWN READ Crash state: chunkfreeobject streamdctfinalize chunkfreeobject...

CVE-2021-47292

In the Linux kernel, the following vulnerability has been resolved: iouring: fix memleak in ioinitwqoffload I got memory leak report when doing fuzz test: BUG: memory leak unreferenced object 0xffff888107310a80 size 96: comm "syz-executor.6", pid 4610, jiffies 4295140240 age 20.135s hex dump firs...

UBUNTU-CVE-2021-47379

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd KASAN reports a use-after-free report when doing fuzz test: 693354.104835 ================================================================== 693354.105094 BUG:...

CVE-2021-47430 x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n

In the Linux kernel, the following vulnerability has been resolved: x86/entry: Clear X86FEATURESMAP when CONFIGX86SMAP=n Commit 3c73b81a9164 "x86/entry, selftests: Further improve user entry sanity checks" added a warning if AC is set when in the kernel. Commit 662a0221893a3d "x86/entry: Fix AC...

CVE-2021-47292 io_uring: fix memleak in io_init_wq_offload()

In the Linux kernel, the following vulnerability has been resolved: iouring: fix memleak in ioinitwqoffload I got memory leak report when doing fuzz test: BUG: memory leak unreferenced object 0xffff888107310a80 size 96: comm "syz-executor.6", pid 4610, jiffies 4295140240 age 20.135s hex dump firs...