CVE-2021-47292

In the Linux kernel, the following vulnerability has been resolved: iouring: fix memleak in ioinitwqoffload I got memory leak report when doing fuzz test: BUG: memory leak unreferenced object 0xffff888107310a80 size 96: comm "syz-executor.6", pid 4610, jiffies 4295140240 age 20.135s hex dump firs...

OSV-2024-490 Security exception in com.github.javaparser.CommentsInserter.insertComments

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68929 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals com.github.javaparser.Position.equals...

UBUNTU-CVE-2024-35944

In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy run-time warning in dgdispatchashost Syzkaller hit 'WARNING in dgdispatchashost' bug. memcpy: detected field-spanning write size 56 of single field "&dginfo-msg" at drivers/misc/vmwvmci/vmcidatagram.c:237 size 24...

OSV-2024-477 Heap-buffer-overflow in ultrahdr::gain_map_metadata::decodeGainmapMetadata

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68933 Crash type: Heap-buffer-overflow READ 1 Crash state: ultrahdr::gainmapmetadata::decodeGainmapMetadata ultrahdr::JpegR::decodeJPEGR UltraHdrDecFuzzer::process...

OSV-2024-476 Heap-buffer-overflow in ultrahdr::getYuv420Pixel

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68946 Crash type: Heap-buffer-overflow READ 1 Crash state: ultrahdr::getYuv420Pixel std::1::function::funcultrahdr::JpegR::applyGainMap ultrahdr::JpegR::applyGainMap...

OpenSSL 3.3.0 < 3.3.1 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.3.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.3.1 advisory. - Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the function...

OSV-2024-473 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68940 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/sun.nio.cs.StreamEncoder.implWrite java.base/sun.nio.cs.StreamEncoder.write...

OSV-2024-471 Use-of-uninitialized-value in vpx_codec_peek_stream_info

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68912 Crash type: Use-of-uninitialized-value Crash state: vpxcodecpeekstreaminfo vpxdecfuzzer.cc vpxdecfuzzer.cc...

OSV-2024-465 Security exception in com.drew.imaging.tiff.TiffReader.processIfd

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68845 Crash type: Security exception Crash state: com.drew.imaging.tiff.TiffReader.processIfd java.base/java.lang.Throwable.printStackTrace com.codeintelligence.jazzer.api.Jazzer.guideTowardsEquality...

OSV-2024-456 Heap-buffer-overflow in ih264d_read_coeff4x4_cabac

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66989 Crash type: Heap-buffer-overflow READ 4 Crash state: ih264dreadcoeff4x4cabac ih264dparseresidual4x4cabac ih264dparseimbcabac...

OSV-2024-453 Use-of-uninitialized-value in encode_base64_differential

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68663 Crash type: Use-of-uninitialized-value Crash state: encodebase64differential fuzz-crypto.c...

OSV-2024-450 Use-of-uninitialized-value in ink_filepath_merge

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68468 Crash type: Use-of-uninitialized-value Crash state: inkfilepathmerge layoutrelative Layout::Layout...

OSV-2024-449 Use-of-uninitialized-value in YAML::Stream::Stream

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68461 Crash type: Use-of-uninitialized-value Crash state: YAML::Stream::Stream YAML::Scanner::Scanner YAML::Parser::Load...

OSV-2024-445 Security exception in com.github.javaparser.CommentsInserter.insertComments

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68730 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.lang.String.charAt java.base/sun.invoke.util.Wrapper.hashPrim...

PT-2024-40772 · Git +1 · Pjsip

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of "Use-of-uninitialized-value" as reported by OSS-Fuzz. The crash occurs in the encode base64 differential function...

OSV-2024-440 UNKNOWN READ

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66323 Crash type: UNKNOWN READ Crash state: NULL...

PT-2024-40767 · Git +1 · Jq

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A crash has been reported with a type of UNKNOWN READ and a crash state of NULL, as indicated by an OSS-Fuzz report. Recommendations: At the moment, there is no information about a newe...

OSV-2024-432 Use-of-uninitialized-value in ssl_ctx_make_profiles

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68524 Crash type: Use-of-uninitialized-value Crash state: sslctxmakeprofiles std::1::function::funcLLVMFuzzerTestOneInput::$39, std::1::allocatorL function.h...

OSV-2024-430 Use-of-uninitialized-value in ssl_str_to_group_ids

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68473 Crash type: Use-of-uninitialized-value Crash state: sslstrtogroupids SSLCTXset1groupslist std::1::function::funcLLVMFuzzerTestOneInput::$34, std::1::allocatorL...

OSV-2024-422 Use-of-uninitialized-value in cdc_task

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68505 Crash type: Use-of-uninitialized-value Crash state: cdctask fuzz.cc std::1::basicstring, std::1::allocatorch...