CVE-2022-50357

CVE-2022-50357 concerns the Linux kernel’s USB dwc3 core. The vulnerability arises in the dwc3_get_properties() path where the code does: dwc->usb_psy = power_supply_get_by_name(usb_psy_name); and, on error, there is insufficient cleanup on those paths, allowing leaks. Several connected adviso...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect handling of error paths in the dwc3getproperties function, which could lead to a memory leak...

freetype: integer overflow in pcf_get_properties() leading to NULL pointer dereference

Off-by-one error in the pcfgetproperties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PCF file with a 0xffffffff size value that is improperly incremented...

FreeType 'pcf_get_properties' Denial of Service Vulnerability

FreeType is a library of popular font functions. A denial of service vulnerability exists in FreeType 'pcfgetproperties' that allows remote attackers to launch a denial of service attack by crafting a PCF file...