27 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fixed the double-free of the elf header buffer. After the patch provided by b3e34a47f989 “x86/kexec: fix memory leak of elf header buffer”, the use of image-elfheaders in the error path of crashloadsegments is no longe...
CVE-2019-16200
GNU Serveez through 0.2.2 has an Information Leak. An attacker may send an HTTP POST request to the /cgi-bin/reader URI. The attacker must include a Content-length header with a large positive value that, when represented in 32 bit binary, evaluates to a negative number. The problem exists in the...
EUVD-2023-60299
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 "x86/kexec: fix memory leak of elf header buffer", freeing image-elfheaders in the error path of crashloadsegments is not needed because kimagefilepostloadcleanup...
CVE-2023-54146
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 "x86/kexec: fix memory leak of elf header buffer", freeing image-elfheaders in the error path of crashloadsegments is not needed because kimagefilepostloadcleanup...
UBUNTU-CVE-2023-54146
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 "x86/kexec: fix memory leak of elf header buffer", freeing image-elfheaders in the error path of crashloadsegments is not needed because kimagefilepostloadcleanup...
CVE-2023-54146 x86/kexec: Fix double-free of elf header buffer
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 "x86/kexec: fix memory leak of elf header buffer", freeing image-elfheaders in the error path of crashloadsegments is not needed because kimagefilepostloadcleanup...
CVE-2022-50765 RISC-V: kexec: Fix memory leak of elf header buffer
In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xff2000000403d000 size 4096: comm "kexec", pid 146, jiffies 4294900633 age 64.792s hex dump first 32 bytes: 7f 45 4c ...
CVE-2022-50765 RISC-V: kexec: Fix memory leak of elf header buffer
In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xff2000000403d000 size 4096: comm "kexec", pid 146, jiffies 4294900633 age 64.792s hex dump first 32 bytes: 7f 45 4c ...
CVE-2023-53333 netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one Eric Dumazet says: nfconntrackdccppacket has an unique: dh = skbheaderpointerskb, dataoff, sizeofdh, &dh; And nothing more is 'pulled' from the...
CVE-2022-49546
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xffffc900002a9000 size 4096: comm "kexec", pid 14950, jiffies 4295110793 age 373.951s hex dump first 32 bytes: 7f 45 4c 4...
CVE-2022-49546 x86/kexec: fix memory leak of elf header buffer
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xffffc900002a9000 size 4096: comm "kexec", pid 14950, jiffies 4295110793 age 373.951s hex dump first 32 bytes: 7f 45 4c 4...
ARM Mbed OS 安全漏洞
ARM Mbed OS is a suite of open source embedded operating systems dedicated to the Internet of Things from ARM UK. A security vulnerability exists in ARM Mbed OS version 6.16.0, which originates from a buffer overflow triggered by a function that will continue to write to a temporary header buffer...
kernel: x86/kexec: Fix double-free of elf header buffer
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 "x86/kexec: fix memory leak of elf header buffer", freeing image-elfheaders in the error path of crashloadsegments is not needed because kimagefilepostloadcleanup...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2634)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : httpd (EulerOS-SA-2024-1963)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.CVE-2023-38709...
SUSE CVE-2024-36477
In the Linux kernel, the following vulnerability has been resolved: tpmtisspi: Account for SPI header when allocating TPM SPI xfer buffer The TPM SPI transfer mechanism uses MAXSPIFRAMESIZE for computing the maximum transfer length and the size of the transfer buffer. As such, it does not account...
PT-2023-9579 · Libigl · Libigl
Name of the Vulnerable Software and Affected Versions: libigl version 2.5.0 Description: The issue concerns the header parsing that occurs while processing an .off file via the readOFF function. A specially crafted .off file can lead to a stack-based buffer overflow. An attacker can provide a...
GSD-2023-1000866 x86/kexec: Fix double-free of elf header buffer
x86/kexec: Fix double-free of elf header buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...
GSD-2023-1000450 RISC-V: kexec: Fix memory leak of elf header buffer
RISC-V: kexec: Fix memory leak of elf header buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...
GSD-2023-1000392 x86/kexec: Fix double-free of elf header buffer
x86/kexec: Fix double-free of elf header buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.19 by commit...