ROS-20260430-73-0011

Vulnerability in golang related to incorrect reference definition before accessing a file. Exploitation of the vulnerability may allow an attacker to escalate his privileges...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect reference when adjusting the of the time management mechanism. This could lead to...

GHSA-W87R-VG9Q-CRQM zx Uses Incorrectly-Resolved Name or Reference

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect reduction of reference counts on the wrong path, which could lead to permanent locking of...

NASA Interplanetary Overlay Network 安全漏洞

NASA Interplanetary Overlay Network is a NASA implementation of a Delay/Disruption Tolerant Network DTN. A security vulnerability exists in NASA Interplanetary Overlay Network BPv7 version 4.1.3, which originates when a packet is received with an incorrect reference to the imc scheme that has a...

ROS-20240704-09

Vulnerability of the chronyd daemon implementation of Network Time Protocol NTP Chrony is related to incorrect reference definition before accessing a file in /var/run/chrony directory. Exploitation the vulnerability could allow an attacker to cause a denial of service by using a specially crafte...

CVE-2024-26957

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...

CVE-2024-26957 s390/zcrypt: fix reference counting on zcrypt card objects

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...

CVE-2024-26957

CVE-2024-26957 relates to the Linux kernel’s s390/zcrypt subsystem, where reference counting on zcrypt card objects was fixed to prevent a use-after-free of the zcrypt_card during hot-plug/probe/remove cycles. The issue could allow freeing a zcrypt card object while it is still in use, as demonst...

CVE-2024-26957 s390/zcrypt: fix reference counting on zcrypt card objects

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...

Use-After-Free

Firefox and Thunderbird are vulnerable to a use-after-free vulnerability. The vulnerability is due to incorrect reference counting, where assigning an AlignedBuffer to itself can lead to an incorrect reference count and subsequent use-after-free...

CVE-2024-3861

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

PT-2024-3939 · Microsoft · Azure Monitor Agent

Name of the Vulnerable Software and Affected Versions: Azure Monitor Agent affected versions not specified Description: The issue is related to an incorrect reference count before accessing a file, which can be exploited to elevate privileges using a specially crafted link. Recommendations: At th...

PT-2024-2889 · Microsoft · Azure Monitor Agent

Name of the Vulnerable Software and Affected Versions: Azure Monitor Agent affected versions not specified Description: The issue is related to an incorrect reference count before accessing a file, which can be exploited to elevate privileges. Recommendations: At the moment, there is no informati...

K42745412: Linux kernel vulnerability CVE-2020-25221

Security Advisory Description getgatepage in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting caused by gate page mishandling of the struct page that backs the vsyscall page. The result is a refcount underflow. This can ...

CVE-2020-25221

getgatepage in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting caused by gate page mishandling of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit...

CentOS Update for squid CESA-2016:1138 centos6

Check the version of squid SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882497";...