35 matches found
DEBIAN-CVE-2024-56603
In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...
CVE-2024-56606
In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...
The vulnerability of the btrfs component in the Linux operating system’s kernel allows a hacker to gain access to confidential information.
The vulnerability of the btrfs component in the Linux operating system’s kernel is related to the disclosure of information within the initdatacontainer function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...
SUSE CVE-2024-26711
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clkinitdata struct does not have all its members initialized, causing issues when trying to expose the internal clock on the CLK pin. Fix this by zero-initializing the...
CVE-2024-26711
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clkinitdata struct does not have all its members initialized, causing issues when trying to expose the internal clock on the CLK pin. Fix this by zero-initializing the...
DEBIAN-CVE-2024-26711
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clkinitdata struct does not have all its members initialized, causing issues when trying to expose the internal clock on the CLK pin. Fix this by zero-initializing the...
CVE-2024-26711
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clkinitdata struct does not have all its members initialized, causing issues when trying to expose the internal clock on the CLK pin. Fix this by zero-initializing the...
CVE-2024-22009
In initdata of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Pixel Security Breach
Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in the initdata method of the TBD module, which may result in out-of-bounds writes...
Google Pixel Security Breach
Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in the initdata method of the TBD module, which may result in out-of-bounds writes...
PT-2024-19151 · Google · Android +1
Name of the Vulnerable Software and Affected Versions: TBD affected versions not specified Description: The issue is related to a missing bounds check in the init data function, which could lead to a possible out of bounds write. This could result in local escalation of privilege with no addition...
PT-2024-21746 · Google · Android
Name of the Vulnerable Software and Affected Versions: TBD affected versions not specified Description: The issue is related to a possible out of bounds write due to a missing bounds check in the init data function. This could lead to local escalation of privilege with no additional execution...
kernel: regulator: core: Use different devices for resource allocation and DT lookup
In the Linux kernel, the following vulnerability has been resolved: regulator: core: Use different devices for resource allocation and DT lookup Following by the below discussion, there's the potential UAF issue between regulator and mfd...
CVE-2021-45947
Wasm3 0.5.0 has an out-of-bounds write in RuntimeRelease called from EvaluateExpression and InitDataSegments...
4: ovirt-engine exposes cloud-init root password via REST API
It is reported that the RHV 4 REST API exposes data used in cloud-init which can include the root password used when creating a system...