Excessive grant frame usage in Windows xenbus drivers after version 9.1.3

A VM with 2 VBD, 8 vCPUs, 7 VIFs may consume over 90 grant tables, but ONLY consume 26grant tables when running with xen PV driver version 9.1.2. It will lead to virtual NIC initialization failure issue after Windows VM startup. Device manager shows NICs are notinitialized: Setupapi.log : Device...

Double free

In closef of labelbackendsandroid.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User...

kernel: double free in bluetooth subsystem when the HCI device initialization fails

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system...

GSD-2021-1001708 KVM: x86: Handle SRCU initialization failure during page track init

KVM: x86: Handle SRCU initialization failure during page track init This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.10 by commit...

UVI-2021-1001635 KVM: x86: Handle SRCU initialization failure during page track init

KVM: x86: Handle SRCU initialization failure during page track init This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.71 by commit...

PT-2024-11293 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A slab-out-of-bounds issue has been resolved in the Linux kernel. The issue was observed while running self-tests on a KASAN enabled kernel, where a slab-out-of-bounds splat was...

CVE-2021-21589

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 do not exit on failed Initialization. A local authenticated Service user could potentially exploit this vulnerability to escalate privileges...

DELL Dell EMC Unity和UnityVSA 安全漏洞

DELL Dell EMC Unity and UnityVSA are both products of Dell DELL Corporation, U.S.A. Dell EMC Unity is a unified storage array product.UnityVSA is a set of virtual Unity storage environments. A security vulnerability exists in Dell EMC Unity, Unity XT, and UnityVSA that stems from Dell EMC Unity,...

PT-2021-8032 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.18-53-default 1 SLE15-SP3 Description: The vulnerability is related to a double free of the blk mq tag set in the device-mapper table for a request-based mapped device. When the allocation/initialization of...

CVE-2020-1419

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1389, CVE-2020-1426...

Juniper Networks Junos OS Denial of Service Vulnerability (CNVD-2020-22960)

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS PTX1000 Series, PTX10000 Series, and QFX10000 Series, which i...

CVE-2018-9511

CVE-2018-9511 affects Android 9.0 and relates to ipSecSetEncapSocketOwner in XfrmController.cpp. The issue is a potential failure to initialize a security feature due to uninitialized data, which could enable local denial of service (DoS) on IPsec sockets without additional privileges or user int...

ImageMagick Information Disclosure Vulnerability (CNVD-2017-07513)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. An information disclosure vulnerability exists in versions of ImageMagick prior to 7.0.5-2, which stems from the failu...

UBUNTU-CVE-2016-6836

The vmxnet3completepacket function in hw/net/vmxnet3.c in QEMU aka Quick Emulator allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcqdescr object...

Microsoft Chakra ArrayBuffer.transfer Uninitialized Buffer Information Leak Vulnerability

This vulnerability allows remote attackers to leak sensitive information on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

Foxit Reader Pattern Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PDF...

BSOD with Error: "STOP 0x0000007E and CVhdMp.sys Error: BNIStack failed, network stack could not be initialized"

When attempting to boot Vdisks from Target device a BSOD occurs with the following message: STOP" 0x0000007E and CVhdMp.sys Error: BNIStack failed, network stack could not be initialized...

Design/Logic Flaw

The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service initialization failure and exit...

OpenJDK remote LDAP Denial-Of-Service (6717680)

LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier does not close the connection when initialization fails, which allows remote attackers to cause ...

OpenJDK remote LDAP Denial-Of-Service (6717680)

LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier does not close the connection when initialization fails, which allows remote attackers to cause ...