PT-2024-14913 · Espressif · Esp32 Ipm Send

Name of the Vulnerable Software and Affected Versions: esp32 ipm send affected versions not specified Description: The issue involves a signed to unsigned conversion in the esp32 ipm send function. This could potentially lead to unexpected behavior or errors. No information is provided about the...

PT-2024-41456 · Gnu +2 · Linux +2

Уязвимость функции tipc udp nl dump remoteip в модуле net/tipc/udp media.c реализации протокола TIPC Transparent Inter Process Communication ядра операционной системы Linux связана с некорректной валидацией полученных данных. Эксплуатация уязвимости может позволить нарушителю получить доступ к...

kernel: denial of service in tipc_conn_close

A data race flaw was found in the Linux kernel, between where con is allocated and con-sock is set. This issue leads to a NULL pointer dereference when accessing con-sock-sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel...

kernel: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer ishtpdev. If ishprobe...

CVE-2023-41036

Macvim is a text editor for MacOS. Prior to version 178, Macvim makes use of an insecure interprocess communication IPC mechanism which could lead to a privilege escalation. Distributed objects are a concept introduced by Apple which allow one program to vend an interface to another program. What...

OESA-2023-1711 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a...

[SECURITY] Fedora 37 Update: pmix-4.1.3-1.fc37

The Process Management Interface PMI has been used for quite some time as a means of exchanging wireup information needed for interprocess communication. Two versions PMI-1 and PMI-2 have been released as part of the MPICH effort. While PMI-2 demonstrates better scaling properties than its PMI-1...

[SECURITY] Fedora 38 Update: pmix-4.1.3-1.fc38

The Process Management Interface PMI has been used for quite some time as a means of exchanging wireup information needed for interprocess communication. Two versions PMI-1 and PMI-2 have been released as part of the MPICH effort. While PMI-2 demonstrates better scaling properties than its PMI-1...

[SECURITY] Fedora 39 Update: pmix-4.1.3-1.fc39

The Process Management Interface PMI has been used for quite some time as a means of exchanging wireup information needed for interprocess communication. Two versions PMI-1 and PMI-2 have been released as part of the MPICH effort. While PMI-2 demonstrates better scaling properties than its PMI-1...

CVE-2023-0627

Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...

USN-6372-1: DBus vulnerability

It was discovered that DBus incorrectly handled certain invalid messages. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service...

PT-2023-27752 · Macvim · Macvim

Name of the Vulnerable Software and Affected Versions: Macvim versions prior to 178 Description: The issue is related to an insecure interprocess communication IPC mechanism in Macvim, a text editor for MacOS. This mechanism could lead to a privilege escalation. Distributed objects, a concept...

USN-6339-3 linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-raspi vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

DEBIAN-CVE-2023-4574

When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable...

Mozilla: Memory corruption in IPC FilePickerShownCallback

The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...

Mozilla: Memory corruption in IPC ColorPickerShownCallback

The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...

Mozilla: Memory corruption in IPC CanvasTranslator

The Mozilla Foundation Security Advisory describes this flaw as: When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash...

Mozilla: Memory corruption in IPC FilePickerShownCallback

The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...

Mozilla: Memory corruption in IPC CanvasTranslator

The Mozilla Foundation Security Advisory describes this flaw as: When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash...

Mozilla: Memory corruption in IPC ColorPickerShownCallback

The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...