1177 matches found
thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker is able to perform memory corruption in the GMP process which process encrypted media. This process is also heavily sandboxed, but represents slightly different...
rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access
...
Linux Distros Unpatched Vulnerability : CVE-2018-19876
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cairo 1.16.0, in cairoftapplyvariations in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an...
Linux Distros Unpatched Vulnerability : CVE-2021-45261
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Invalid Pointer vulnerability exists in GNU patch 2.7 via the anotherhunk function, which causes a Denial of Service. CVE-2021-45261 Note that Nessus relies ...
Linux Distros Unpatched Vulnerability : CVE-2019-20632
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gfodfdeletedescriptor in...
thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker is able to perform memory corruption in the GMP process which process encrypted media. This process is also heavily sandboxed, but represents slightly different...
thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker is able to perform memory corruption in the GMP process which process encrypted media. This process is also heavily sandboxed, but represents slightly different...
thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker is able to perform memory corruption in the GMP process which process encrypted media. This process is also heavily sandboxed, but represents slightly different...
Linux Distros Unpatched Vulnerability : CVE-2020-36224
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...
Linux Distros Unpatched Vulnerability : CVE-2025-38092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use...
AZL-65714 CVE-2025-38456 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: ipmi:msghandler: Fix potential memory corruption in ipmicreateuser The "intf" list iterator is an invalid pointer if the correct "intf-intfnum" is not found. Calling atomicdec&intf-nrusers on and invalid pointer will lead to memo...
CVE-2025-38456
CVE-2025-38456 concerns Linux kernel ipmi:msghandler memory corruption in ipmi_create_user(). The bug is triggered when the ipmi interface iterator (intf) pointer is invalid (correct intf_num not found); calling atomic_dec on this invalid pointer can corrupt memory. A fix updates the intf path (i...
CVE-2025-38456 ipmi:msghandler: Fix potential memory corruption in ipmi_create_user()
In the Linux kernel, the following vulnerability has been resolved: ipmi:msghandler: Fix potential memory corruption in ipmicreateuser The "intf" list iterator is an invalid pointer if the correct "intf-intfnum" is not found. Calling atomicdec&intf-nrusers on and invalid pointer will lead to memo...
CVE-2025-38433
In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...
PT-2025-30840 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The runtime fixup 32 function does not correctly handle cases where val is zero, potentially leading to an invalid pointer and a kernel panic when accessing it. This occurs because the...
CVE-2025-38328
In the Linux kernel, the following vulnerability has been resolved: jffs2: check jffs2preallocrawnoderefs result in few other places Fuzzing hit another invalid pointer dereference due to the lack of checking whether jffs2preallocrawnoderefs completed successfully. Subsequent logic implies that t...
CVE-2025-38328 jffs2: check jffs2_prealloc_raw_node_refs() result in few other places
In the Linux kernel, the following vulnerability has been resolved: jffs2: check jffs2preallocrawnoderefs result in few other places Fuzzing hit another invalid pointer dereference due to the lack of checking whether jffs2preallocrawnoderefs completed successfully. Subsequent logic implies that t...
CVE-2025-38266
CVE-2025-38266 affects the Linux kernel pinctrl/mediatek EINT path. The root cause was an invalid dereference: a function (mtk_eint_do_init) could be called with a version of struct mtk_pinctrl that lacks the required soc field when using v1 drivers, leading to a potential crash on certain boards...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an invalid pointer dereference issue in pinctrl-mediatek, which could cause a system crash...
PT-2025-28986 · Mediatek +1 · Mt8365 +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: This issue involves an invalid pointer dereference in the pinctrl: mediatek: eint subsystem for platforms using version 1 of the common driver. A commit introduced access to the soc...