8 matches found
EUVD-2026-38726
In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...
Security Vulnerabilities fixed in Thunderbird 144 — Mozilla
Use-after-free in MediaTrackGraphImpl::GetInstance A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. A compromised web process using malicious IPC messages could have caused the privileged browser process to...
Security Vulnerabilities fixed in Firefox ESR 140.4 — Mozilla
Use-after-free in MediaTrackGraphImpl::GetInstance A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. A compromised web process using malicious IPC messages could have caused the privileged browser process to...
Information Exposure
Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Information Exposure via the SharedMemoryManager::GrowIfNeeded function in the bundled Python backend. An attacker coul...
USN-5975-1 linux-azure vulnerabilities
Updated on 2023-04-11: Please note that when USN 5975-1 was originally published, it incorrectly included the linux-gcp kernel for Ubuntu 16.04 ESM. References to that kernel have been removed from this USN and the correct information for it has been published in USN 6007-1. Original advisory...
SUSE CVE-2020-14059
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list...
USN-5136-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system crash or possibly execute arbitrary code...
USN-5120-1 linux-azure-5.8 vulnerabilities
It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system crash or possibly execute arbitrary code...