5 matches found
Tech-ASan: Two-Stage Check for Address Sanitizer
Address Sanitizer ASan is a sharp weapon for detecting memory safety violations, including temporal and spatial errors hidden in C/C++ programs during execution. However, ASan incurs significant runtime overhead, which limits its efficiency in testing large software. The overhead mainly comes fro...
Double Free
Overview Affected versions of this package are vulnerable to Double Free due to improper loop checks in the poolfree function, which is part of the pool series allocator alongside poolmalloc and poolrealloc. An attacker can execute arbitrary code remotely by exploiting this flaw. PoC c include...
libxml2: stack exhaustion while parsing xml files in recovery mode
Missing recursive loop detection checks were found in the xmlParserEntityCheck and xmlStringGetNodeList functions of libxml2, causing application using the library to crash by stack exhaustion while building the associated data. An attacker able to send XML data to be parsed in recovery mode coul...
kernel: potential kernel deadlock when creating circular epoll file structures
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for 1 closed loops or 2 deep chains, which allows local users to cause a denial of service deadlock or stack memory consumption via a crafted application tha...
kernel: potential kernel deadlock when creating circular epoll file structures
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for 1 closed loops or 2 deep chains, which allows local users to cause a denial of service deadlock or stack memory consumption via a crafted application tha...