6 matches found
CVE-2024-50206
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix memory corruption during fq dma init The loop responsible for allocating up to MTKFQDMALENGTH buffers must only touch as many descriptors, otherwise it ends up corrupting unrelated memory. Fix the lo...
NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration
Talos Vulnerability Report TALOS-2024-2013 NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration October 23, 2024 CVE Number CVE-2024-0118 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D...
Unbounded Loop
Lines of code Vulnerability details 🎨 Category Denial of Service 💥 Impact If the number of tokensReceived gets too big, the transaction's gas cost could exceed the block gas limit and make it impossible to call previewRedeem at all. 📝 Proof of Concept previewRedeem function iterates over all...
CVE-2018-20187
A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an unblinded...
CVE-2018-20187
A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an unblinded...
Code injection
The compatiret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service large loop and system hang via a hypercalliret call with EFLAGS.VM set...