1901 matches found
Libde265 安全漏洞
Libde265 is a German h.265 video codec. A security vulnerability exists in Libde265 version v1.0.12, which originates from a denial of service when the allocation size exceeds the maximum supported 0x10000000000...
CVE-2023-51792
Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000...
CVE-2023-51792
CVE-2023-51792 corresponds to a buffer overflow in libde265 v1.0.12. The issue allows a local attacker to cause a denial of service by triggering an allocation size overflow beyond 0x10000000000. The CRITICAL root cause is not elaborated beyond the overflow, and no public exploit details are prov...
CVE-2023-51792
Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000...
SUSE CVE-2024-26818
In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mountpoint var size clang is reporting this warning: $ make HOSTCC=clang CC=clang LLVMIAS=1 ... clang -O -g -DVERSION="6.8.0-rc3" -flto=auto -fexceptions -fstack-protector-strong...
DEBIAN-CVE-2024-26818
In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mountpoint var size clang is reporting this warning: $ make HOSTCC=clang CC=clang LLVMIAS=1 ... clang -O -g -DVERSION="6.8.0-rc3" -flto=auto -fexceptions -fstack-protector-strong...
kernel: out-of-bounds write in qfq_change_class function
An out-of-bounds memory access flaw was found in the Linux kernel’s traffic control QoS subsystem in how a user triggers the qfqchangeclass function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on t...
sqlparse parsing heavily nested list leads to Denial of Service
Summary Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError. Details + PoC Running the following code will raise Maximum recursion limit exceeded exception: py import sqlparse sqlparse.parse'' 10000 + '' 10000 We expect a traceback of RecursionError:...
SUSE CVE-2024-26768
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Change acpicorepicNRCPUS to acpicorepicMAXCOREPIC With default config, the value of NRCPUS is 64. When HW platform has more then 64 cpus, system will crash on these platforms. MAXCOREPIC is the maximum cpu number in MA...
CVE-2024-31287 WordPress Media Library Folders plugin <= 8.1.8 - Directory Traversal vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Max Foundry Media Library Folders.This issue affects Media Library Folders: from n/a through 8.1.8...
SUSE CVE-2024-26675
In the Linux kernel, the following vulnerability has been resolved: pppasync: limit MRU to 64K syzbot triggered a warning 1 in allocpages: WARNONONCEGFPorder MAXPAGEORDER, gfp Willem fixed a similar issue in commit c0a2a1b0d631 "ppp: limit MRU to 64K" Adopt the same sanity check for...
AZL-39232 CVE-2023-45288 affecting package kata-containers for versions less than 3.2.0.azl2-1
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...
AZL-38569 CVE-2023-45288 affecting package docker-compose for versions less than 2.27.0-1
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...
DEBIAN-CVE-2024-26768
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Change acpicorepicNRCPUS to acpicorepicMAXCOREPIC With default config, the value of NRCPUS is 64. When HW platform has more then 64 cpus, system will crash on these platforms. MAXCOREPIC is the maximum cpu number in MA...
CVE-2024-26692
In the Linux kernel, the following vulnerability has been resolved: smb: Fix regression in writes when non-standard maximum write size negotiated The conversion to netfs in the 6.3 kernel caused a regression when maximum write size is set by the server to an unexpected value which is not a multip...
CVE-2024-26692 smb: Fix regression in writes when non-standard maximum write size negotiated
In the Linux kernel, the following vulnerability has been resolved: smb: Fix regression in writes when non-standard maximum write size negotiated The conversion to netfs in the 6.3 kernel caused a regression when maximum write size is set by the server to an unexpected value which is not a multip...
CVE-2024-26692
In the Linux kernel, the following vulnerability has been resolved: smb: Fix regression in writes when non-standard maximum write size negotiated The conversion to netfs in the 6.3 kernel caused a regression when maximum write size is set by the server to an unexpected value which is not a multip...
CVE-2024-26692 smb: Fix regression in writes when non-standard maximum write size negotiated
In the Linux kernel, the following vulnerability has been resolved: smb: Fix regression in writes when non-standard maximum write size negotiated The conversion to netfs in the 6.3 kernel caused a regression when maximum write size is set by the server to an unexpected value which is not a multip...
CVE-2024-26692 smb: Fix regression in writes when non-standard maximum write size negotiated
In the Linux kernel, the following vulnerability has been resolved: smb: Fix regression in writes when non-standard maximum write size negotiated The conversion to netfs in the 6.3 kernel caused a regression when maximum write size is set by the server to an unexpected value which is not a multip...
UBUNTU-CVE-2024-26675
In the Linux kernel, the following vulnerability has been resolved: pppasync: limit MRU to 64K syzbot triggered a warning 1 in allocpages: WARNONONCEGFPorder MAXPAGEORDER, gfp Willem fixed a similar issue in commit c0a2a1b0d631 "ppp: limit MRU to 64K" Adopt the same sanity check for...