85 matches found
kernel: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...
kernel: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...
kernel: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...
CVE-2023-29261
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139...
CVE-2023-29261
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139...
Information disclosure
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139...
CVE-2023-29261 IBM Sterling Secure Proxy information disclosure
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139...
PT-2023-22227 · Ibm · Ibm Sterling Secure Proxy
Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy versions 6.0.3 through 6.1.0 Description: The issue allows a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. Recommendations...
SAP BusinessObjects Business Intelligence 信息泄露漏洞
SAP BusinessObjects Business IntelligenceSuite is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics and data visualization. An information disclosure vulnerability exists in SAP BusinessObjects...
PT-2023-23605 · Silicon · Silicon Labs Gecko Platform Sdk
Name of the Vulnerable Software and Affected Versions: Silicon Labs Gecko Platform SDK versions prior to 4.2.1 Description: The issue arises from the compiler removal of buffer clearing in the sli crypto transparent aead encrypt tag function, leading to key material duplication to RAM. This resul...
SUSE CVE-2007-6417
The shmemgetpage function mm/shmem.c in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service crash...
ARM mbed TLS 安全漏洞
ARM mbed TLS is a product from ARM UK that provides secure communication and encryption for mbed products. A security vulnerability exists in ARM mbed TLS versions prior to 2.24.0, which stems from a lack of clearing of the plaintext buffer in mbedtlssslread to erase unused application data from...
CVE-2020-24586
The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using...
CVE-2019-3733
RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three 3 different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could potentially exploit this vulnerability to extract informati...
USN-3486-2: Samba vulnerability
USN-3486-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Volker Lendecke discovered that Samba incorrectly cleared memory when returning data to a client. A remote attacker could possibly use this issue to obtain...
[DLA 17-1] tor: new upstream version
Package : tor Version : 0.2.4.23-1deb6u1 The Tor version previously in Debian squeeze, 0.2.2.39, is no longer supported by upstream. This update brings the currently stable version of Tor, 0.2.4.23, to Debian squeeze. Changes include use of stronger cryptographic primitives, always clearing bignu...
FUSE 2.2/2.3 - Local Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13857/info FUSE is susceptible to a local information disclosure vulnerability. This issue is due to a failure of the kernel module to properly clear used memory prior to its reuse. This vulnerability allows malicious loc...
CVE-2011-1162
The tpmread function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command...
CVE-2011-1162
CVE-2011-1162 is a memory-clearing flaw in the Linux kernel 2.6 tpm_read() that can let a local unprivileged user read data from a previous TPM command. The connected advisories (MiracleLinux AXSA entries, Oracle Linux ELSA advisories, and RHSA-2012:0010) explicitly list CVE-2011-1162 among kerne...
CVE-2011-1162
The tpmread function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command...