CVE-2019-1392

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'...

CVE-2019-1121

A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124,...

CVE-2019-1448

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'...

UBUNTU-CVE-2023-53074

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix ttmbo calltrace warning in psphwfini The call trace occurs when the amdgpu is removed after the mode1 reset. During mode1 reset, from suspend to resume, there is no need to reinitialize the ta firmware buffer whic...

CVE-2021-47657 drm/virtio: Ensure that objs is not NULL in virtio_gpu_array_put_free()

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree If virtiogpuobjectshmeminit fails e.g. due to fault injection, as it happened in the bug report by syzbot, virtiogpuarrayputfree could be called with objs equal to...

kernel: drm/radeon: check bo_va->bo is non-NULL before using it

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check bova-bo is non-NULL before using it The call to radeonvmclearfreed might clear bova-bo, so we have to check it before dereferencing it...

DEBIAN-CVE-2024-46867

In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: fix deadlock in showmeminfo There is a real deadlock as well as sleeping in atomic bug in here, if the bo put happens to be the last ref, since bo destruction wants to grab the same spinlock and sleeping locks. Fix...

SUSE CVE-2024-43867

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveauboref on a nouveaubo without initializing it and hence the backing ttmbo leads to a refcount underflow. Instead of calling nouveauboref in the unwind path of...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM during probe of Qualcomm PCIe controllers as reported by lockdep CVE-2024-26605 In the...

UBUNTU-CVE-2023-52883

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible null pointer dereference abo-tbo.resource may be NULL in amdgpuvmboupdate...

CVE-2024-26900

A memory leak flaw was found in rdev-serial in the Linux kernel. This issue may lead to a crash...

CVE-2024-26912

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix several DMA buffer leaks Nouveau manages GSP-RM DMA buffers with nvkmgspmem objects. Several of these buffers are never dealloced. Some of them can be deallocated right after GSP-RM is initialized, but the rest...

Ubuntu 23.10 : Linux kernel (GCP) vulnerabilities (USN-6537-1)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6537-1 advisory. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged...

SUSE CVE-2020-0603

A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'...

kernel: drm/virtio: improper return value check in virtio_gpu_object_shmem_init()

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...

The vulnerability of the Windows Installer component on Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Windows Installer component in Windows operating systems is related to errors in the memory object handling mechanisms. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Win32k.sys component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

PT-2023-2695 · Microsoft · Windows Installer +1

Name of the Vulnerable Software and Affected Versions: Windows Installer affected versions not specified Description: The issue is related to errors in memory object handling mechanisms in the Windows Installer component of Windows operating systems. This can allow an attacker to elevate their...

CVE-2022-47529

Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protectio...

SUSE CVE-2019-1374

An information disclosure vulnerability exists in the way Windows Error Reporting WER handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'...