36 matches found
SAMSUNG mTower 安全漏洞
SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower version 0.3.0 and prior versions, which stems from a TEEMalloc that allows a trusted application to over-allocate memory by using large len values...
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
ALPINE-CVE-2021-28700
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set. This allow a domain to allocate memory beyond what an administrator originally configured...
CVE-2021-28700
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set. This allow a domain to allocate memory beyond what an administrator originally configured...
UBUNTU-CVE-2021-28700
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set. This allow a domain to allocate memory beyond what an administrator originally configured...
GHSA-773Q-5334-5GF9 Memory over-allocation in evm-core
Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the crate can over-allocate memory when it is not needed, making it possible for an attacker to perform denial-of-service attack. The flaw was corrected in commit 19ade85...
Apache Commons Compress 安全漏洞
Apache Commons Compress is a library for processing compressed files from the Apache USA Foundation. A security vulnerability exists in Apache Commons Compress that stems from the fact that when reading specially designed TAR archives, Compress can allocate a large amount of memory, resulting in ...
CVE-2021-29511
evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the evm crate can over-allocate memory when it is not needed, making it possible for an attacker to perform...
CVE-2021-29511
evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the evm crate can over-allocate memory when it is not needed, making it possible for an attacker to perform...
CVE-2021-29511 Memory over-allocation in evm crate
evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the evm crate can over-allocate memory when it is not needed, making it possible for an attacker to perform...
CVE-2021-29511
CVE-2021-29511 affects the Rust EVM implementation (evm crate). Before the patch in commit 19ade85, certain memory-opcodes using memory::copy_large could cause memory over-allocation, enabling a denial-of-service. Remediation: upgrade evm to >=0.26.1, or to specific newer releases (0.21.1, 0.2...
PT-2021-18262 · Evm · Evm
Name of the Vulnerable Software and Affected Versions: evm versions prior to 0.21.1 evm versions prior to 0.23.1 evm versions prior to 0.24.1 evm versions prior to 0.25.1 evm versions prior to 0.26.1 Description: The issue is related to the execution of specific EVM opcodes that use evm...
RUSTSEC-2021-0066 Denial of service on EVM execution due to memory over-allocation
Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the crate can over-allocate memory when it is not needed, making it possible for an attacker to perform denial-of-service attack. The flaw was corrected in commit 19ade85...
Unspecified Vulnerability in Open Design Alliance Drawings SDK
Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to .dwg and .dgn data through a convenient, object-oriented API, a C++ API, support for repairing files, and support for .NET, JAVA, and Python...
OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
UBUNTU-CVE-2019-9072
An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in setupgroup in elf.c...