937 matches found
kernel: Linux kernel CXL driver: Use-after-free vulnerability leading to system instability or privilege escalation
A flaw was found in the Linux kernel's CXL driver. This vulnerability, a use-after-free, allows a local user to cause system instability or a denial of service. The issue arises when the cxlparsecfmws function attempts to use memory that has already been released. This could potentially lead to...
The vulnerability in the Firefox web browser relates to improper memory release before deleting the last link, allowing a malicious actor to gain access to confidential data.
The vulnerability in the Firefox web browser relates to the improper release of memory before deleting the last link. Exploiting this vulnerability allows an attacker who operates remotely to gain access to confidential data...
The vulnerability of the IKE daemon (iked) in Juniper Networks’ Junos routers of the MX and SRX series allows a attacker to cause service interruptions.
The vulnerability of the IKE daemon iked in Juniper Networks’ Junos routers of the MX and SRX series involves improper memory release before deleting the last pointer. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the ovs_pcap_open() function in the Open vSwitch software-level switch allows a attacker to cause a service failure.
The vulnerability of the ovspcapopen function in the Open vSwitch multi-level switch device is related to memory release errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the USB HID analyzer used by Wireshark, which is used to analyze computer network traffic, allows a hacker to perform a service denial.
The vulnerability of the USB HID analyzer used by Wireshark for analyzing computer network traffic is related to memory release errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
SUSE CVE-2024-26800
In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and cryptoaeaddecrypt returns -EBUSY, tlsdodecryption will wait until all async decryptions have completed. If one of them fails,...
The vulnerability of the virPCIVirtualFunctionList function in the virtualization management library Libvirt allows a attacker to trigger a service failure.
The vulnerability of the virPCIVirtualFunctionList function in the virtualization management library Libvirt is related to improper memory release before deleting the last reference. Exploiting this vulnerability could allow an attacker to cause a service failure...
PT-2024-3281 · Microsoft · Windows Dns Server +1
Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is related to a memory usage problem after memory release when handling requests. This can allow a remote attacker to execute arbitrary code, affecting the system...
PT-2024-3279 · Microsoft · Windows Dns Server +1
Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is related to a memory usage problem after memory release when handling requests. This can allow a remote attacker to execute arbitrary code, affecting the system...
The vulnerability in the /krb5/src/lib/rpc/pmap_rmt.c component of the Kerberos network protocol allows a attacker to cause a service failure.
The vulnerability in the /krb5/src/lib/rpc/pmaprmt.c component of the Kerberos network protocol is related to memory release errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
The vulnerability in the /libLAS/apps/ts2las.cpp component of the libLAS library, which is used for reading and writing geospatial data. This vulnerability allows a attacker to cause a service failure.
The vulnerability in the /libLAS/apps/ts2las.cpp component of the libLAS library for reading and writing geospatial data is related to memory release errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability in the component /krb5/src/lib/gssapi/krb5/k5sealv3.c of the Kerberos network protocol allows a attacker to induce a service failure.
The vulnerability of the /krb5/src/lib/gssapi/krb5/k5sealv3.c component, which implements the Kerberos network protocol, is related to memory release errors. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the ExtractAttributes function (media_tools/m3u8.c:329) on the multimedia platform GPAC allows a perpetrator to trigger a service failure.
The vulnerability of the ExtractAttributes function mediatools/m3u8.c:329 of the multimedia platform GPAC is related to the lack of memory release after the effective lifespan has ended. Exploiting this vulnerability can allow a malicious actor to cause service failure...
CVE-2024-20845
Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code...
CVE-2024-20845
CVE-2024-20845 describes an out-of-bounds write vulnerability in libsavsac.so when releasing memory, allowing a local attacker to execute arbitrary code. Affected: libsavsac.so prior to SMR Apr-2024 Release 1. Root cause: memory release path triggers out-of-bounds write. Impact: local code execut...
PT-2024-18754 · Unknown · Libsavsac.So
Name of the Vulnerable Software and Affected Versions: libsavsac.so versions prior to SMR Apr-2024 Release 1 Description: The issue is an out-of-bounds write vulnerability that occurs while releasing memory in libsavsac.so. This allows a local attacker to execute arbitrary code. Recommendations:...
ROS-20240402-11
A vulnerability in the Extractattributes component of mediatools/m3u8.c:329 of the GPAC multimedia platform is related to a with a lack of memory release after an effective lifetime. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service A...
The vulnerability of the Golang programming language, related to errors in memory release during RSA encryption/decryption code, allows a hacker to cause a service failure.
The vulnerability of the Golang programming language is related to errors in memory release during RSA encryption/decryption code. Exploiting this vulnerability can allow a remote attacker to cause a service failure using specially created data...
ROS-2-490
2.490 Multiple vulnerabilities of libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
The vulnerability of the drm_bridge_get_edid function in the Meson kernel of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the drmbridgegetedid function in the Meson component of the Linux operating system is related to memory release errors. Exploiting this vulnerability could allow an attacker to cause a service failure...