9 matches found
CLSA-2026-1778148827 nghttp2: Fix of CVE-2023-35945
CVE-2023-35945: fix memory leak in nghttp2sessionmemsendinternal when onstreamclosecallback returns a fatal error during send-failure handling...
Envoy's global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly
Summary At the rate limit filter, if we enabled the response phase limit with applyonstreamdone in the rate limit configuration and the response phase limit request fails directly, it may crash Envoy. Details When both the request phase limit and response phase limit are enabled, the safe gRPC...
GHSA-C23C-RP3M-VPG3 Envoy's global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly
Summary At the rate limit filter, if we enabled the response phase limit with applyonstreamdone in the rate limit configuration and the response phase limit request fails directly, it may crash Envoy. Details When both the request phase limit and response phase limit are enabled, the safe gRPC...
DEBIAN-CVE-2022-2526
A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...
CVE-2022-2526
A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...
systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c
A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...
systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c
A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...
systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c
A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...
Vulnerabilities of the functions on_stream_io(), dns_stream_complete() in the resolved-dns-stream.c component of the initialization and service management subsystem of the Systemd-based Linux operating systems, allowing a hacker to execute arbitrary code or cause service failures.
The vulnerabilities of the onstreamio and dnsstreamcomplete functions in the resolved-dns-stream.c component of the initialization and service management subsystem of the Systemd-based Linux operating systems are related to the use of memory after it is freed. Exploiting these vulnerabilities cou...