SUSE CVE-2023-53161

The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic...

Improper Handling of Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions via the BeginBlocker process in the x/distribution module. An attacker can cause the blockchain to halt by sending transactions with fees denominated in a currency other than the expected nati...

GHSA-4P46-PWFR-66X6 Some AES functions may panic when overflow checking is enabled in ring

ring::aead::quic::HeaderProtectionKey::newmask may panic when overflow checking is enabled. In the QUIC protocol, an attacker can induce this panic by sending a specially-crafted packet. Even unintentionally it is likely to occur in 1 out of every 232 packets sent and/or received. On 64-bit targe...

UBUNTU-CVE-2024-49927

In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irqpinlist -1,0,20 Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an error injected into the f2fsisvalidblkaddr function, where the verifyblkaddr function will trigger a pani...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a panic when a valid fdt is not found by the efi/fdt module...

golang: crypto/tls: panic when processing post-handshake message on QUIC connections

A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic...

golang: crypto/tls: panic when processing post-handshake message on QUIC connections

A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic...

golang: crypto/tls: panic when processing post-handshake message on QUIC connections

A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic...

DEBIAN-CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

PT-2023-9742 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version that includes the fix for the f2fs reference count leak Description: The issue is related to a reference count leak in the f2fs component of the Linux kernel. During the f2fs put super function, a...

CVE-2023-36307

ZPLGFA 1.1.1 allows attackers to cause a panic because of an integer index out of range during a ConvertToGraphicField call via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence...

SUSE CVE-2023-24535

Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...

CVE-2023-34411

The xml-rs crate before 0.8.14 for Rust and Crab allows a denial of service panic via an invalid...

Rekor 安全漏洞

Rekor is open source software that provides an immutable, tamper-proof ledger for metadata generated in the supply chain of software projects. A security vulnerability exists in Rekor versions prior to v1.2.0, which stems from ntoto/v0.0.2 A type error may cause a panic in a thread in the Rekor...

PT-2025-40198

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the handling of stack protectors during the boot process. Specifically, the issue arises from discrepancies in the stack canary values when...

DEBIAN-CVE-2022-41724

Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session...

SUSE CVE-2010-4668

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service panic via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix f...

SUSE CVE-2021-39293

In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header falsely designating that many files are present can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196...

golang: crypto/elliptic: panic caused by oversized scalar

An integer overflow flaw was found in Golang's crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256.ScalarMult or P256.ScalarBaseMult to panic, leading to a loss of availability...