golang: crypto/elliptic: panic caused by oversized scalar

An integer overflow flaw was found in Golang's crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256.ScalarMult or P256.ScalarBaseMult to panic, leading to a loss of availability...

UBUNTU-CVE-2022-28327

The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input...

CVE-2021-31400

An issue was discovered in tcppulloutofband in tcpin.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap...

etcd: Large slice causes panic in decodeRecord method

A flaw was found In etcd, where a large slice causes panic in the decodeRecord method. The size of a record is stored in the length field of a WAL file, and no additional validation is performed on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionall...

CVE-2021-25907

An issue was discovered in the containers crate before 0.9.11 for Rust. When a panic occurs, a util::mutate,mutate2 double drop can be performed...

containers crate before for Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust prior to 0.9.11, which stems from double line deletion by a util::mutate,mutate2 when panic occurs. No details of the vulnerability are provided at this time...

CVE-2019-20426

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlmcancelhpreqcheck, there is no lockcount bounds check...

UBUNTU-CVE-2019-20429

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic via a modified lmbufcount field due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpcsvcunwraprequest and lustremsghdrsizev2...

UBUNTU-CVE-2019-20425

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustremsgstring, there is no validation of a certain length value derived from lustremsgbuflenv2...

DEBIAN-CVE-2014-3687

The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service panic via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter...

PT-2012-3991 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.4.5 Description: The issue is related to the improper use of the Page Middle Directory PMD when Physical Address Extension PAE is enabled on the x86 platform. This can lead to a denial of service panic via a...

Linux Kernel NetFilter SCTP Unknown Chunk Types Denial of Service (CVE-2007-2876)

Linux is a popular open-source operating system in which the kernel and other programs related to the operating systems are developed by a group of volunteers. The Linux kernel supports a packet filtering framework known as Netfilter. Netfilter is used to monitor, inspect, manipulate network...