CVE-2020-25794

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, clone can have a memory-safety issue upon a panic...

CVE-2020-25794

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, clone can have a memory-safety issue upon a panic...

CVE-2020-25794

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, clone can have a memory-safety issue upon a panic...

CVE-2020-25795

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, insertfrom can have a memory-safety issue upon a panic...

Open-Xchange: A specially crafted message sent to the local delivery agent (LMTP) causes the LMTP child process to issue a panic (call i_panic)

Summary Sending a message to the local delivery agent with the number of MIME parts more than the dovecot core threshold of MIME parts results in ipanic. In the case of LMTP server it causes the child to abort connection. I believe that this can be quite problematic, if such a message lands in th...

SUSE SLES15 Security Update : kernel (SUSE-SU-2020:2487-1)

The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-10135: Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may have allowed an...

PT-2020-16211

Name of the Vulnerable Software and Affected Versions sized-chunks crate versions through 0.6.2 Description An issue was discovered in the sized-chunks crate, where the array size is not checked when constructed with unit, pair, or From in the Chunk implementation. Additionally, the Clone and...

PT-2020-16212

Name of the Vulnerable Software and Affected Versions sized-chunks crate versions through 0.6.2 Description An issue was discovered in the sized-chunks crate, where the array size is not checked when constructed with unit and pair in the Chunk implementation. Additionally, the array size is not...

PT-2020-16213

Name of the Vulnerable Software and Affected Versions sized-chunks crate versions through 0.6.2 Description The issue concerns memory safety in the sized-chunks crate for Rust. Specifically, in the Chunk implementation, the array size is not checked when constructed with From, unit, or pair...

FreeBSD : FreeBSD -- SCTP socket use-after-free bug (77b877aa-ec18-11ea-88f8-901b0ef719ab)

Due to improper handling in the kernel, a use-after-free bug can be triggered by sending large user messages from multiple threads on the same socket. Impact : Triggering the use-after-free situation may result in unintended kernel behaviour including a kernel panic. C Tenable Network Security,...

Memory safety issues in `compact::Vec`

compact::Vec contains multiple memory safety issues. 1. It mishandles large capacity and causes out-of-bound access in 32-bit / allocator layout mismatch in 64-bit. 2. remove is not panic-safe and causes double-free when an index larger than the length is provided...

PT-2021-12654 · Freebsd +1 · Freebsd +2

Name of the Vulnerable Software and Affected Versions: FreeBSD versions 11.3-RELEASE through 11.3-RELEASE before p13 FreeBSD versions 11.4-RELEASE through 11.4-RELEASE before p3 FreeBSD versions 12.1-RELEASE through 12.1-RELEASE before p9 FreeBSD versions 11.4-STABLE through 11.4-STABLE before...

FreeBSD -- IPv6 Hop-by-Hop options use-after-free bug

Problem Description: Due to improper mbuf handling in the kernel, a use-after-free bug might be triggered by sending IPv6 Hop-by-Hop options over the loopback interface. Impact: Triggering the use-after-free situation may result in unintended kernel behaviour including a kernel panic...

Western Digital My Cloud Multiple Products < 2.31.193 Multiple Vulnerabilities

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

FreeBSD -- SCTP socket use-after-free bug

Problem Description: Due to improper handling in the kernel, a use-after-free bug can be triggered by sending large user messages from multiple threads on the same socket. Impact: Triggering the use-after-free situation may result in unintended kernel behaviour including a kernel panic...

Oracle Linux 8 : go-toolset:ol8 (ELSA-2020-0329)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0329 advisory. go-toolset 1.12.12-1 - Update for golang package fixes 1.12.12-1 - Bump version to 1.12.12 golang 1.12.12-4.0.1 - from upstream...

Amazon Linux 2 : kernel (ALAS-2020-1480)

The version of kernel installed on the remote host is prior to 4.14.192-147.314. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1480 advisory. 2024-06-19: CVE-2020-14356 was added to this advisory. The Serial Attached SCSI SAS implementation in the Linux...

CVE-2018-1985

IBM Trusteer Rapport/Apex 3.6.1908.22 contains an unused legacy driver which could allow a user with administrator privileges to cause a buffer overflow that would result in a kernel panic. IBM X-Force ID: 154207...

CVE-2018-1985

IBM Trusteer Rapport/Apex 3.6.1908.22 contains an unused legacy driver which could allow a user with administrator privileges to cause a buffer overflow that would result in a kernel panic. IBM X-Force ID: 154207...

Buffer overflow

IBM Trusteer Rapport/Apex 3.6.1908.22 contains an unused legacy driver which could allow a user with administrator privileges to cause a buffer overflow that would result in a kernel panic. IBM X-Force ID: 154207...