10 matches found
Astra Linux - уязвимость в parsec
The vulnerability of the parseoptions function in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
CVE-2024-35366
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...
CVE-2024-35366
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...
CVE-2024-35366
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...
CVE-2024-35366
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...
CVE-2024-35366
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...
CVE-2024-42160
A vulnerability was found in the Linux kernel's f2fs f2fsbuildfaultattr function. A lack of proper input validation of the fault attributes could lead to undefined behavior or system instability and potential memory corruption. Mitigation Mitigation for this issue is either not available or the...
CVE-2024-42160
Summary (CVE-2024-42160): In the Linux kernel, the f2fs subsystem had a validation gap in fault attribute handling. Specifically, fault attrs were not validated in parse_options(), and the patch adds a check in f2fs_build_fault_attr() and switches to using f2fs_build_fault_attr() in __sbi_store()...
CVE-2024-40971
In the Linux kernel, the following vulnerability has been resolved: f2fs: remove clear SBINLINECRYPT flag in defaultoptions In f2fsremount, SBINLINECRYPT flag will be clear and re-set. If create new file or open file during this gap, these files will not use inlinecrypt. Worse case, it may lead t...
OSV-2023-675 Heap-use-after-free in parse_options
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61292 Crash type: Heap-use-after-free WRITE 4 Crash state: parseoptions appendnewoperation parseoptions...