The vulnerability of the mod_proxy_http function in the Apache HTTP Server, related to pointer arithmetic errors, allows attackers to cause service interruptions.

The vulnerability of the modproxyhttp function in the Apache HTTP Server is related to pointer arithmetic errors. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

Side-channel Attack

kernel is vulnerable to side-channel attack. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory...

The vulnerability of the communication standard set for IEEE 802.11 by the computer network traffic analyzer Wireshark allows a hacker to cause a service failure.

The vulnerability of the IEEE 802.11 communication standard set for computer network traffic analyzers like Wireshark is related to pointer arithmetic errors. Exploiting this vulnerability allows a malicious actor to cause service interruptions by injecting specially crafted packets...

RHEL 8 : kernel-rt (RHSA-2021:4140)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4140 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier

A flaw was found in kernel/bpf/verifier.c in BPF in the Linux kernel. An incorrect limit is enforced for pointer arithmetic operations which can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation. The highest threat from this vulnerability ...

kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier

A flaw was found in kernel/bpf/verifier.c in BPF in the Linux kernel. An incorrect limit is enforced for pointer arithmetic operations which can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation. The highest threat from this vulnerability ...

kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory

A vulnerability was discovered in retrieveptrlimit in kernel/bpf/verifier.c in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads Spectre mitigation. In this flaw a local, special user privileged CAPSYSADMIN BPF program running on affected systems may bypass the protection,...

The vulnerability of the tjInitDecompress() function in the libjpeg-turbo image processing library allows a attacker to compromise the accessibility of protected information.

The vulnerability of the tjInitDecompress function in the libjpeg-turbo image processing library is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information by consuming excessive memory resources...

The vulnerability of the decompression function Dwa in the IlmImf software library for storing images in OpenEXR format, which has a wide dynamic range of brightness levels. This vulnerability is related to pointer arithmetic errors, allowing attackers to cause service interruptions.

The vulnerability of the decompression function in the Dwa library of the OpenEXR image storage software for images with wide dynamic ranges is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause service interruptions...

The vulnerability of the Apache HTTP Server’s web server, related to pointer arithmetic errors, allows attackers to cause service interruptions.

The vulnerability of the Apache HTTP Server is related to pointer arithmetic errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the syntactic analyzer in the mac80211 subsystem of the Linux operating system’s kernel allows a perpetrator to trigger a service failure due to pointer arithmetic errors.

The vulnerability of the syntactic analyzer in the mac80211 subsystem of the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker to cause a service failure by injecting a 802.11a frame...

The vulnerability of the Linux kernel driver in Nitro Enclaves, related to pointer arithmetic errors, allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Linux kernel driver in Nitro Enclaves is related to errors in pointer assignment when closing file descriptors for enclaves. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of the avahi_s_host_name_resolver_start function in the Avahi service discovery system in local networks allows a attacker to trigger a service failure. This vulnerability is related to pointer arithmetic errors.

The vulnerability of the avahishostnameresolverstart function in the Avahi service discovery system in local networks is related to pointer arithmetic errors. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the lzo_decompress_buf function in the stream.c component of the Lrzip compression algorithm, related to pointer arithmetic errors, allows a hacker to cause a service failure.

The vulnerability of the lzodecompressbuf function in the stream.c component of the Lrzip compression program is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure by using a specially created compressed file...

The vulnerability of the ucompthread function in the stream.c component of the Lrzip compression program, related to pointer arithmetic errors, allows a malicious actor to cause a service failure.

The vulnerability of the ucompthread function in the stream.c component of the Lrzip compression program is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure through the use of a specially created compressed file...

The vulnerability of the Bash command shell, related to pointer arithmetic errors, allows attackers to compromise data integrity and cause service failures.

The vulnerability of the Bash command shell is related to errors due to incorrect command sequencing. Exploiting this vulnerability allows a remote attacker to compromise data integrity and cause service failures...

Privilege Escalation

kernel is vulnerable to Privilege Escalation. An out-of-bounds read and write in kernel/bpf/verifier.c due to incorrect limits enforcement for pointer arithmetic operations can be abused to escalate privileges to root...

The vulnerability of the FreeBSD operating systems, related to pointer arithmetic errors, allows attackers to cause an application to terminate abnormally.

The vulnerability of the FreeBSD operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause an application to terminate abnormally...

The vulnerability of the Apache HTTP Server’s web server, related to pointer arithmetic errors, allows attackers to cause an unexpected termination of the application.

The vulnerability of the Apache HTTP Server is related to pointer arithmetic errors. Exploiting this vulnerability can allow a malicious actor to cause an unexpected termination of the application remotely...

The vulnerability of the sanei_epson_net_read component of the interface that provides access to SANE image scanning devices is related to pointer arithmetic errors, which allow an attacker to cause a service failure.

The vulnerability of the saneiepsonnetread component of the interface that provides access to SANE image scanning devices is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...