RUSTSEC-2025-0032 Safe API can cause heap-buffer-overflow

ffi::nstr should be marked unsafe, since a pointer to a buffer without a trailing 0 value will cause a heap buffer overflow...

The vulnerability of the mlx5e_resume() function in the drivers/net/ethernet/mellanox/mlx5/core/en_main.c kernel of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the mlx5eresume function in the drivers/net/ethernet/mellanox/mlx5/core/enmain.c file of the Linux kernel is related to the passing of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...

Linux Distros Unpatched Vulnerability : CVE-2024-56776

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/sti: avoid potential dereference of error pointers The return value of drmatomicgetcrtcstate needs to be checked. To avoid use of error pointer 'crtcstate' ...

libwebsockets 缓冲区错误漏洞

Libwebsockets is a canonical libwebsockets networking library open-sourced by lws-team. A security vulnerability exists in versions of libwebsockets prior to 4.3.4, which stems from improper pointer manipulation and can lead to out-of-bounds memory accesses...

CVE-2024-57852

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f "firmware: qcom: scm: fix a NULL-pointer dereference" makes it explicit that qcomscmgettzmempool can return NULL, therefore its users should handle this...

UBUNTU-CVE-2022-49436

In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: Fix leaking nvdimmeventsmap elements Right now 'char ' elements allocated for individual 'statid' in 'paprscmpriv.nvdimmeventsmap' during paprscmpmucheckevents, get leaked in paprscmremove and paprscmpmuregister,...

CVE-2022-49714

In the Linux kernel, the following vulnerability has been resolved: irqchip/realtek-rtl: Fix refcount leak in mapinterrupts offindnodebyphandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. This function doesn't call ofnodeput in error path...

CVE-2022-49187 clk: Fix clk_hw_get_clk() when dev is NULL

In the Linux kernel, the following vulnerability has been resolved: clk: Fix clkhwgetclk when dev is NULL Any registered clkcore structure can have a NULL pointer in its dev field. While never actually documented, this is evidenced by the wide usage of clkregister and clkhwregister with a NULL...

CVE-2022-49071 drm/panel: ili9341: fix optional regulator handling

In the Linux kernel, the following vulnerability has been resolved: drm/panel: ili9341: fix optional regulator handling If the optional regulator lookup fails, reset the pointer to NULL. Other functions such as mipidbipoweronresetconditional only do a NULL pointer check and will otherwise...

CVE-2024-56776

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drmatomicgetcrtcstate needs to be checked. To avoid use of error pointer 'crtcstate' in case of the failure...

CVE-2024-56604 Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc btsockalloc attaches allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave the dangling pointer in th...

The vulnerability of the Ivanti Avalanche device management system, related to the swapping of the zero indicator, allows a intruder to trigger a service failure.

The vulnerability of the Ivanti Avalanche device management system is related to the handling of the zero pointer. Exploiting this vulnerability could allow a malicious actor to trigger a service failure remotely...

The vulnerability of the WLAvalancheService method in the Ivanti Avalanche mobile device management system allows a hacker to trigger a service failure.

The vulnerability of the WLAvalancheService method in the Ivanti Avalanche mobile device management system is related to the handling of the zero pointer. Exploiting this vulnerability could allow attackers to trigger a service failure...

kernel: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUGON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the code asserts a BUGON, a...

The vulnerability in the Firefox web browser, related to the improper handling of pointers, allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability in the Firefox web browser is related to the exploitation of an incorrect pointer. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure of the Bluetooth: ISO module to properly handle connection pointers in the isosocktimeout function...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper pointer handling in the drm/amdkfd component during an amdgpubounref call...

The vulnerability of the multimedia platform GPAC, related to the swapping of the zero pointer, allows a perpetrator to trigger a service failure.

The vulnerability of the multimedia platform GPAC is related to the handling of the zero pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the nfsd component in Linux operating systems, related to the assignment of NULL pointers, allows a hacker to trigger a service failure.

The vulnerability of the nfsd component in Linux operating systems is related to the assignment of NULL pointers. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2024-7668 · Siemens · Simatic Cp 1242-7 V2 +11

Name of the Vulnerable Software and Affected Versions: SIMATIC CP 1242-7 V2 incl. SIPLUS variants versions prior to V3.5.20 SIMATIC CP 1243-1 incl. SIPLUS variants versions prior to V3.5.20 SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants versions prior to V3.5.20 SIMATIC CP 1243-1 IEC incl. SIPLUS...