CVE-2024-26799

A vulnerability was found in the Qualcomm ASoC ALSA System on Chip driver for the Linux kernel, where an uninitialized pointer dmactl could be used in certain conditions. This issue occurs when an invalid driver ID daiid is encountered, leading to potential use of uninitialized memory. Mitigation...

CVE-2024-26747 usb: roles: fix NULL pointer issue when put module's reference

In the Linux kernel, the following vulnerability has been resolved: usb: roles: fix NULL pointer issue when put module's reference In current design, usb role class driver will get usbroleswitch parent's module reference after the user get usbroleswitch device and put the reference after the user...

CVE-2024-26625 llc: call sock_orphan() at release time

In the Linux kernel, the following vulnerability has been resolved: llc: call sockorphan at release time syzbot reported an interesting trace 1 caused by a stale sk-skwq pointer in a closed llc socket. In commit ff7b11aa481f "net: socket: set sock-sk to NULL after calling protoops::release" Eric...

Denial Of Service (DOS)

ethabi is vulnerable to a recursive Denial of Service. The vulnerability is due to a recursive pointer issue, specifically related to handling deeply nested array structures in payloads, An attacker can trigger an OverflowError by creating a Python integer too large to convert...

eth-abi is vulnerable to recursive DoS

This is related to recent ZST stuff https://github.com/ethereum/eth-abi/security/advisories/GHSA-rqr8-pxh7-cq3g, but it's a different one. Basically a recursive pointer issue py from ethabi import decode payload =...

CVE-2021-47013

In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emacmactxbufsend In emacmactxbufsend, it calls emactxfilltpd..,skb,... If some error happens in emactxfilltpd, the skb will be freed via devkfreeskbskb in error branch of emactxfilltpd...

CVE-2021-46926

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: harden detection of controller The existing code currently sets a pointer to an ACPI handle before checking that it's actually a SoundWire controller. This can lead to issues where the graph walk...

PT-2024-20809 · Open Robotics · Ros2 +1

Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating Sytstem 2 ROS2 and Nav2 humble versions Description: A NULL pointer dereference issue was discovered via the isCurrent function at /src/layered costmap.cpp. This issue affects the navigation capabilities of the...

Mouse pointer in Citrix session shifted

When using Citrix Published virtual apps on a setup with 3 monitors with a resolution of "2560x1440" each and one of them is in portrait mode, the mouse pointer is shifted in the app and it is not possible to use it correctly. The mouse pointer appears to be about 5cm next to where it is shown on...

CVE-2023-45667 Null pointer dereference because of an uninitialized variable in stb_image

stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...

SUSE-SU-2023:2692-1 Security update for iniparser

This update for iniparser fixes the following issues: - CVE-2023-33461: Fixed NULL pointer dereference in iniparsergetboolean bsc1211889...

PT-2025-26058 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the cdns3 gadget ep dequeue and cdns3 gadget ep enable functions, where the assignment of priv ep is...

CVE-2023-31129 Contiki-NG missing NULL pointer check in IPv6 neighbor discovery

The Contiki-NG operating system versions 4.8 and prior can be triggered to dereference a NULL pointer in the message handling code for IPv6 router solicitiations. Contiki-NG contains an implementation of IPv6 Neighbor Discovery ND in the module os/net/ipv6/uip-nd6.c. The ND protocol includes a...

PT-2023-2507 · Avg +1 · Avg Antivirus +1

Name of the Vulnerable Software and Affected Versions: Avast Antivirus versions prior to 22.11 AVG Antivirus versions prior to 22.11 Description: The issue is related to a NULL pointer dereference problem via the RPC-interface, which could allow an attacker to cause a denial of service. The...

CVE-2023-0494

A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs...

CVE-2021-43315

A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func getle32. The problem is essentially caused in PackLinuxElf32::elflookup at plxelf.cpp:5349...

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of Linux kernel prior to 5.16.3, which stems from an incorrect pointer...

PT-2023-34967 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.10 Description: A NULL pointer issue was found in the skb segment list function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

Null pointer dereference

A null pointer dereference issue was discovered in fs/iouring.c in the Linux kernel before 5.15.62. A local user could use this flaw to crash the system or potentially cause a denial of service...

PT-2022-37226 · Git +1 · Grok

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by an incorrect function pointer type. The crash occurs in the grk::BufferedStream::read function, which is called...