Important kernel security update: New kernel 2.6.32-042stab140.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab140.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 based on the RHEL 6.10 kernel 2.6.32-754.18.2.el6. The new kernel inherits security fixes from the RHEL kernel and features internal fixes. Vulnerability id: CVE-2019-5489 A new...

Advantech WebAccess Node viewsrv SQLNumParams Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x27E6 IOCTL in the webvrpcs process. The issue resul...

CVE-2019-12482

An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gfisomgetoriginalformattype at isomedia/drmsample.c in libgpac.a, as demonstrated by MP4Box...

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. An attacker could exploit a flaw in the XFSISREALTIMEINODE macro in fs/xfs/xfslinux.h. This allows local users to cause null pointer dereference...

CVE-2018-20429

libming 0.4.8 has a NULL pointer dereference in the getName function of the decompile.c file, a different vulnerability than CVE-2018-7872 and CVE-2018-9165...

CVE-2018-5806

An error within the "leafhdrloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference...

CVE-2018-17794

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in workstuffcopytofrom when called from iteratedemanglefunction...

Denial Of Service (DoS) Through Null Pointer Dereference

imagemagick is vulnerable to denial of service DoS attacks. The vulnerability exists in property.c where an assert does not properly catches an error which allows an image object to be null, causing a DoS attackk through null pointer dereference...

Null pointer dereference

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfsrootnode when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfsreadblockgroups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks i...

CVE-2018-14613

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in ioctlmappage when mounting and operating a crafted btrfs image, because of a lack of block group item validation in checkleafitem in fs/btrfs/tree-checker.c...

CVE-2018-14609

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in delrelocroot in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rbtrees when reloc control has not been initialized...

EulerOS 2.0 SP2 : ncurses (EulerOS-SA-2018-1218)

According to the version of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A NULL pointer dereference was found in the way the ncparseentry function parses terminfo data for compilation. An attacker able to provide...

Denial Of Service (DoS)

libpoppler.so is vulnerable to denial of service DoS attacks. A malicious user can pass a malicious PDF file to the FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc, causing a null pointer dereference that can crash the application...

CVE-2018-1130

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccpwritexmit function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls...

Null pointer dereference

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810,...

CVE-2015-9221

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 800, and SD 810, lack of validation of pointers passed by secure apps could lead to an untrusted pointer dereference...

CVE-2018-10074

The hi3660stubclkprobe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service NULL pointer dereference by triggering a failure of resource retrieval...

CVE-2018-7548

In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using $PA... on an empty array result...

CVE-2017-15395

A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an ImageCapture NULL pointer dereference...

CVE-2017-12193

The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service NULL pointer dereference and panic via a crafted application, as demonstrated by the keyring key type, and key...