CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR...

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR...

Authentication flaw

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR...

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR...

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

PT-2023-18246 · Samsung · Samsung Mobile Devices

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Devices affected versions not specified Description: The issue allows a privileged local attacker to bypass ASLR due to kernel pointers being printed in the log file prior to SMR May-2023 Release 1. This is related to the...

CVE-2023-21492

CVE-2023-21492 is a Samsung Mobile devices vulnerability where kernel pointers are printed to the log file, enabling a privileged, local attacker to bypass ASLR. Affected software relates to Samsung Mobile devices with the SMR May-2023 Release 1 context. The root cause is the insertion of sensiti...

CLSA-2023-1680210075 openssl: Fix of 2 CVEs

CVE-2022-4304: fix timing based side channel in RSA decryption - CVE-2022-4450: avoid dangling pointers in PEMreadbioex...

CLSA-2023-1680206329 openssl: Fix of 2 CVEs

CVE-2022-4304: fix timing based side channel in RSA decryption - CVE-2022-4450: avoid dangling pointers in PEMreadbioex...

capnproto: out of bounds read when handling a list of lists.

A flaw was found in capnproto and capnp projects where a specially-crafted pointer could escape bounds checking by exploiting inconsistent handling of pointers when a list-of-structs is downgraded to a list-of-pointers...

RHEL 8 : openssl (RHSA-2023:1439)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1439 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

The vulnerability of the Linux operating system’s kernel memory management subsystem allows a hacker to cause a service failure or potentially execute arbitrary code.

The vulnerability of the Linux operating system’s kernel memory management subsystem is related to incorrect handling of counters for the anonvma structure, which leads to the creation of orphan pointers. Exploiting this vulnerability can allow an attacker to cause a service failure or potentiall...

K000132941: OpenSSL vulnerability CVE-2023-0286

Security Advisory Description There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as...

Updated dcmtk packages fix security vulnerability

Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2021-41687, CVE-2021-41688, CVE-2021-41689,...

USN-5937-1 opusfile vulnerability

It was discovered that Opusfile was not properly validating pointer arguments in some of its functions, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or have other unspecified impacts...

SUSE CVE-2023-23001

In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulatorget return value expects it to be NULL in the error case, whereas it is actually an error pointer...

DEBIAN-CVE-2023-23000

In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegraxusbfindportnode return value. Callers expect NULL in the error case, but an error pointer is used...

OESA-2023-1127 xorg-x11-server security update

X.Org X11 X server Security Fixes: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on...

USN-5882-1: DCMTK vulnerabilities

Gjoko Krstic discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2015-8979...

K05535399: Linux kernel vulnerability CVE-2017-17855

Security Advisory Description kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars. CVE-2017-17855 Impact There is no impact; ...