PT-2025-37975

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue in the net/mlx5 module where a memory leak occurs in the hws pool buddy init function’s error path. The leak happens because the buddy allocator...

CVE-2024-25713

yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the poolfree function lacks loop checks. poolfree is part of the pool series allocator, along with poolmalloc and poolrealloc...

yyjson has a Double Free vulnerability

The pool series allocator poolmalloc/poolfree/poolrealloc by yysjon has a Double Free vulnerability, which may lead to arbitrary address writing and Denial of Service DoS attacks. Arbitrary address writing, combined with other legitimate or illegitimate operations of programs using this library,...

Double Free

Overview ibireme/yyjson is a C JSON library binding Affected versions of this package are vulnerable to Double Free due to improper loop checks in the poolfree function, which is part of the pool series allocator alongside poolmalloc and poolrealloc. An attacker can execute arbitrary code remotel...

Double Free

Overview Affected versions of this package are vulnerable to Double Free due to improper loop checks in the poolfree function, which is part of the pool series allocator alongside poolmalloc and poolrealloc. An attacker can execute arbitrary code remotely by exploiting this flaw. PoC c include...

CVE-2024-25713

yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the poolfree function lacks loop checks. poolfree is part of the pool series allocator, along with poolmalloc and poolrealloc...

PT-2024-21108 · Yyjson · Yyjson

Name of the Vulnerable Software and Affected Versions: yyjson versions 0.8.0 and earlier Description: The issue is related to a double free vulnerability in the pool series allocator, specifically due to the lack of loop checks in the pool free function. This can lead to remote code execution in...

Wasmtime 安全漏洞

Wasmtime is a standalone WebAssembly and WASI-only wasm optimization runtime open-sourced by the Bytecode Alliance. A security vulnerability exists in versions of Wasmtime prior to 2.0.2 that stems from a data leak between instances in its pool allocator...

RUSTSEC-2021-0155 Use After Free in lucet-runtime

There is a bug in the main branch of Lucet's lucet-runtime that allows a use-after-free in an Instance object that could result in memory corruption, data race, or other related issues. This bug was introduced early in the development of Lucet and is present in all releases. As a result of this...

Use After Free in lucet-runtime

There is a bug in the main branch of Lucet's lucet-runtime that allows a use-after-free in an Instance object that could result in memory corruption, data race, or other related issues. This bug was introduced early in the development of Lucet and is present in all releases. As a result of this...

Updated proftpd packages fix security vulnerability

Updated proftpd packages fix security vulnerability: Antonio Morales discovered an use-after-free flaw in the memory pool allocator in ProFTPD. Interrupting current data transfers can corrupt the ProFTPD memory pool, leading to denial of service, or potentially the execution of arbitrary code...

MGASA-2020-0120 Updated proftpd packages fix security vulnerability

Updated proftpd packages fix security vulnerability: Antonio Morales discovered an use-after-free flaw in the memory pool allocator in ProFTPD. Interrupting current data transfers can corrupt the ProFTPD memory pool, leading to denial of service, or potentially the execution of arbitrary code...

Debian DSA-4635-1 : proftpd-dfsg - security update

Antonio Morales discovered an use-after-free flaw in the memory pool allocator in ProFTPD, a powerful modular FTP/SFTP/FTPS server. Interrupting current data transfers can corrupt the ProFTPD memory pool, leading to denial of service, or potentially the execution of arbitrary code. C Tenable...

[SECURITY] [DSA 4635-1] proftpd-dfsg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4635-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 26, 2020 https://www.debian.org/security/faq -...