17 matches found
SUSE CVE-2026-31646
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix pagepool error handling in lan966xfdmarxallocpagepool pagepoolcreate can return an ERRPTR on failure. The return value is used unconditionally in the loop that follows, passing the error pointer through...
CVE-2023-53255 firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool()
In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: Fix a potential resource leak in svccreatememorypool svccreatememorypool is only called from stratix10svcdrvprobe. Most of resources in the probe are managed, but not this memremap call. There is also no...
CVE-2021-26706
An issue was discovered in libmem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: MemPoolCreate, MemDynPoolCreate, and MemDynPoolCreateHW. Because these functions...
CVE-2024-13058 Authenticated, non-admin users can create storage pools via the sifi API
An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron HyperCloud and related software products such ...
SoftIron HyperCloud 安全漏洞
SoftIron HyperCloud is an intelligent cloud architecture from SoftIron. A security vulnerability exists in SoftIron HyperCloud version 2.3.0 through versions prior to 2.5.0. An attacker exploiting this vulnerability could affect the performance and availability of the back-end software-defined...
Pool with any fee tier can be created
Lines of code Vulnerability details Impact Pool with any fee tier can be created Proof of Concept There is a section in this medium: In Fee Structure: Maverick AMM supports initializing pools with arbitrary fee rates, but it is expected that LPs will choose from one of the following “standard” fe...
Attackers can prevent the creation of pools
Lines of code Vulnerability details Impact A malicious attacker can permanently prevent users from creating pools of certain token pairs. Proof of Concept The deploy function in AlgebraPoolDeployer.sol uses a salt while deploying a new AlgebraPool: 44: function deploy 45: address dataStorage, 46:...
computeAddress does not follow the standard procedure to compute the address. The contract can not create pool for some pairs due to hash collision
Lines of code Vulnerability details Impact Poor source of randomness, an attacker can easily decipher the computed address. The contract can be easily tricked. This can cause hash collision, due to this, for some pairs, the contract can not create pool. Proof of Concept AlgebraFactory.solL123 : T...
setGlobalTax() Can Be Manipulated By The Global Beneficiary To Steal Reward Tokens Or Censor Pool Creators
Lines of code Vulnerability details Impact Upon pool creation, the pool configures a taxPerCapita value which is controlled by the global beneficiary. This global beneficiary account can effectively sandwich calls to addPool by increasing the fee to 100% before the addition of a new pool and...
CVE-2021-27411
Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...
kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
A flaw was found in the Linux kernel, prior to version 5.0.7, in drivers/scsi/megaraid/megaraidsasbase.c, where a NULL pointer dereference can occur when megasascreateframepool fails in megasasalloccmds. An attacker can crash the system if they were able to load the megaraidsas kernel module and...
kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
A flaw was found in the Linux kernel, prior to version 5.0.7, in drivers/scsi/megaraid/megaraidsasbase.c, where a NULL pointer dereference can occur when megasascreateframepool fails in megasasalloccmds. An attacker can crash the system if they were able to load the megaraidsas kernel module and...
kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
A flaw was found in the Linux kernel, prior to version 5.0.7, in drivers/scsi/megaraid/megaraidsasbase.c, where a NULL pointer dereference can occur when megasascreateframepool fails in megasasalloccmds. An attacker can crash the system if they were able to load the megaraidsas kernel module and...
kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
A flaw was found in the Linux kernel, prior to version 5.0.7, in drivers/scsi/megaraid/megaraidsasbase.c, where a NULL pointer dereference can occur when megasascreateframepool fails in megasasalloccmds. An attacker can crash the system if they were able to load the megaraidsas kernel module and...
UBUNTU-CVE-2019-11810
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasascreateframepool fails in megasasalloccmds in drivers/scsi/megaraid/megaraidsasbase.c. This causes a Denial of Service, related to a use-after-free...
RHEL 7 : Red Hat Ceph Storage 3.0 (RHSA-2018:2177)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2177 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...
Update Rollup 8 for System Center 2016 Virtual Machine Manager
None None...