3 matches found
GSD-2022-1000313 libsubcmd: Fix use-after-free for realloc(..., 0)
libsubcmd: Fix use-after-free for realloc..., 0 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.268 by commit...
libarchive: Double free in RAR decoder resulting in a denial of service
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...
double free in krb5 code
In curl's implementation of the Kerberos authentication mechanism, the function readdata in security.c is used to fill the necessary krb5 structures. When reading one of the length fields from the socket, it fails to ensure that the length parameter passed to realloc is not set to 0. This would...