332 matches found
CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
Double free
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
CVE-2018-10902
CVE-2018-10902 is a Linux kernel local privilege-escalation flaw in the raw MIDI driver. The issue arises from a race on concurrent access in the snd_rawmidi_ioctl() path (snd_rawmidi_input_params and snd_rawmidi_output_status), causing a double-free/double-realloc in the rawmidi.c handler. Explo...
CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
jpegoptim Denial of Service Vulnerability
jpegoptim is an open source JPEG format image compression/optimization tool . A security vulnerability exists in the jpegoptim.c file in version 1.4.5 of jpegoptim, which stems from the program failing to use the 'realloc' and 'free' functions efficiently. A remote attacker can exploit this...
CVE-2018-11416
jpegoptim.c in jpegoptim 1.4.5 fixed in 1.4.6 has an invalid use of realloc and free, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...
CVE-2018-11416
jpegoptim.c in jpegoptim 1.4.5 fixed in 1.4.6 has an invalid use of realloc and free, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...
UBUNTU-CVE-2018-11416
jpegoptim.c in jpegoptim 1.4.5 fixed in 1.4.6 has an invalid use of realloc and free, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...
CVE-2018-11416
jpegoptim.c in jpegoptim 1.4.5 fixed in 1.4.6 has an invalid use of realloc and free, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...
CVE-2018-11416
jpegoptim.c in jpegoptim 1.4.5 fixed in 1.4.6 has an invalid use of realloc and free, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...
CVE-2018-11416
CVE-2018-11416 affects jpegoptim 1.4.5 (fixed in 1.4.6). The vulnerability stems from an invalid use of realloc() and free() in jpegoptim.c, allowing remote attackers to cause a denial of service (application crash) or potentially other impact. Affected: jpegoptim prior to 1.4.6. Remediation: upg...
Heap Viewer - An IDA Pro Plugin To Examine The Glibc Heap, Focused On Exploit Development
An IDA Pro plugin for now to examine the heap, focused on exploit development. Currently only supports glibc malloc ptmalloc2. Requirements IDA Pro = 6.9 Tested on glibc = 2.26 GraphView for linked lists bins/tcache Magic utils: Unlink merge info Fake fastbin finder House of force helper Useful...
DEBIAN-CVE-2017-18199
reallocsymlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service NULL Pointer Dereference via a crafted iso file...
UBUNTU-CVE-2017-18199
reallocsymlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service NULL Pointer Dereference via a crafted iso file...
PT-2018-3810 · Gnu +5 · Gnu Libcdio +5
Name of the Vulnerable Software and Affected Versions: GNU libcdio versions prior to 1.0.0 Description: The issue is related to the realloc symlink function in rock.c and is associated with pointer dereference errors. It can be exploited by remote attackers to cause a denial of service...
DEBIAN-CVE-2017-16844
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...
SWFTools Denial of Service Vulnerability (CNVD-2017-36497)
SWFTools is a utility toolset for working with Adobe Flash files SWF files. A security vulnerability exists in the 'pngload' function in the lib/png.c file in SWFTools version 0.9.2, which stems from the program's failure to detect the return value of a realloc call. A remote attacker can exploit...