Lucene search
+L

326 matches found

OSV
OSV
added 2024/12/12 2:3 a.m.7 views

AZL-62417 CVE-2024-47537 affecting package gstreamer1 1.20.0-2

GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. And i...

9.8CVSS7.4AI score0.00956EPSS
Exploits0References1
OSV
OSV
added 2024/12/12 12:0 a.m.3 views

UBUNTU-CVE-2024-47537

GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. And i...

9.8CVSS5.8AI score0.00956EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.5 views

The vulnerability of the irqchip/gic-v3-its components in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the irqchip/gic-v3-its components in the Linux operating system’s kernel is related to a memory reallocation error in the itsvpeirqdomainalloc function. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.7AI score0.00248EPSS
Exploits0References53Affected Software8
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.7 views

The vulnerability of the f2fs_do_shutdown() function in the f2fs file system of Linux kernels allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the f2fsdoshutdown function in the fs/f2fs/file.c file of the f2fs file system in the Linux operating system is related to the reallocation of previously released memory due to competitive access to resources race condition. Exploiting this vulnerability could allow an attack...

7.8CVSS7.2AI score0.00238EPSS
Exploits0References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.10 views

The vulnerability of the ftrace_location() function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ftracelocation function in the kernel/trace/ftrace.c module of the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS6.5AI score0.00239EPSS
Exploits0References37Affected Software7
OSV
OSV
added 2024/10/21 8:15 p.m.4 views

UBUNTU-CVE-2024-50042

In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. This is caused by not reallocating some arrays. Reproducer: modprobe ice echo 0 /sys/bus/pci/devices/$PFPCI/sriovdriversautoprobe...

7.1CVSS6.2AI score0.0021EPSS
Exploits0References19
OSV
OSV
added 2024/10/21 6:15 p.m.9 views

AZL-51360 CVE-2024-49883 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4extinsertextent As Ojaswin mentioned in Link, in ext4extinsertextent, if the path is reallocated in ext4extcreatenewleaf, we'll use the stale path and cause UAF. Below is a sample trace with dumm...

7.8CVSS6.7AI score0.00275EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 6:15 p.m.1 views

DEBIAN-CVE-2024-49883

In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4extinsertextent As Ojaswin mentioned in Link, in ext4extinsertextent, if the path is reallocated in ext4extcreatenewleaf, we'll use the stale path and cause UAF. Below is a sample trace with dumm...

7.8CVSS5.8AI score0.00275EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/09/28 2:51 a.m.3 views

SUSE CVE-2024-46849

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

7CVSS6.4AI score0.0025EPSS
Exploits0References22
OSV
OSV
added 2024/09/27 1:15 p.m.11 views

AZL-49858 CVE-2024-46849 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

7.8CVSS6.7AI score0.0025EPSS
Exploits0References1
OSV
OSV
added 2024/09/27 1:15 p.m.2 views

DEBIAN-CVE-2024-46849

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

7.8CVSS6.2AI score0.0025EPSS
Exploits0References1
OSV
OSV
added 2024/09/27 1:15 p.m.10 views

AZL-49795 CVE-2024-46849 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

7.8CVSS6.7AI score0.0025EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/27 12:42 p.m.18 views

CVE-2024-46849 ASoC: meson: axg-card: fix 'use-after-free'

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

6.9AI score0.0025EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/09/27 12:42 p.m.41 views

CVE-2024-46849 ASoC: meson: axg-card: fix 'use-after-free'

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

0.0025EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.7 views

The vulnerability of the ps-pdf.cxx component of the HTMLDOC document conversion tool allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the ps-pdf.cxx component of the HTMLDOC document conversion tool is related to the reallocation of memory. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

9.8CVSS7.7AI score0.02282EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.7 views

The vulnerability of the gnutls_pkcs7_verify function in the pkcs7 component of the GnuTLS library allows a attacker to cause a service failure.

The vulnerability of the gnutlspkcs7verify function in the pkcs7 component of the GnuTLS library is related to the reallocation of memory. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.8CVSS6.9AI score0.01492EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.6 views

The vulnerability of the btrfs_load_zone_info() function in the Btrfs file system of Linux kernels allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the btrfsloadzoneinfo function in the fs/btrfs/zoned.c file of the Btrfs file system in Linux kernel is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS7.3AI score0.00288EPSS
Exploits0References22Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.4 views

The vulnerability of the register_winch_irq() function in the User-Mode Linux (UML) subsystem of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the registerwinchirq function in the arch/um/drivers/line.c file of the User-Mode Linux subsystem driver for the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow a...

5.5CVSS6.8AI score0.00233EPSS
Exploits0References25Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/05/30 12:0 a.m.7 views

The vulnerability of the brcmf_notify_escan_complete() function in the Broadcom FullMAC driver for Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the brcmfmac/cfg80211.c file within the Broadcom FullMAC driver’s drivers/net/wireless/broadcom/brcm80211/ directory in the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability...

5.5CVSS6.5AI score0.00233EPSS
Exploits0References23Affected Software2
SUSE CVE
SUSE CVE
added 2024/05/23 3:4 a.m.3 views

SUSE CVE-2021-47295

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindexpartialdestroywork Syzbot reported memory leak in tcindexsetparms. The problem was in non-freed perfect hash in tcindexpartialdestroywork. In tcindexsetparms new tcindexdata is allocated and...

5.5CVSS6.5AI score0.01497EPSS
Exploits0References7
Rows per page
Query Builder