1000 matches found
Ubuntu: Security Advisory (USN-5703-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5703-1: Linux kernel (Intel IoTG) vulnerabilities
Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-188...
OSV-2022-1074 Invalid-free in _dealloc
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52587 Crash type: Invalid-free Crash state: dealloc PyDECREF framedealloc...
PT-2022-36698 · Git +1 · Pillow
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves deallocation and reference counting, specifically in the deallo...
Ubuntu: Security Advisory (USN-5691-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5692-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions 5.1 through 5.19.14, which stems from various reference counting errors handled by multiple BSSs in the mac80211 stack,...
USN-5667-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-raspi vulnerabilities
Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-188...
EulerOS 2.0 SP5 : systemd (EulerOS-SA-2022-2450)
According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in...
Denial Of Service (DoS)
systemd is vulnerable to denial of service. The vulnerability exists due to the onstreamio function and dnsstreamcomplete function in resolved-dns-stream.c does not properly increment the reference counting for the DnsStream object, allowing an attacker to cause a system crash through the...
USN-5614-2 wayland vulnerability
USN-5614-1 fixed a vulnerability in Wayland. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting ...
PT-2025-18546
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the drm/scheduler. The issue involved leaking dependency fences when processes were being killed, and a reference to the...
systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c
A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...
OESA-2022-1920 wayland security update
Wayland is a protocol for a compositor to talk to its clients as well as a C library implementation of that protocol. The compositor can be a standalone display server running on Linux kernel modesetting and evdev input devices, an X application, or a wayland client itself. The clients can be...
USN-5614-1 wayland vulnerability
It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code...
SUSE-SU-2022:3282-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-36879: Fixed an issue in xfrmexpandpolicies in net/xfrm/xfrmpolicy.c where a refcount could be dropped twice bnc1201948. - CVE-2022-3028: Fixed ra...
CVE-2022-2526
A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...
Design/Logic Flaw
A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...
CVE-2022-2526
A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...
systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c
A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...