1434 matches found
UBUNTU-CVE-2024-56706
In the Linux kernel, the following vulnerability has been resolved: s390/cpumsf: Fix and protect memory allocation of SDBs with mutex Reservation of the PMU hardware is done at first event creation and is protected by a pair of mutexlock and mutexunlock. After reservation of the PMU hardware the...
CVE-2024-56706 s390/cpum_sf: Fix and protect memory allocation of SDBs with mutex
In the Linux kernel, the following vulnerability has been resolved: s390/cpumsf: Fix and protect memory allocation of SDBs with mutex Reservation of the PMU hardware is done at first event creation and is protected by a pair of mutexlock and mutexunlock. After reservation of the PMU hardware the...
CVE-2024-56706 s390/cpum_sf: Fix and protect memory allocation of SDBs with mutex
In the Linux kernel, the following vulnerability has been resolved: s390/cpumsf: Fix and protect memory allocation of SDBs with mutex Reservation of the PMU hardware is done at first event creation and is protected by a pair of mutexlock and mutexunlock. After reservation of the PMU hardware the...
CVE-2024-56706
CVE-2024-56706 – Linux kernel (s390/cpum_sf) : The issue was a race in memory allocation for Sample Data Blocks (SDBs) when installing PMU-related buffers. PMU hardware reservation is done at first event creation and is protected by mutex_lock/unlock. However, the memory for PMUs that the event u...
PT-2024-37017 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory allocation issue has been resolved in the Linux kernel. The problem occurs in the s390/cpum sf module, where the memory allocation for Sample Data Blocks SDBs is not properly...
PT-2024-10177 · Phpoffice · Phpspreadsheet
Name of the Vulnerable Software and Affected Versions: PhpSpreadsheet versions prior to 3.7.0 PhpSpreadsheet versions prior to 2.3.5 PhpSpreadsheet versions prior to 2.1.6 PhpSpreadsheet versions prior to 1.29.7 Description: The issue is related to unauthorized reflected cross-site scripting in t...
Malicious code in api-demo-sample-lib1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware feb4cdcfd09bde3632e5027efd5e0378c93e89ab16f9e0f0e931586d1679412d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12076 Malicious code in api-demo-sample-lib1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware feb4cdcfd09bde3632e5027efd5e0378c93e89ab16f9e0f0e931586d1679412d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of the qtdemux_merge_sample_table function in the Gstreamer multimedia framework allows a hacker to cause a service failure.
The vulnerability of the qtdemuxmergesampletable function in the Gstreamer multimedia framework is related to reading data beyond the permitted range of memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
gstreamer1-plugins-good: OOB-write in isomp4/qtdemux.c
A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. This vulnerability allows a malicious third party to trigger an application crash and, in the case of...
gstreamer1-plugins-good: OOB-write in isomp4/qtdemux.c
A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. This vulnerability allows a malicious third party to trigger an application crash and, in the case of...
gstreamer1-plugins-good: OOB-write in isomp4/qtdemux.c
A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. This vulnerability allows a malicious third party to trigger an application crash and, in the case of...
gstreamer1-plugins-good: OOB-write in isomp4/qtdemux.c
A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. This vulnerability allows a malicious third party to trigger an application crash and, in the case of...
gstreamer1-plugins-good: OOB-write in isomp4/qtdemux.c
A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. This vulnerability allows a malicious third party to trigger an application crash and, in the case of...
SUSE CVE-2024-47777
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gstwavparsesmplchunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is...
CVE-2024-47597
A flaw was found in the GStreamer library. Multiple out-of-bounds reads in the MP4/MOV demuxer's sample table parsing and a lack of error checking can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...
DEBIAN-CVE-2024-47537
GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. And i...
CVE-2024-47598 GHSL-2024-246: GStreamer has an OOB-read in qtdemux_merge_sample_table
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in the qtdemuxmergesampletable function within qtdemux.c. The problem is that the size of the stts buffer isn’t properly checked before reading sttsduration, allowing the...
Malicious code in lib-jitsi-meet-sample (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0247e3f2877ee9dba4689c00ae13db004afaea694957dfb979bf3cfbd1ef9e31 The OpenSSF Package Analysis project identified 'lib-jitsi-meet-sample' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
MAL-2025-846 Malicious code in lib-jitsi-meet-sample (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0247e3f2877ee9dba4689c00ae13db004afaea694957dfb979bf3cfbd1ef9e31 The OpenSSF Package Analysis project identified 'lib-jitsi-meet-sample' @ 1.0.0 npm as malicious. It is considered malicious because: - The...