Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2keyencode 'scratch' is never freed. Fix this by calling kfree in the success, and in the error case...

UBUNTU-CVE-2024-36967

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2keyencode 'scratch' is never freed. Fix this by calling kfree in the success, and in the error case...

GHSA-7P92-X423-VWJ6 Plonk verifier KZG multi point verification

Impact The vulnerability allows a third party to derive a valid proof from a valid initial tuple proof, publicinputs, corresponding to the same public inputs as the initial proof. It is due to a randomness being generated using a small part of the scratch memory describing the state, allowing for...

SUSE CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack not the YARA virtual stack...

CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack not the YARA virtual stack...

UBUNTU-CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack not the YARA virtual stack...

CVE-2018-19974

CVE-2018-19974 affects YARA 3.8.1, where bytecode in a specially crafted compiled rule can read uninitialized data from the VM scratch memory in libyara/exec.c, potentially revealing addresses from the real stack. The vulnerability is confined to the YARA runtime and arises from reading uninitial...

CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack not the YARA virtual stack...

PT-2018-15180

Name of the Vulnerable Software and Affected Versions YARA version 3.8.1 Description The issue allows attackers to discover addresses in the real stack by reading uninitialized data from VM scratch memory in libyara/exec.c when bytecode in a specially crafted compiled rule is executed...