1366 matches found
Medium: apr
Issue Overview: Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr...
Medium: apr
Issue Overview: Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr...
kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump
A flaw was found in the Linux kernel in which functions providing information about SMC-D connections caused a NULL pointer dereference. This flaw allows an attacker with permission to read this information to cause a denial of service...
kernel: mm/shmem: disable PMD-sized page cache if needed
A denial of service vulnerability was found in the Linux Kernel. In architectures such as ARM64 where the base page size is 64KB, a 512MB page cache could lead to a software crash...
kernel: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a deadlock issue in the mm/shmem module due to the undoing of a previous data contention fix...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from sequential allocation and access of entries in the SMEM partition, which may result in memory corruption if not managed properly...
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0 and Mbed Crypto. The PSA Crypto API mishandles shared memory.
...
PT-2025-3662 · Linux · Linux Kernel
The vulnerable software is the Linux kernel. The issue arose from a regression in the kernel's memory management subsystem, specifically in the handling of write-sealed memfd mappings. The problem was introduced by a commit that moved a check for mapping writability before the shmem mmap hook was...
K000148687: qt vulnerabilities CVE-2018-21035, CVE-2015-1290, CVE-2013-0254, and CVE-2023-43114
Security Advisory Description CVE-2018-21035 In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service memory consumption. CVE-2015-1290 The Google V8...
The vulnerability of the shmem_getattr() function in the Linux kernel’s memory management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the shmemgetattr function in the mm/shmem.c module of the Linux kernel’s memory management subsystem is related to improper synchronization of access to shared memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
SUSE CVE-2024-53071
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Be stricter about IO mapping flags The current panthordevicemmapio implementation has two issues: 1. For mapping DRMPANTHORUSERFLUSHIDMMIOOFFSET, panthordevicemmapio bails if VMWRITE is set, but does not clear...
The vulnerability of the Podman software for managing and starting OCI containers, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the Podman software for managing and starting OCI containers is related to an uncontrolled resource consumption in the /dev/shm directory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
kernel: net/smc: avoid data corruption caused by decline
In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. The benchmark has a low probability of reporting a strange error as shown below. "Error: Protocol...
kernel: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)
In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUGON on mmapPROTWRITE, MAPPRIVATE Lack of check for copy-on-write COW mapping in drmgemshmemmmap allows users to call mmap with PROTWRITE and MAPPRIVATE flag causing a kernel panic due to BUGON in...
FreeBSD : x11vnc -- access to shared memory segments (305ceb2c-9df8-11ef-a660-d85ed309193e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 305ceb2c-9df8-11ef-a660-d85ed309193e advisory. [email protected] reports: scan.c in x11vnc 0.9.16 uses IPCCREAT|0777 in shmget calls, which allows access ...
mod_jk: information Disclosure / DoS
An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing modjk configuration, which may lead to information disclosure and denial of service...
K000148382: Apache Tomcat Connectors vulnerability CVE-2024-46544
Security Advisory Description Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors:...
CVE-2024-33032
Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it...
CVE-2024-33032 Improper Validation of Array Index in Camera_Linux
Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it...