RUSTSEC-2024-0357 `MemBio::get_buf` has undefined behavior with empty buffers

Previously, MemBio::getbuf called slice::fromrawparts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed...

Potential memory exhaustion attack due to sparse slice deserialization

...

GO-2024-2958 Potential memory exhaustion attack due to sparse slice deserialization in github.com/gorilla/schema

Potential memory exhaustion attack due to sparse slice deserialization in github.com/gorilla/schema...

GHSA-3669-72X9-R9P3 Potential memory exhaustion attack due to sparse slice deserialization

Details Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. For instance, in the Proof of Concept written below, someone can specify to set a field of the...

Potential memory exhaustion attack due to sparse slice deserialization

Details Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. For instance, in the Proof of Concept written below, someone can specify to set a field of the...

UBUNTU-CVE-2024-37298

gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of...

CVE-2024-37298 Potential memory exhaustion attack due to sparse slice deserialization

gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of...

CVE-2024-37298 Potential memory exhaustion attack due to sparse slice deserialization

gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of...

MongoDB Server Security Vulnerability

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication, and automatic failover. A security vulnerability exists in MongoDB Server that stems from a lack of authorization checki...

SUSE CVE-2024-38606

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adfsendadmintlstart enables the telemetry TL feature on a QAT device by sending the ICPQATFWTLSTART message to the firmware. This triggers the FW to start writing TL...

DEBIAN-CVE-2024-38606

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adfsendadmintlstart enables the telemetry TL feature on a QAT device by sending the ICPQATFWTLSTART message to the firmware. This triggers the FW to start writing TL...

UBUNTU-CVE-2024-38606

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adfsendadmintlstart enables the telemetry TL feature on a QAT device by sending the ICPQATFWTLSTART message to the firmware. This triggers the FW to start writing TL...

SUSE CVE-2024-36969

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setupdscconfig When sliceheight is 0, the division by sliceheight in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a state...

Denial Of Service (DoS)

github.com/onosproject/rimedo-ts is vulnerable to Denial Of Service DoS. The vulnerability is due to inadequate bounds checking within reader.go, when accessing elements out of the slice bounds...

Denial Of Service (DoS)

github.com/onosproject/rimedo-ts is vulnerable to Denial Of Service DoS. The vulnerability is due to an out-of-range panic within reader.go, when accessing elements out of the slice bounds, which could result in Denial of Service...

tcpslice: use-after-free in extract_slice()

A heap use-after-free flaw was found in tcpslices' extractslice. This flaw allows an attacker with local network access to pass a specially crafted 'pcap' file to tcpslice, causing segmentation fault. This vulnerability halts or crashes the application, leading to a denial of service...

CVE-2024-34049

Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in "return plmnIdString0:3, plmnIdString3:" in reader.go...

CVE-2024-34050

Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in "return uint64b216 | uint64b18 | uint64b0" in reader.go...

CVE-2024-34050

Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in "return uint64b216 | uint64b18 | uint64b0" in reader.go...

CVE-2024-34049

Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in "return plmnIdString0:3, plmnIdString3:" in reader.go...