CLSA-2022-1669390018 grub2: Fix of 7 CVEs

CVE-2021-3981: Fix default privileges of grub.cfg file - CVE-2022-28736: Fix use-after-free bug when grubcmdchainloader is executed more than once before a boot attempt is performed. - CVE-2021-3695: Drop greyscale support to fix heap out-of-bounds write - CVE-2021-3696: Fix out of range...

kernel: mm/huge_memory: Fix xarray node memory leak

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: Fix xarray node memory leak If xassplitalloc fails to allocate the necessary nodes to complete the xarray entry split, it sets the xastate to -ENOMEM, which xasnomem then interprets as "Please allocate more memory"...

GSD-2022-1006651 mm/huge_memory: do not clobber swp_entry_t during THP split

mm/hugememory: do not clobber swpentryt during THP split This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.7 by commit...

PT-2022-34906 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to the mm/huge memory component, where the swp entry t is clobbered during the THP split process. This problem was introduced in version v5.19 and is fixed in version...

Revenue stream split can be bypassed

Lines of code Vulnerability details The Spigot.claimRevenue function allows anyone to claim revenue tokens from the spigot push and pull payments and escrows them for the owner to withdraw later. The revenue is automatically split between the treasury and escrow according to the settings in...

PT-2022-6166 · Cisco +6 · Cisco +6

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue is related to the Linux network backend, specifically the netback driver, where a guest can trigger a NIC interface reset, abort, or crash by sending certain kinds of packets. This ...

Double Free

Overview Affected versions of this package are vulnerable to Double Free in the split function in contrib/shpsort.c. This could allow information exposure or code execution via manipulation of malloc. Remediation Upgrade shapelib to version 1.6.0 or higher. References - GitHub Commit - GitHub Iss...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: via the Reader.Read function. An attacker can cause excessive memory allocation and trigger resource exhaustion or application panics by supplying a speciall...

Exploit for CVE-2022-21350

It is an offensive tool for Java-based web applications. The rep...

DEBIAN-CVE-2022-3049

Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page...

PT-2024-8455 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the Linux kernel's enetc driver, which allows for the configuration of TSN features through a mix of command BD ring messages and port registers. Howeve...

splitRecipient resulting voting power tend to be overstated

Lines of code Vulnerability details When burn computes the contributor's share via getFinalContribution and contributor = splitRecipient it transfers the whole share to the splitRecipient in advance, even when not all the voting power were allocated. I.e. some contributors might not burn and the...

split-airport.hr Cross Site Scripting vulnerability OBB-2889560

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Google Chrome 竞争条件问题漏洞

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 105.0.5195.52, which stems from a mix-up in the instruction responsible for freeing memory in SplitScreen. An attacker could exploit this vulnerability...

GSD-2022-1004703 net: stmmac: dwc-qos: Disable split header for Tegra194

net: stmmac: dwc-qos: Disable split header for Tegra194 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.207 by commit...

Fedora: Security Advisory for golang-github-vbatts-tar-split (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-vbatts-tar-split-0.11.1-11.fc36

Pristinely disassembling a tar archive, and stashing needed raw bytes and offsets to reassemble a validating original archive...

AZL-10441 CVE-2022-34526 affecting package libtiff for versions less than 4.4.0-3

A stack overflow was discovered in the TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities...

ALPINE-CVE-2022-34526

A stack overflow was discovered in the TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities...

CVE-2022-22217

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service DoS. The issue is caused by malformed MLD packets looping on a multi-homed Ethernet Segme...