CVE-2023-52912 drm/amdgpu: Fixed bug on error when unloading amdgpu

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed bug on error when unloading amdgpu Fixed bug on error when unloading amdgpu. The error message is as follows: 377.706202 kernel BUG at drivers/gpu/drm/drmbuddy.c:278! 377.706215 invalid opcode: 0000 1 PREEMPT SM...

CVE-2024-42293

In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Fix lockless walks with static and dynamic page-table folding Lina reports random oopsen originating from the fast GUP code when 16K pages are used with 4-level page-tables, the fourth level being folded at runtime due...

CVE-2021-47428 powerpc/64s: fix program check interrupt emergency stack path

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: fix program check interrupt emergency stack path Emergency stack path was jumping into a 3: label inside the GENCOMMONBODY macro for the normal path after it had finished, rather than jumping over it. By a small...

CVE-2024-35803

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Call mixed mode boot services on the firmware's stack Normally, the EFI stub calls into the EFI boot services using the stack that was live when the stub was entered. According to the UEFI spec, this stack needs to b...

UBUNTU-CVE-2024-35803

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Call mixed mode boot services on the firmware's stack Normally, the EFI stub calls into the EFI boot services using the stack that was live when the stub was entered. According to the UEFI spec, this stack needs to b...

The vulnerability of the Arena Simulation software for modeling and automating discrete events lies in the use of an uninitialized pointer on the stack, which allows a hacker to execute arbitrary code and compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Arena Simulation software for modeling and automating discrete events is related to the use of an uninitialized pointer on the stack. Exploiting this vulnerability allows a attacker to execute arbitrary code and compromise the confidentiality, integrity, and accessibility...

CVE-2023-22291

An invalid free vulnerability exists in the Frame stream parser functionality of Ichitaro 2022 1.0.1.57600. A specially crafted document can lead to an attempt to free a stack pointer, which causes memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2023-22291

An invalid free vulnerability exists in the Frame stream parser functionality of Ichitaro 2022 1.0.1.57600. A specially crafted document can lead to an attempt to free a stack pointer, which causes memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

SUSE CVE-2010-3081

The compatallocuserspace functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the...

SUSE CVE-2017-2784

An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to ...

SUSE CVE-2017-17712

The rawsendmsg function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet-hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges...

SUSE CVE-2017-17856

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement...

The vulnerability of the Routing Protocol Daemon (rpd) implementation in Juniper Networks’ Junos OS Evolved and Junos operating systems allows a attacker to cause a service failure.

The vulnerability of the Routing Protocol Daemon rpd implementation in Juniper Networks’ Junos OS Evolved and Junos operating systems lies in the use of an uninitialized pointer on the stack. Exploiting this vulnerability can allow attackers to cause service failures...

PT-2022-35981 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue is related to the use of a global register for the current stack pointer on s390 systems. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

The vulnerability of the SBIOS component in NVIDIA’s DGX A100 server allows a hacker to execute arbitrary code, cause system failures, or compromise the confidentiality of protected information.

The vulnerability of the SBIOS component in NVIDIA’s Ofbd server NVIDIA DGX A100 is related to the use of an uninitialized pointer on the stack. Exploiting this vulnerability could allow a attacker to execute arbitrary code, cause service failures, or compromise the confidentiality of protected...

in vim/vim

Description Stack Pointer $RSP is corrupted at function eval7t in eval.c during calling eval3, eval4, eval5, eval6, eval7... continuously while parsing too many brackets. vim version : 8.2.4195 latest commit hash : 79a6e25b79cdb35e00d8b364516103eb358d8cc7 Proof of Concept $ echo -ne...

Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: out-of-bounds reads in pinctrl subsystem CVE-2020-0427 kernel: Improper input validation in some IntelR Ethernet E810 Adapter drivers CVE-2020-24502 kernel: Insufficient access control in...

Memory corruption when returning a literal struct with a private call inside of it

Impact When performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. Patches 0.3.0 / 2447...

PT-2021-23104 · Vyper · Vyper

Name of the Vulnerable Software and Affected Versions: Vyper versions prior to 0.3.0 Description: The issue occurs when performing a function call inside a literal struct, resulting in a memory corruption problem due to an incorrect pointer to the top of the stack. Recommendations: For versions...

GHSA-22WC-C9WJ-6Q2V VVE-2021-0001: Memory corruption using function calls within arrays

Impact When performing a function call inside an array, there is a memory corruption issue that occurs because of an incorrect pointer to the the tip of the stack. Patches This issue was partially fixed in VVE-2020-0004, however the fix did not update similar code for arrays, which had a similar...