Low: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security and bug fix update

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide...

CBL Mariner 2.0 Security Update: libvirt (CVE-2024-4418)

The version of libvirt installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4418 advisory. - A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the...

openSUSE Security Advisory (SUSE-SU-2024:1962-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libvirt (SUSE-SU-2024:1962-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1962-1 advisory. - CVE-2024-4418: Fixed a stack use-after-free by ensuring temporary GSource is removed from client event...

SUSE-SU-2024:1962-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2024-4418: Fixed a stack use-after-free by ensuring temporary GSource is removed from client event loop. bsc1223849...

CVE-2024-4418

A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...

CVE-2024-4418

A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...

CVE-2024-4418

CVE-2024-4418 is a vulnerability in libvirt causing a race condition that leads to a stack use-after-free in virNetClientIOEventLoop(), where a pointer to a stack-allocated virNetClientIOEventData can be used in virNetClientIOEventFD while its stack frame is freed. The issue can let a local attac...

CVE-2024-4418 Libvirt: stack use-after-free in virnetclientioeventloop()

A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...

CVE-2024-4418 Libvirt: stack use-after-free in virnetclientioeventloop()

A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...

CVE-2024-4418

A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...

CVE-2024-4418

A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...

PT-2024-4010

Name of the Vulnerable Software and Affected Versions: libvirt affected versions not specified Description: A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated...

Potential stack use-after-free in `Instrumented::into_inner`

The implementation of the Instrumented::intoinner method in affected versions of this crate contains undefined behavior due to incorrect use of std::mem::forget The function creates const pointers to self, calls mem::forgetselfstd::mem::forget, and then moves values out of those pointers using...

SUSE CVE-2020-21686

A stack-use-after-scope issue discovered in expandmmacparams function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file...

CVE-2020-21686

A stack-use-after-scope issue discovered in expandmmacparams function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file...

CVE-2020-21686

A stack-use-after-scope issue discovered in expandmmacparams function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file...

UBUNTU-CVE-2020-21686

A stack-use-after-scope issue discovered in expandmmacparams function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file...

CVE-2020-21686

CVE-2020-21686 is a stack-use-after-scope vulnerability in NASM’s preproc.c expand_mmac_params function, present in NASM releases before 2.15.04. It allows remote denial of service via a crafted ASM file. Multiple connected sources corroborate the issue and note a security update; remediation is ...

OSV-2023-715 Stack-use-after-scope in ulocimp_addLikelySubtags_74

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61582 Crash type: Stack-use-after-scope READ 3 Crash state: ulocimpaddLikelySubtags74 ulocisRightToLeft74 ulocisrighttoleftfuzzer.cpp...