81 matches found
UBUNTU-CVE-2021-47465
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix stack handling in idlekvmstartguest In commit 10d91611f426 "powerpc/64s: Reimplement book3s idle code in C" kvmstartguest became idlekvmstartguest. The old code allocated a stack frame on the emergency...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from exceeding the maximum value of a stack frame...
DEBIAN-CVE-2023-37271
RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment. RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generat...
PYSEC-2023-118
RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment. RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generat...
CVE-2023-37271 RestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape
RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment. RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generat...
CVE-2023-37271 RestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape
RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment. RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generat...
GHSA-WQC8-X2PR-7JQH RestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape
Impact RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generator expressions, which are allowed inside RestrictedPython. An attacker with access to a RestrictedPython environment can write code that gets the...
RestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape
Impact RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generator expressions, which are allowed inside RestrictedPython. An attacker with access to a RestrictedPython environment can write code that gets the...
GSD-2023-1000167 drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame
drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000070 drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame
drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.12 by commit...
PT-2023-33147 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.12 Description: The issue is related to a problem with Clang builds in the drm/amdgpu component, which may lead to a blown stack-frame. The actual impact and potential for attack have not been proven yet...
PT-2023-33315 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.158 Description: The issue is related to a problem with Clang builds in the drm/amdgpu component, which may lead to a blown stack-frame. The actual impact and potential for attack have not been proven yet...
PT-2023-33244 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.82 Description: The issue is related to a problem with Clang builds in the drm/amdgpu component, which may lead to a blown stack-frame. The actual impact and potential for attack have not been proven yet...
Huawei HarmonyOS 输入验证错误漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability previously existed in Huawei HarmonyOS 2.0, which stemmed from a write-across-stack-frame out-of-bounds vulnerability in some Huawei...
Unspecified vulnerability in Linux kernel (CNVD-2021-24272)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel 5.11.8 and earlier versions that allows userspace to write data directly to the kernel stack frame. No details of the...
Buffer overflow
In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel 5.11.8 and earlier versions that allows userspace to write data directly to the kernel stack frame. No details of the...
CVE-2020-27749
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...
CVE-2020-25464
Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903. The top stack frame is only partially initialized because the stack overflowed while creating the frame. This leads to a crash in the code sending the stack frame to the debugger...
Heap overflow
Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903. The top stack frame is only partially initialized because the stack overflowed while creating the frame. This leads to a crash in the code sending the stack frame to the debugger...