CVE-2023-0461 Use-after-free vulnerability in the Linux Kernel

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIGTLS or CONFIGXFRMESPINTCP has to be configured, but the operation does not require any privilege. There is a...

CVE-2023-0461

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIGTLS or CONFIGXFRMESPINTCP has to be configured, but the operation does not require any privilege. There is a...

SUSE CVE-2005-2617

The syscall32setuppages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insertvmstruct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers...

SUSE CVE-2007-6716

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service OOPS, as demonstrated by a certain fio test...

SUSE CVE-2014-2673

The archduptaskstruct function in the Transactional Memory TM implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platform does not properly interact with the clone and fork system calls, which allows local users to cause a denial of service Program...

SUSE CVE-2018-11219

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking...

SUSE CVE-2018-19416

An issue was discovered in sysstat 12.1.1. The remapstruct function in sacommon.c has an out-of-bounds read during a memmove call, as demonstrated by sadf...

SUSE CVE-2019-9035

An issue was discovered in libmatio.a in matio aka MAT File I/O Library 1.5.13. There is a stack-based buffer over-read in the function ReadNextStructField in mat5.c...

UBUNTU-CVE-2023-25585

A flaw was found in Binutils. The use of an uninitialized field in the struct module module may lead to application crash and local denial of service...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-045-01)

The version of mozilla-firefox installed on the remote host is prior to 102.8.0esr / 110.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-045-01 advisory. - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory...

GSD-2023-1001870 vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF

vcscreen: move load of struct vcdata pointer in vcsread to avoid UAF This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...

GHSA-CF4G-FCF8-3CR9 `pnet_packet` buffer overrun in `set_payload` setters

As indicated by this issue, a buffer overrun is possible in the setpayload setter of the various mutable "Packet" struct setters. The offending setpayload functions were defined within the struct impl blocks in earlier versions of the package, and later by the packet macro. Fixed in the packet...

CVE-2022-43552

A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...

go.uuid has Predictable UUID Identifiers

CVE Description for go.uuid A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker. Updat...

CVE-2023-25585

A flaw was found in Binutils. The use of an uninitialized field in the struct module module may lead to application crash and local denial of service...

ABI mismatch when calling initialize function

Lines of code Vulnerability details Impact This is the initialize function of contract Vault. It has 5 parameters. function initialize IERC20 asset, IERC4626 adapter, VaultFees calldata fees, address feeRecipient, address owner external initializer But when calling this function in VaultControlle...

Lack of proper input validation in fulfillAvailableAdvancedOrders function

Lines of code Vulnerability details Impact fulfillAvailableAdvancedOrders function is designed to fulfill orders on the marketplace, an attacker could pass an AdvancedOrder struct with a much higher value than the intended order, allowing them to gain an unfair advantage, or they could pass a...

Lack of proper input validation in fulfillOrder function

Lines of code Vulnerability details Impact function fulfillOrder Order calldata order, bytes32 fulfillerConduitKey external payable returns bool fulfilled; fulfillOrder function is designed to fulfill orders on the marketplace, however, the code provided does not clearly define what fields the...

Lack of proper input validation in fulfillBasicOrder function.

Lines of code Vulnerability details Impact function fulfillBasicOrder BasicOrderParameters calldata parameters external payable returns bool fulfilled; fulfillBasicOrder function is designed to fulfill basic orders on the marketplace, however, the code provided does not clearly define what fields...

GSD-2023-1000352 NFC: nci: Bounds check struct nfc_target arrays

NFC: nci: Bounds check struct nfctarget arrays This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.302 by commit...