CVE-2021-47185 tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc

In the Linux kernel, the following vulnerability has been resolved: tty: ttybuffer: Fix the softlockup issue in flushtoldisc When running ltp testcaseltp/testcases/kernel/pty/pty04.c with arm64, there is a soft lockup, which look like this one: Workqueue: eventsunbound flushtoldisc Call trace:...

CVE-2021-47185

CVE-2021-47185 is addressed by a Linux kernel fix for a soft lockup in tty_buffer/flush_to_ldisc. In ARM64 when running the ltp pty04 test, a write race between a sender and the flush_to_ldisc workqueue on different cores could cause a long loop and a softlockup in flush_to_ldisc. The patch adds ...

CVE-2021-47185

In the Linux kernel, the following vulnerability has been resolved: tty: ttybuffer: Fix the softlockup issue in flushtoldisc When running ltp testcaseltp/testcases/kernel/pty/pty04.c with arm64, there is a soft lockup, which look like this one: Workqueue: eventsunbound flushtoldisc Call trace:...

CVE-2021-46982

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix race condition of overwrite vs truncate posfsstress testcase complains a panic as belew: ------------ cut here ------------ kernel BUG at fs/f2fs/compress.c:1082! invalid opcode: 0000 1 SMP PTI CPU: 4 PID:...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

SUSE CVE-2018-20533

There is a NULL pointer dereference at ext/testcase.c function testcasestr2depcomplex in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service...

PT-2025-18550

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the btrfs filesystem. When cloning a btrfs device, the associated btrfs zoned device info structure is not cloned, leadi...

bpftool, kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2022:5937 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Secretflow - A Unified Framework For Privacy-Preserving Data Analysis And Machine Learning

SecretFlow is a unified framework for privacy-preserving data intelligence and machine learning. To achieve this goal, it provides: An abstract device layer consists of plain devices and secret devices which encapsulate various cryptographic protocols. A device flow layer modeling higher algorith...

zlog 1.2.15 - Buffer Overflow Exploit

Exploit Title: zlog 1.2.15 - Buffer Overflow Exploit Author: LIWEI Vendor Homepage: https://github.com/HardySimpson/zlog Software Link: https://github.com/HardySimpson/zlog Version: v1.2.15 Tested on: ubuntu 18.04.2 1.- compile the zlogv1.2.15 code to a library. 2.- Use the "zloginit" API to pars...

SUSE-SU-2021:2180-1 Security update for libsolv

This update for libsolv fixes the following issues: Security issues fixed: - CVE-2019-20387: Fixed heap-buffer-overflow in repodataschema2id bsc1161510 - CVE-2021-3200: testcaseread: error out if repos are added or the system is changed too late bsc1186229 Other issues fixed: - backport support f...

OESA-2021-1209 libsolv security update

A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: - Using a dictionary approach to store and retrieve package and dependency information. - Using satisfiability, a well known and researched topic, for resolving package...

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool FILE *fp const char *testcase Queue *job char **resultp int *resultflagsp function at src/testcase.c: line 2334 which could cause a denial of service

...

DEBIAN-CVE-2021-3200

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver testcasereadPool pool, FILE fp, const char testcase, Queue job, char resultp, int resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service...

UBUNTU-CVE-2021-3200

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver testcasereadPool pool, FILE fp, const char testcase, Queue job, char resultp, int resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service...

libsolv 缓冲区错误漏洞

libsolv is a library for checking package dependencies. A buffer error vulnerability exists in libsolv, which stems from the fact that Solver testcaseread may cause a denial of service...

serenity:FuzzRegexPosixExtended: Heap-buffer-overflow in regex::Lexer::back

Project: https://github.com/SerenityOS/serenity.git Detailed Report: https://oss-fuzz.com/testcase?key=5077400093982720 Project: serenity Fuzzing Engine: libFuzzer Fuzz Target: FuzzRegexPosixExtended Job Type: libfuzzerasanserenity Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash...

skia:sksl2spirv: Segv on unknown address in std::__1::unique_ptr<SkSL::Expression, std::__1::default_delete<SkSL::Expression

Project: https://skia.googlesource.com/skia.git Detailed Report: https://oss-fuzz.com/testcase?key=6198631948091392 Project: skia Fuzzing Engine: libFuzzer Fuzz Target: sksl2spirv Job Type: libfuzzerasanskia Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State:...

llvm:clang-fuzzer: Global-buffer-overflow in ProcessCharEscape

Detailed Report: https://oss-fuzz.com/testcase?key=5730186039132160 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-fuzzer Job Type: libfuzzerasanllvm Platform Id: linux Crash Type: Global-buffer-overflow READ 4 Crash Address: 0x00000ccfc3dc Crash State: ProcessCharEscape...