Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fixed the issue of NULL pointer dereferencing in corescsi3decodespeciport. The function corescsi3decodespeciport, during its error code path, corescsi3lunaclundependitem, passing the destsedeve pointer, which may be...

DEBIAN-CVE-2025-38399

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL pointer dereference in corescsi3decodespeciport The function corescsi3decodespeciport, in its error code path, unconditionally calls corescsi3lunaclundependitem passing the destsedeve pointer, which may be...

CVE-2012-1962

CVE-2012-1962 is a use-after-free in Mozilla’s JSDependentString::undepend that affects Firefox 4.x–13.0, ESR 10.x before 10.0.6, Thunderbird 5.0–13.0, and SeaMonkey before 2.11, enabling remote memory corruption and possibly arbitrary code execution. Connected advisories (e.g., MFSA2012-52 and r...

Mozilla: JSDependentString:: undepend string conversion results in memory corruption (MFSA 2012-52)

Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service memory...

JSDependentString::undepend string conversion results in memory corruption — Mozilla

Security researcher Bill Keese reported a memory corruption. This is caused by JSDependentString::undepend changing a dependent string into a fixed string when there are additional dependent strings relying on the same base. When the undepend occurs during conversion, the base data is freed,...