Lucene search
K

249 matches found

RedhatCVE
RedhatCVE
added 2025/01/13 6:50 a.m.8 views

CVE-2024-53680

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

5.5CVSS7.1AI score0.00224EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/01/12 12:15 a.m.3 views

SUSE CVE-2024-53680

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

5.8CVSS6.8AI score0.00224EPSS
Exploits0References17
CVE
CVE
added 2025/01/11 12:25 p.m.1386 views

CVE-2024-53680

CVE-2024-53680: Linux kernel ipvs: fix for undefined behavior from an uninitialized on-stack 64-byte buffer in ip_vs_protocol_init() that stores protocol names and feeds it to strnlen() under Fortify, risking a boot-time panic or module load oops when ipvs is built-in. The issue stems from leavin...

5.5CVSS6.8AI score0.00224EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2025/01/11 12:25 p.m.6 views

CVE-2024-53680 ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

5.5CVSS6.3AI score0.00224EPSS
Exploits0References12
Cvelist
Cvelist
added 2025/01/11 12:25 p.m.15 views

CVE-2024-53680 ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

0.00224EPSS
Exploits0References7
OSV
OSV
added 2024/12/19 4:18 a.m.29 views

RLSA-2024:11299 Important: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: uninitialized stack memory in...

9.8CVSS8.4AI score0.01344EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/12/18 9:41 a.m.20 views

Important: Red Hat Security Advisory: gstreamer1-plugins-good security update

An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

9.8CVSS6.9AI score0.01344EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/12/18 9:41 a.m.2 views

gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer

A flaw was found in the Matroska/WebM demuxer in the GStreamer library. Processing a specially crafted input file can cause the usage of uninitialized stack memory, allowing calls to uninitialized function pointers, potentially resulting in code execution or an application crash...

9.8CVSS6.1AI score0.01005EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/12/18 2:24 a.m.19 views

Important: Red Hat Security Advisory: gstreamer1-plugins-good security update

An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

9.8CVSS6.9AI score0.01344EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/12/18 12:0 a.m.13 views

RHEL 8 : gstreamer1-plugins-good (RHSA-2024:11149)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11149 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages conta...

9.8CVSS7.4AI score0.01344EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2024/12/17 7:37 p.m.5 views

gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer

A flaw was found in the Matroska/WebM demuxer in the GStreamer library. Processing a specially crafted input file can cause the usage of uninitialized stack memory, allowing calls to uninitialized function pointers, potentially resulting in code execution or an application crash...

9.8CVSS6.1AI score0.01005EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/12/17 7:37 p.m.33 views

Important: Red Hat Security Advisory: gstreamer1-plugins-good security update

An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.9AI score0.01344EPSS
Exploits0References6
OSV
OSV
added 2024/12/12 2:3 a.m.7 views

AZL-62393 CVE-2024-47540 affecting package gstreamer1 1.20.0-2

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...

9.8CVSS7.7AI score0.01005EPSS
Exploits0References1
OSV
OSV
added 2024/12/12 2:3 a.m.2 views

DEBIAN-CVE-2024-47540

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...

9.8CVSS8.7AI score0.01005EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/11 6:54 p.m.27 views

CVE-2024-47540 GHSL-2024-197: GStreamer uses uninitialized stack memory in Matroska/WebM demuxer

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...

8.6CVSS0.01005EPSS
Exploits0References3
OSV
OSV
added 2024/09/13 6:15 a.m.1 views

DEBIAN-CVE-2024-46697

In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4fattrargs.context is zeroed out If nfsd4encodefattr4 ends up doing a "goto out" before we get to checking for the security label, then args.context will be set to uninitialized junk on the stack, which we'l...

5.5CVSS5.5AI score0.00188EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/13 9:1 p.m.23 views

CVE-2024-29780

In hwbccnsdeprivilege of trusty/user/base/lib/hwbcc/client/hwbcc.c, there is a possible uninitialized stack data disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5AI score0.00082EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/13 9:1 p.m.23 views

CVE-2024-29780

In hwbccnsdeprivilege of trusty/user/base/lib/hwbcc/client/hwbcc.c, there is a possible uninitialized stack data disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00082EPSS
Exploits0References1
OSV
OSV
added 2024/06/01 12:0 a.m.7 views

PUB-A-324894466

In hwbccnsdeprivilege of trusty/user/base/lib/hwbcc/client/hwbcc.c, there is a possible uninitialized stack data disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.2AI score0.00082EPSS
Exploits0References1
OSV
OSV
added 2024/05/21 3:15 p.m.2 views

DEBIAN-CVE-2021-47339

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: explicitly clear ioctl input data As seen from a recent syzbot bug report, mistakes in the compat ioctl implementation can lead to uninitialized kernel stack data getting used as input for driver ioctl handlers...

5.5CVSS5.2AI score0.00236EPSS
Exploits0References1
Rows per page
Query Builder