CVE-2019-25220

Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service daemon crash via a flood of low-difficulty header chains aka a "Chain Width Expansion" attack because a node does not first verify that a presented chain has enough work before committing to store it...

CVE-2019-25220

Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service daemon crash via a flood of low-difficulty header chains aka a "Chain Width Expansion" attack because a node does not first verify that a presented chain has enough work before committing to store it...

CVE-2019-25220

Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service daemon crash via a flood of low-difficulty header chains aka a "Chain Width Expansion" attack because a node does not first verify that a presented chain has enough work before committing to store it...

CVE-2019-25220

CVE-2019-25220 concerns Bitcoin Core prior to 24.0.1. The issue arises when a node accepts a flood of low‑difficulty header chains and stores them without first verifying that the presented chain has enough work, enabling a denial of service (daemon crash). Public references in the connected data...

CVE-2024-52300 macro-pdfviewer has a XSS through the width parameter

macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The width parameter of the PDF viewer macro isn't properly escaped, allowing XSS for any user who can edit a page. XSS can impact the confidentiality, integrity and availability of the whole XWiki installation when an admin...

PT-2024-8494 · Mozilla · Pdf.Js

Name of the Vulnerable Software and Affected Versions: macro-pdfviewer versions prior to 2.5.6 Description: The issue is related to the macro-pdfviewer PDF viewer macro for XWiki, which uses Mozilla pdf.js. The width parameter of the PDF viewer macro is not properly escaped, allowing for cross-si...

PDF Viewer Macro 安全漏洞

PDF Viewer Macro is an open source macro for XWiki SAS. It allows viewing PDF files attached to XWiki pages from within the XWiki page. A security vulnerability exists in PDF Viewer Macro prior to version 2.5.6, which stems from the width parameter of the PDF Viewer Macro not being properly...

freerdp: freerdp_image_copy out of bound read

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

kernel: ACPI: CPPC: Use access_width over bit_width for system memory accesses

A vulnerability was found in the ACPI subsystem's CPPC driver in the Linux kernel. This issue occurs due to the mishandling of memory access bit width during performance capability calculations, which can lead to misaligned memory accesses and cause kernel panics on affected platforms...

kernel: pwm: Fix double shift bug

REJECTED CVE A double shift vulnerability was identified in the Linux kernel's pwm subsystem. The issue involves passing a shifted value instead of a bit number to set/testbit functions, resulting in a double shift e.g., BITBIT1. While this doesn't cause problems for values 0 or 1, values of 5 or...

DEBIAN-CVE-2024-46952

An issue was discovered in pdf/pdfxref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream related to W array values...

SUSE CVE-2024-50177

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursorwidth is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as...

CVE-2024-50177

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursorwidth is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as...

AZL-54066 CVE-2024-50177 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursorwidth is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as...

DEBIAN-CVE-2024-50177

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursorwidth is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as...

AZL-54068 CVE-2024-50177 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursorwidth is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as...

UBUNTU-CVE-2024-50177

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursorwidth is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as...

CVE-2024-50177

CVE-2024-50177 concerns the Linux kernel amdgpu display driver (DML2.1). The issue is a UBSAN shift-out-of-bounds triggered when programming phantom pipes and cursor_width is explicitly set to 0, causing an overflow in 32-bit size calculations. The published fix adds a guard to validate cursor wi...

CVE-2024-50177 drm/amd/display: fix a UBSAN warning in DML2.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursorwidth is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as...

CVE-2024-50177 drm/amd/display: fix a UBSAN warning in DML2.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursorwidth is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as...