22 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: scsidebug: Do not call kcalloc if size argument is zero. If the size argument to kcalloc is zero, it returns ZEROSIZEPTR. Therefore, for the subsequent NULL pointer check to work on the returned pointer, kcalloc must not...
DEBIAN-CVE-2023-53752
In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...
CVE-2023-53752 net: deal with integer overflows in kmalloc_reserve()
In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...
Google Chrome < 54.0.2840.100 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 54.0.2840.100. It is, therefore, affected by multiple vulnerabilities as referenced in the 201611stable-channel-update-for-desktop9 advisory. - browser/extensions/api/dial/dialregistry.cc in Google Chrome before...
EUVD-2025-14091
Malicious code in bioql PyPI...
PT-2025-39144
Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.17.0-rc4-00201-gd69eb204c255 and earlier Description A flaw exists in the Linux kernel's tracing/osnoise module, specifically within the bitmap parselist function. A null pointer dereference can occur when the count...
Linux Distros Unpatched Vulnerability : CVE-2024-38549
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/mediatek: Add 0 size check to mtkdrmgemobj Add a check to mtkdrmgeminit if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists a...
SUSE CVE-2025-38255
In the Linux kernel, the following vulnerability has been resolved: lib/groupcpus: fix NULL pointer dereference from groupcpusevenly While testing nullblk with configfs, echo 0 pollqueues will trigger following panic: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 000...
trailer mishandles allocating with a size of zero
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
GHSA-6X45-R4PR-5362 trailer mishandles allocating with a size of zero
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
PT-2025-20472 · Unknown · Trailer Crate
Name of the Vulnerable Software and Affected Versions: trailer crate versions 0.1.2 and earlier Description: The issue is related to the lib.rs file in the trailer crate for Rust, which mishandles allocating with a size of zero. Recommendations: For trailer crate version 0.1.2 and earlier, consid...
CVE-2025-47737
The vulnerability CVE-2025-47737 affects the trailer crate for Rust up to version 0.1.2, where lib.rs mishandles allocations of size zero. The issue is documented across multiple sources (GHSA-6X45-R4PR-5362, Red Hat RH CVE, OSV, PT-2025-20472) and is tied to zero-size allocation handling in the ...
DEBIAN-CVE-2021-47578
In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it returns ZEROSIZEPTR. Because of that, for a following NULL pointer check to work on the returned pointer, kcalloc must not be called...
grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow
A flaw was found in grub2. When handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size, the name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. The highes...
grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow
A flaw was found in grub2. When handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size, the name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. The highes...
grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow
A flaw was found in grub2. When handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size, the name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. The highes...