22 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it returns ZEROSIZEPTR. Because of that, for a following NULL pointer check to work on the returned pointer, kcalloc must not be called...
DEBIAN-CVE-2023-53752
In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...
CVE-2023-53752 net: deal with integer overflows in kmalloc_reserve()
In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...
Google Chrome < 54.0.2840.100 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 54.0.2840.100. It is, therefore, affected by multiple vulnerabilities as referenced in the 201611stable-channel-update-for-desktop9 advisory. - browser/extensions/api/dial/dialregistry.cc in Google Chrome before...
EUVD-2025-14091
Malicious code in bioql PyPI...
PT-2025-39144
Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.17.0-rc4-00201-gd69eb204c255 and earlier Description A flaw exists in the Linux kernel's tracing/osnoise module, specifically within the bitmap parselist function. A null pointer dereference can occur when the count...
Linux Distros Unpatched Vulnerability : CVE-2024-38549
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/mediatek: Add 0 size check to mtkdrmgemobj Add a check to mtkdrmgeminit if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists a...
SUSE CVE-2025-38255
In the Linux kernel, the following vulnerability has been resolved: lib/groupcpus: fix NULL pointer dereference from groupcpusevenly While testing nullblk with configfs, echo 0 pollqueues will trigger following panic: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 000...
GHSA-6X45-R4PR-5362 trailer mishandles allocating with a size of zero
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
trailer mishandles allocating with a size of zero
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
CVE-2025-47737
The vulnerability CVE-2025-47737 affects the trailer crate for Rust up to version 0.1.2, where lib.rs mishandles allocations of size zero. The issue is documented across multiple sources (GHSA-6X45-R4PR-5362, Red Hat RH CVE, OSV, PT-2025-20472) and is tied to zero-size allocation handling in the ...
PT-2025-20472 · Unknown · Trailer Crate
Name of the Vulnerable Software and Affected Versions: trailer crate versions 0.1.2 and earlier Description: The issue is related to the lib.rs file in the trailer crate for Rust, which mishandles allocating with a size of zero. Recommendations: For trailer crate version 0.1.2 and earlier, consid...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
DEBIAN-CVE-2021-47578
In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it returns ZEROSIZEPTR. Because of that, for a following NULL pointer check to work on the returned pointer, kcalloc must not be called...
grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow
A flaw was found in grub2. When handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size, the name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. The highes...
grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow
A flaw was found in grub2. When handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size, the name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. The highes...
grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow
A flaw was found in grub2. When handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size, the name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. The highes...