21762 matches found
spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware
...
GNU Binutils ld xmalloc.c xstrdup memory leak
...
NASM Netwide Assember nasm.c assemble_file stack-based overflow
...
net: libwx: fix Tx L4 checksum
...
drm/i915: Fix a memory leak with reused mmap_offset
...
ice: always check VF VSI pointer values
...
Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
...
A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.
...
rtw89: cfo: check mac_id to avoid out-of-bounds
...
block: RCU protect disk->conv_zones_bitmap
...
i2c/designware: Fix an initialization issue
...
An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.
...
cifs: fix potential memory leaks in session setup
...
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
...
The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 123.
...
bridge: mcast: Fix use-after-free during router port configuration
...
Bluetooth: hci_conn: Use disable_delayed_work_sync
...
drm/xe: Fix taking invalid lock on wedge
...
parisc: Fix random data corruption from exception handler
...
f2fs: initialize locks earlier in f2fs_fill_super()
...
A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command.
...
HDF5 H5Centry.c H5C__load_entry resource consumption
...
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
...
drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU.
...
of: module: prevent NULL pointer dereference in vsnprintf()
...
btrfs: do proper folio cleanup when cow_file_range() failed
...
drm/amd/display: Refactor DMCUB enter/exit idle interface
...
drivers: staging: rtl8192eu: Fix deadlock in rtw_joinbss_event_prehandle
...
This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.
...
smb: client: guarantee refcounted children from parent session
...
In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac21dd88b900fb03614ceb7.
...
scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer()
...
eth: bnxt: fix truesize for mb-xdp-pass case
...
nvme-tcp: sanitize request list handling
...
It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.
...
HID: nvidia-shield: Add missing null pointer checks to LED initialization
...
iommu/vt-d: Use device rbtree in iopf reporting path
...
Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
...
PyTorch nccl.py torch.cuda.nccl.reduce denial of service
...
A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.
...
iommu: Clear iommu-dma ops on cleanup
...
netfs: Fix double put of request
...
GNU Binutils ld xstrdup.c xstrdup memory leak
...
PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs()
...
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.
...
btrfs: fix double accounting race when btrfs_run_delalloc_range() failed
...
Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.<br />*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107. This vulnerability affects Firefox < 107.
...
spi: lpspi: Avoid potential use-after-free in probe()
...
rxrpc: Fix delayed ACKs to not set the reference serial number
...
crypto: starfive - Do not free stack buffer
...