192 matches found
CVE-2019-18683
CVE-2019-18683 affects the Linux kernel’s V4L2 vivid driver (drivers/media/platform/vivid). The issue arises from wrong mutex locking in functions vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and related kthreads, causing multiple race conditions dur...
CVE-2022-32205
CVE-2022-32205 affects curl and can cause denial of service when a malicious server serves a large number of Set-Cookie headers. curl
CVE-2020-1752
CVE-2020-1752 (glibc) is a use-after-free vulnerability in the tilde expansion path handling of glibc’s glob processing, originating in upstream version 2.14 and fixed in 2.32. The issue affects directory paths beginning with a tilde followed by a valid username and can be exploited by a local at...
CVE-2020-29369
CVE-2020-29369 is a real Linux kernel vulnerability described in the connected docs. It is a race condition in mm/mmap.c (expand_downwards vs. expand_upwards) that can occur during munmap page-table free operations, present in Linux kernels before 5.7.11 (CID-246c320a8cfe). The issue is triggered...
CVE-2020-8835
CVE-2020-8835 affects Linux kernel 5.5.0 and newer, with backports to 5.4.x. The issue is in the BPF verifier (kernel/bpf/verifier.c): it truncates 64-bit values to 32-bit for 32-bit operations, causing the verifier’s checked bounds to diverge from actual execution. This can lead to out-of-bounds...
CVE-2019-18805
CVE-2019-18805 affects the Linux kernel prior to 5.0.11. A signed integer overflow occurs in net/ipv4/sysctl_net_ipv4.c and in tcp_input.c (tcp_ack_update_rtt()) when a very large value is written to /proc/sys/net/ipv4/tcp_min_rtt_wlen, potentially causing a denial of service or other impact. Con...
CVE-2019-9075
CVE-2019-9075 affects GNU Binutils 2.32 (libbfd) with a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap (archive64.c). Multiple connected sources (Astra Linux, CNVD, Debian tracker, F5 advisory, Cloud Linux updates) confirm the vulnerability in the BFD library and describe potential...
CVE-2019-3901
CVE-2019-3901 describes a race condition in perf_event_open() that can leak data from setuid processes. The root cause is that cred_guard_mutex is not held during the ptrace_may_access() check, allowing a target task to execve() with setuid execution before perf_event_alloc() attaches, bypassing ...
CVE-2019-16995
CVE-2019-16995 affects the Linux kernel prior to 5.0.3. The issue is a memory leak in hsr_dev_finalize() (net/hsr/hsr_device.c) that can occur if hsr_add_port fails to add a port, potentially leading to a denial of service. The vulnerability is not tied to a vendor product in the provided text be...
CVE-2021-42376
CVE-2021-42376 is a BusyBox vulnerability affecting the hush applet where a NULL pointer dereference can cause denial of service when processing a crafted command due to missing validation after a delimiter. Public disclosures and vendor advisories across multiple distributions (Debian, Alpine, F...
CVE-2019-19816
CVE-2019-19816 affects the Linux kernel 5.0.21: mounting a crafted btrfs image can trigger a slab-out-of-bounds write in __btrfs_map_block in fs/btrfs/volumes.c due to mishandling of the data stripes value = 1. The connected Nessus advisory blocks (Unity Linux UTSA-2026-004332 and related plugin ...
CVE-2017-7658
In CVE-2017-7658, Eclipse Jetty had a flaw in how it handles HTTP requests when multiple Content-Length headers are present or when a Content-Length header accompanies a chunked encoding header. This could allow a forged or pipelined request to bypass intermediary authorization if the shorter len...
CVE-2019-9074
CVE-2019-9074 affects the GNU Binutils Binary File Descriptor library (libbfd) bundled in Binutils 2.32. It is an out-of-bounds read in bfd_getl32 called from pei-x86_64.c, leading to a SEGV. Several connected advisories confirm impact on local attackers via crafted ELF/PE files and DoS, with pos...
CVE-2024-32487
CVE-2024-32487 affects the less utility. The issue allows OS command execution via a newline character in a file name due to faulty quoting in filename.c (affecting versions up to 653). Exploitation typically requires attacker-controlled file names (e.g., from an untrusted archive) and the LESSOP...
CVE-2019-9162
CVE-2019-9162 concerns the Linux kernel prior to 4.20.12, where the SNMP NAT module's net/ipv4/netfilter/nf_nat_snmp_basic_main.c contains insufficient ASN.1 length checks. This can trigger an out-of-bounds read/write (array index) leading to a kernel oops or local privilege escalation, specifica...
CVE-2018-7185
CVE-2018-7185 affects ntp protocol engine in ntp 4.2.6 before 4.2.8p11, where a remote attacker can send crafted packets with a zero-origin timestamp and the source IP of the other side of an interleaved association to cause the victim ntpd to reset its association, producing a denial of service....
CVE-2018-7170
CVE-2018-7170 affects ntp’s ntpd component in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92. An authenticated attacker who knows a private symmetric key can create many ephemeral associations to win the clock selection (Sybil attack) and modify a victim’s clock. The issue arises from an incomp...
CVE-2019-19318
The CVE-2019-19318 issue affects Linux kernel 5.3.11. Root cause: mounting a crafted btrfs image twice can trigger a use-after-free in rwsem_down_write_slowpath because rwsem_can_spin_on_owner’s rwsem_owner_flags returns an already freed pointer. Documented impact per sources indicates an availab...
CVE-2019-19813
CVE-2019-19813 is a Linux kernel use-after-free in __mutex_lock on Linux kernel 5.0.21 when mounting a crafted btrfs image, performing operations, and calling syncfs, related to mutex_can_spin_on_owner, __btrfs_qgroup_free_meta, and btrfs_insert_delayed_items. It is a local, user-interaction-requ...
CVE-2019-3844
Summary (CVE-2019-3844): Affected component is systemd with DynamicUser; a local attacker can create SUID/SGID binaries and gain access to resources owned by a potentially different service after the transient UID/GID is recycled. This is a local privilege escalation vulnerability. Remediation fo...
CVE-2019-14444
CVE-2019-14444: GNU Binutils 2.32 contains an integer overflow in readelf/elfcomm.c (byte_put_little_endian) that can trigger a denial of service via crafted ELF files. IBM Netezza products have addressed this by upgrading Binutils; remediation patches include Netezza Analytics 3.3.8 (and related...
CVE-2019-12615
CVE-2019-12615 affects the Linux kernel (SPARC) in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c prior to/through version 5.1.6, due to an unchecked kstrdup_const of node_info->vdev_port.name that can trigger a NULL pointer dereference and system crash. This is a DoS vulnerability as de...
CVE-2021-42377
CVE-2021-42377 (BusyBox) is one of multiple vulnerabilities affecting BusyBox, specifically in the hush applet. The issue is an attacker-controlled pointer free that can cause denial of service and, under rare crafted inputs, may enable remote code execution. The vulnerability is categorized unde...
CVE-2021-38202
CVE-2021-38202 affects the Linux kernel before 5.13.4, where fs/nfsd/trace.h can allow remote attackers to trigger a denial-of-service via an out-of-bounds read in strlen when the trace event framework is used for nfsd. The vulnerability is triggered by NFS traffic sent over the network. A fix wa...
CVE-2021-42374
CVE-2021-42374 is an out-of-bounds heap read in BusyBox’s unlzma applet that can lead to information leakage and denial of service when decompressing crafted LZMA input. Connected sources confirm impact on BusyBox broadly (unlzma) across multiple distributions and variants (e.g., Debian/BusyBox a...
CVE-2022-1619
CVE-2022-1619 is a heap-based buffer overflow in Vim's cmdline_erase_chars (vim/vim) before version 8.2.4899. The vulnerability can crash Vim, corrupt memory, and potentially enable remote code execution. The connected Astra Linux bulletin confirms the same technical detail. The provided document...
CVE-2021-38203
CVE-2021-38203 affects the btrfs component in the Linux kernel, with the issue present in versions before 5.13.4. The root cause is a race condition during allocations of new system chunks when space is scarce in space_info, which can lead to a denial-of-service (deadlock) for local attackers. Pu...
CVE-2020-16599
CVE-2020-16599 concerns a NULL pointer dereference in the GNU Binutils library (libbfd) distributed with Binutils 2.35, specifically in _bfd_elf_get_symbol_version_string used by nm-new, which can cause a denial of service via a crafted ELF file. The connected Nessus entries note an “illegal memo...
CVE-2019-19050
CVE-2019-19050 describes a memory leak in the Linux kernel’s crypto_reportstat() path (crypto/crypto_user_stat.c) that can cause a denial of service via memory consumption when crypto_reportstat_alg() fails, affected up to kernel 5.3.11. Connected Nessus advisories (Unity Linux UTSA-2026-003794 a...
CVE-2019-1010204
CVE-2019-1010204 affects GNU binutils, specifically the gold linker. The vulnerability arises from a combination of improper input validation , signed/unsigned comparison , and an out-of-bounds read in the code paths for gold/fileread.cc:497 and elfcpp/elfcpp_file.h:644. The documented impact is ...
CVE-2019-3843
CVE-2019-3843 concerns systemd's DynamicUser feature, where a service can create a SUID/SGID binary and retain it under a transient UID/GID after termination. The result is a local attacker potentially accessing resources owned by a different service in the future when UID/GID are recycled, as de...
CVE-2020-9391
CVE-2020-9391 affects the Linux kernel on AArch64 (versions 5.4 to 5.5.6). The top byte of the address passed to brk is ignored, potentially moving the program break downward instead of upward, which can cause heap corruption in glibc malloc. Public sources in the connected documents consistently...
CVE-2021-42373
CVE-2021-42373 is a NULL pointer dereference in BusyBox's man applet triggered when a section name is supplied but no page argument is given, causing a denial of service via local access. Affected product: BusyBox (man applet). Root cause: NULL pointer dereference in mq_handle logic; impact: loca...
CVE-2021-42375
CVE-2021-42375 concerns BusyBox ash applet: incorrect handling of a special element can trigger a denial of service when processing a crafted shell command. Affected product: Cloud Pak for Security (CP4S) versions 1.8.1.0, 1.8.0.0, and 1.7.2.0. Remediation: upgrade to CP4S 1.9.0.0 per IBM guidanc...
CVE-2019-9071
CVE-2019-9071 affects GNU Binutils’ libiberty component (cp-demangle.c, function d_count_templates_scopes) with a stack consumption/stack overflow vulnerability after deep recursion. Likely enables buffer overflow and remote code execution in affected contexts as described in multiple advisories....
CVE-2019-19069
CVE-2019-19069 affects the Linux kernel fastrpc DMA path. A memory leak in the function fastrpc_dma_buf_attach() (drivers/misc/fastrpc.c) can be triggered by dma_get_sgtable() failures, allowing a potential denial of service through memory consumption. The vulnerability is in kernels before 5.3.9...
CVE-2019-9073
CVE-2019-9073 affects the GNU Binutils Binary File Descriptor library (libbfd) shipped with Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables (elf.c). This can impact availability (PARTIAL per CVSSv3), with local attack vector and no confidentiality/in...
CVE-2023-38432
CVE-2023-38432 affects the Linux kernel prior to 6.3.10. The KSMBD SMB2 server (fs/smb/server/smb2misc.c) does not validate the relationship between the SMB command payload size and RFC1002 length, causing an out-of-bounds read. Impact: potential information disclosure or crash as stated by affec...
CVE-2019-10125
CVE-2019-10125 affects the Linux kernel (up to v5.0.4) where aio_poll() in fs/aio.c may release a file by aio_poll_wake() after vfs_poll() returns, causing a use-after-free. Connected advisories (Unity Linux UTSA entries) reproduce the vulnerable description and map the issue to kernel code path ...
CVE-2022-1678
CVE-2022-1678 affects Linux kernel 4.18–4.19, with memory/netns leaks due to improper sock reference handling in TCP pacing. Public Nessus/Unity advisories confirm the issue and reference kernel commits addressing the vulnerability; exploitation is described as remote via TCP pacing. Mitigation/r...
CVE-2019-9072
CVE-2019-9072 affects the GNU Binutils Binary File Descriptor library (libbfd) shipped with Binutils 2.32. The issue is an attempted excessive memory allocation in setup_group() within elf.c, which can enable a denial-of-service through memory exhaustion when processing ELF files. Public advisori...
CVE-2020-8584
The CVE-2020-8584 issue relates to Element OS, affecting versions prior to 1.8P1 and 12.2. It arises from a failure to properly filter certain elements of externally-entered data during the construction of a code segment, enabling an unauthenticated remote attacker to execute arbitrary code. This...