abi stable vulnerabilities and exploits

(subscribe to this query)

An issue exists in the abi_stable crate prior to 0.9.1 for Rust. A retain call can create an invalid UTF-8 string, violating soundness.

Abi Stable Project Abi Stable

An issue exists in the abi_stable crate prior to 0.9.1 for Rust. DrainFilter lacks soundness because of a double drop.

Abi Stable Project Abi Stable

xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attem...

Kde Kpdf Xpdf Xpdf 3.0 Xpdf Xpdf 3.0 Pl2 Xpdf Xpdf 3.0 Pl3

A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.

* Kernel Linux Linux Kernel Redhat Enterprise Linux 8.0 Redhat Enterprise Linux 9.0

In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An...

* Android Google Android -Debian Debian Linux 10.0 Debian Debian Linux 11.0

1 Github repository

With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.

* Kernel Linux Linux Kernel Fedoraproject Fedora 34 Fedoraproject Fedora 35 Fedoraproject Fedora 36 Redhat Enterprise Linux 9.0 Debian Debian Linux 11.0

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several problems with the way hyp code lazily saves the host's FPSIMD/SVE state, including: * Host SVE being discarded unexpectedly ...

Linux Linux Linux Linux Kernel

An issue exists in the Linux kernel up to and including 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.

Linux Linux Kernel Fedoraproject Fedora 37 Netapp H410c Firmware -Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H410s Firmware -Debian Debian Linux 11.0

An issue exists in include/asm-generic/tlb.h in the Linux kernel prior to 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 11.0

An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.

* Kernel Linux Linux Kernel Linux Linux Kernel 5.19 Fedoraproject Fedora 36 Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 8.0 Redhat Enterprise Linux 9.0 Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H410s Firmware -

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook