fedoraproject fedora 32 vulnerabilities and exploits

(subscribe to this query)

In the standard library in Rust prior to 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.

Rust-lang Rust Fedoraproject Fedora 32 Fedoraproject Fedora 33 Fedoraproject Fedora 34

In the Linux kernel 5.11 up to and including 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)

Linux Linux Kernel Fedoraproject Fedora 32 Fedoraproject Fedora 33 Fedoraproject Fedora 34

A flaw was found in jasper prior to 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.

Jasper Project Jasper Fedoraproject Fedora 32 Fedoraproject Fedora 33 Fedoraproject Fedora 34

A flaw was found in jasper prior to 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service.

Jasper Project Jasper Fedoraproject Fedora 32 Fedoraproject Fedora 33 Fedoraproject Fedora 34

An issue exists in the Linux kernel up to and including 5.11.11. synic_get in arch/x86/kvm/hyperv.c has a NULL pointer dereference for certain accesses to the SynIC Hyper-V context, aka CID-919f4ebc5987.

Linux Linux Kernel Fedoraproject Fedora 32 Fedoraproject Fedora 33 Fedoraproject Fedora 34

GNU Chess 6.2.7 allows malicious users to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc.

Gnu Chess 6.2.7 Fedoraproject Fedora 32 Fedoraproject Fedora 33 Fedoraproject Fedora 34

In the standard library in Rust prior to 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

Rust-lang Rust Fedoraproject Fedora 32 Fedoraproject Fedora 33 Fedoraproject Fedora 34

1 Github repository

A flaw was found in newlib in versions before 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buf...

Newlib Project Newlib Fedoraproject Fedora 32 Fedoraproject Fedora 33 Fedoraproject Fedora 34

1 Article

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an maliciou...

Glyphandcog Xpdfreader 4.01.01 Fedoraproject Fedora 30 Fedoraproject Fedora 31 Fedoraproject Fedora 32

An issue exists in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.

Artifex Mujs 1.0.5 Fedoraproject Fedora 31 Fedoraproject Fedora 32 Fedoraproject Fedora 33

« PREV 3 4 5 6 7 8 9 10 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook