![]() Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of service.Ī double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. There are no known workarounds for this issue.ĭrivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.Ī vulnerability has been identified in JT2Go (All versions can lead to a double free.Ī flaw was found in htmldoc in v1.9.12. This issue has been resolved in version 5.4.0 and all users should upgrade to UltraJSON 5.4.0. Due to how UltraJSON uses the internal decoder, this double free is impossible to trigger from Python. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of service, code execution, and information disclosure.Īn issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets. NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. The device=strdup statement is not executed on every call. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service. HiCOS’ client-side citizen certificate component has a double free vulnerability. was discovered to contain a double-free via the function dwg_read_file at dwg.c. Rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. Rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. A user opening a malicious qnx binary could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rz_bin_reloc_storage_free() when freeing relocations generated from qnx binary plugin. Rizin is a UNIX-like reverse engineering framework and command-line toolset. SimpleNetwork TCP Server commit 29bc615f0d9910eb2f59aa8dff1f54f0e3af4496 was discovered to contain a double free vulnerability which is exploited via crafted TCP packets. Successful exploitation of this vulnerability will cause the memory to be freed twice. Libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.ĭouble free vulnerability in the storage module. ![]() Mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |