NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. An attacker can convince a user to open a document to trigger this vulnerability. This can lead to code execution under the context of the application. When closed, the document will result in the reference being released twice. A specially crafted document can cause a reference to a timeout object to be stored in two different places. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of service.Īn exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. This is related to netgroupcache.c.Ī flaw was found in htmldoc in v1.9.12. The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. The move_elements function can have a double-free upon a panic in a user-provided f function.
NOTE: from the perspective of releases, CVE IDs are not normally used for drivers/staging/* (unfinished work) however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.Īn issue was discovered in the scratchpad crate before 1.3.1 for Rust.
A double free vulnerability exists in libcurl ssid array.
0 kommentar(er)
