Page 83 of 4199 results (0.019 seconds)

CVSS: 6.2EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-12767 – libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c

https://notcve.org/view.php?id=CVE-2020-12767

exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. La función exif_entry_get_value en el archivo exif-entry.c en libexif versión 0.6.21, presenta un error de división por cero. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html https://github.com/libexif/libexif/issues/31 https://lists.debian.org/debian-lts-announce/2020/05/msg00016.html https://security.gentoo.org/glsa/202007-05 https://usn.ubuntu.com/4358-1 https://access.redhat.com/security/cve/CVE-2020-12767 https://bugzilla.redhat.com/show_bug.cgi?id=1834950 • CWE-369: Divide By Zero •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2020-12768

https://notcve.org/view.php?id=CVE-2020-12768

An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot, the size is negligible, and it can't be triggered at will ** EN DISPUTA ** Se detectó un problema en el kernel de Linux versiones anteriores a 5.6. La función svm_cpu_uninit en el archivo arch/x86/kvm/svm.c, presenta una pérdida de memoria, también se conoce como CID-d80b64ff297e. NOTA: terceras partes disputan este asunto porque es una fuga única en el arranque, el tamaño es insignificante, y no se puede disparar a voluntad. • https://bugzilla.suse.com/show_bug.cgi?id=1171736#c3 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d80b64ff297e40c2b6f7d7abc1b3eba70d22a068 https://usn.ubuntu.com/4411-1 https://usn.ubuntu.com/4412-1 https://usn.ubuntu.com/4413-1 https://www.debian.org/security/2020/dsa-4699 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 2

CVE-2020-12769

https://notcve.org/view.php?id=CVE-2020-12769

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8. Se detectó un problema en el kernel de Linux versiones anteriores a 5.4.17. El archivo drivers/spi/spi-dw.c, permite a atacantes causar un pánico por medio de llamadas concurrentes a las funciones dw_spi_irq y dw_spi_transfer_one, también se conoce como CID-19b61392c5a8. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.17 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19b61392c5a852b4e8a0bf35aecb969983c5932d https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lkml.org/lkml/2020& • CWE-662: Improper Synchronization •

CVSS: 6.7EPSS: 0%CPEs: 44EXPL: 0

CVE-2020-12770 – kernel: sg_write function lacks an sg_remove_request call in a certain failure case

https://notcve.org/view.php?id=CVE-2020-12770

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040. Se detectó un problema en el kernel de Linux versiones hasta 5.6.11. La función sg_write, carece de una llamada a sg_remove_request en un determinado caso de fallo, también se conoce como CID-83c6f2390040. A vulnerability was found in sg_write in drivers/scsi/sg.c in the SCSI generic (sg) driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid (Sg_fd * sfp) pointer at the time of failure, also possibly causing a kernel internal information leak problem. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=83c6f2390040f188cc25b270b4befeb5628c1aee https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ES5C6ZCMALBEBMKNNCTBSLLSYGFZG3FF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 41EXPL: 1

CVE-2020-12771

https://notcve.org/view.php?id=CVE-2020-12771

An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. Se detectó un problema en el kernel de Linux versiones hasta 5.6.11. La función btree_gc_coalesce en el archivo drivers/md/bcache/btree.c, presenta un punto muerto si se produce un fallo de la operación de coalescencia. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https://lkml.org/lkml/2020/4/26/87 https://security.netapp.com/advisory/ntap-20200608-0001 https://usn.ubuntu.com/4462-1 https: • CWE-667: Improper Locking •