CVE-2023-37329 - Understanding the GStreamer SRT Subtitle File Heap Buffer Overflow Vulnerability
GStreamer is a widely-used open source multimedia framework found in popular desktop environments, media players, browsers, and even embedded systems. In June 2023, a critical
CVE-2023-37328 - Exploiting a Heap-based Buffer Overflow in GStreamer’s PGS File Parsing
TL;DR:
A critical vulnerability, CVE-2023-37328 (ZDI-CAN-20994), was discovered in GStreamer’s handling of PGS subtitle files. Insufficient validation of user-supplied data can lead to
CVE-2024-27388 - Linux Kernel SUNRPC Bug Could Leak Memory – Detailed Analysis & How It Was Fixed
In early 2024, a new security issue was discovered and fixed in the Linux kernel’s SUNRPC subsystem. This bug, now recognized as CVE-2024-27388, was
CVE-2024-27027 - Linux Kernel dpll_xa_ref_*_del() Multiple Registration Vulnerability Explained
A recent vulnerability, CVE-2024-27027, was identified and fixed in the Linux Kernel, specifically relating to the DPLL (Digital Phase-Locked Loop) subsystems. This bug could trigger
CVE-2024-27018 - Linux Kernel br_netfilter Promiscuous Conntrack Vulnerability Explained
- CVE: CVE-2024-27018
Component: Linux Kernel br_netfilter
- Bug: Conntrack input hook is wrongly triggered for promiscuous bridge packets, leading to kernel warnings and
Episode
00:00:00
00:00:00