CVE-2022-48827 NFSD: Fix the behavior of READ near OFFSET_MAX

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...

CVE-2022-48827 NFSD: Fix the behavior of READ near OFFSET_MAX

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...

An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks a random number generator may be seeded with too little data.

...

CVE-2024-36948 drm/xe/xe_migrate: Cast to output precision before multiplying operands

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Cast to output precision before multiplying operands Addressing potential overflow in result of multiplication of two lower precision u32 operands before widening it to higher precision u64. -v2 Fix commit messa...

CVE-2021-47348 drm/amd/display: Avoid HDCP over-read and corruption

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid HDCP over-read and corruption Instead of reading the desired 5 bytes of the actual target field, the code was reading 8. This could result in a corrupted value if the trailing 3 bytes were non-zero, so...

CVE-2021-47348 drm/amd/display: Avoid HDCP over-read and corruption

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid HDCP over-read and corruption Instead of reading the desired 5 bytes of the actual target field, the code was reading 8. This could result in a corrupted value if the trailing 3 bytes were non-zero, so...

DEBIAN-CVE-2023-52655

In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeofu64 the value passed to skbtrim as length will wrap around ending up as some very large value. The driver will then proce...

PT-2024-7325

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a possible divide-by-zero error in the wb dirty limits function. This error occurs because the thresh value, which is an unsigned long, is passed as a u32 divis...

GHSA-R24F-HG58-VFRW unsafe-libyaml unaligned write of u64 on 32-bit and 16-bit platforms

Affected versions allocate memory using the alignment of usize and write data to it of type u64, without using core::ptr::writeunaligned. In platforms with sub-64bit alignment for usize including wasm32 and x86 these writes are insufficiently aligned some of the time. If using an ordinary optimiz...

Unaligned write of u64 on 32-bit and 16-bit platforms

Affected versions allocate memory using the alignment of usize and write data to it of type u64, without using core::ptr::writeunaligned. In platforms with sub-64bit alignment for usize including wasm32 and x86 these writes are insufficiently aligned some of the time. If using an ordinary optimiz...

RUSTSEC-2023-0075 Unaligned write of u64 on 32-bit and 16-bit platforms

Affected versions allocate memory using the alignment of usize and write data to it of type u64, without using core::ptr::writeunaligned. In platforms with sub-64bit alignment for usize including wasm32 and x86 these writes are insufficiently aligned some of the time. If using an ordinary optimiz...

GSD-2023-1002061 i2c: designware: use casting of u64 in clock multiplication to avoid overflow

i2c: designware: use casting of u64 in clock multiplication to avoid overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.91 by commit...

GSD-2023-1001916 cpufreq: CPPC: Add u64 casts to avoid overflowing

cpufreq: CPPC: Add u64 casts to avoid overflowing This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...

GSD-2023-1001908 i2c: designware: use casting of u64 in clock multiplication to avoid overflow

i2c: designware: use casting of u64 in clock multiplication to avoid overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...

DEBIAN-CVE-2022-23639

crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...

Mozilla Rust has an unspecified vulnerability (CNVD-2021-61405)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a security vulnerability exists in the anymap crate of Mozilla Rust version 0.12.1, which can be exploited by attackers to compromise soundness by converting u8 to u64...

CVE-2021-38187

An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a u8 to a u64...

CVE-2021-38187

An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a u8 to a u64...

CVE-2021-38187

An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a u8 to a u64...

Code injection

An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a u8 to a u64...