CVE-2023-52770 f2fs: split initial and dynamic conditions for extent_cache

In the Linux kernel, the following vulnerability has been resolved: f2fs: split initial and dynamic conditions for extentcache Let's allocate the extentcache tree without dynamic conditions to avoid a missing condition causing a panic as below. create a file w/ a compressed flag disable the...

Yubico YubiHSM 2 SDK Buffer Error Vulnerability

Yubico YubiHSM is a solution from Yubico Inc. for protecting Certificate Authority root keys from being copied by attackers, malware and malicious insiders. A security vulnerability exists in Yubico YubiHSM 2 SDK 2023.01 and earlier versions, which stems from the PKCS11 module failing to correctl...

Design/Logic Flaw

RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. In version 2023.01 and prior, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used...

Null pointer dereference

RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. In versions 2023.01 and prior, an attacker can send a crafted frame which is forwarded by the device. During encoding of the packet a NULL pointer dereference...

RIOT RIOT-OS 竞争条件问题漏洞

RIOT RIOT-OS is a set of operating systems used in the Internet of Things IoT space. A security vulnerability exists in RIOT RIOT-OS 2023.01 and earlier versions, which stems from triggering a race condition and can be exploited by an attacker to conduct a denial-of-service attack...