580 matches found
CVE-2024-57973 rdma/cxgb4: Prevent potential integer overflow on 32bit
In the Linux kernel, the following vulnerability has been resolved: rdma/cxgb4: Prevent potential integer overflow on 32bit The "gl-totlen" variable is controlled by the user. It comes from processresponses. On 32bit systems, the "gl-totlen + sizeofstruct cplpassacceptreq + sizeofstruct rssheader...
CVE-2024-57973
CVE-2024-57973 is a Linux kernel vulnerability in rdma/cxgb4 where 32‑bit systems could overflow when calculating gl->tot_len for a CPL pass/RS S header due to arithmetic of gl->tot_len + sizeof(struct cpl_pass_accept_req) + sizeof(struct rss_header). The issue is triggered by user-controll...
CVE-2024-57953
In the Linux kernel, the following vulnerability has been resolved: rtc: tps6594: Fix integer overflow on 32bit systems The problem is this multiply in tps6594rtcsetoffset tmp = offset TICKSPERHOUR; The "tmp" variable is an s64 but "offset" is a long in the -277774-277774 range. On 32bit systems ...
CVE-2024-57953 rtc: tps6594: Fix integer overflow on 32bit systems
In the Linux kernel, the following vulnerability has been resolved: rtc: tps6594: Fix integer overflow on 32bit systems The problem is this multiply in tps6594rtcsetoffset tmp = offset TICKSPERHOUR; The "tmp" variable is an s64 but "offset" is a long in the -277774-277774 range. On 32bit systems ...
CVE-2024-57953 rtc: tps6594: Fix integer overflow on 32bit systems
In the Linux kernel, the following vulnerability has been resolved: rtc: tps6594: Fix integer overflow on 32bit systems The problem is this multiply in tps6594rtcsetoffset tmp = offset TICKSPERHOUR; The "tmp" variable is an s64 but "offset" is a long in the -277774-277774 range. On 32bit systems ...
CVE-2022-49387
In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fix 32bit overflow issue The value of timercycleus can be 0 due to 32bit overflow. For eg:- If we assign the counter value "0xfff" for computing maxval. This patch fixes this issue by appending ULL to 1024, so...
CVE-2022-49387
In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fix 32bit overflow issue The value of timercycleus can be 0 due to 32bit overflow. For eg:- If we assign the counter value "0xfff" for computing maxval. This patch fixes this issue by appending ULL to 1024, so...
CVE-2022-49387 watchdog: rzg2l_wdt: Fix 32bit overflow issue
In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fix 32bit overflow issue The value of timercycleus can be 0 due to 32bit overflow. For eg:- If we assign the counter value "0xfff" for computing maxval. This patch fixes this issue by appending ULL to 1024, so...
CVE-2022-49387 watchdog: rzg2l_wdt: Fix 32bit overflow issue
In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fix 32bit overflow issue The value of timercycleus can be 0 due to 32bit overflow. For eg:- If we assign the counter value "0xfff" for computing maxval. This patch fixes this issue by appending ULL to 1024, so...
CVE-2022-49387
CVE-2022-49387 concerns the Linux kernel watchdog driver rzg2l_wdt. The root cause is a 32-bit overflow in timer_cycle_us that can yield 0, e.g., when a counter like 0xfff is used to compute maxval. The provided connected documents confirm a patch that promotes values to 64-bit by appending ULL t...
PT-2025-8321 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A 32bit overflow issue has been identified in the Linux kernel, specifically in the watchdog component rzg2l wdt. The issue arises when the value of timer cycle us can be 0 due to the...
Security update for systemd
This update for systemd fixes the following issues: Import commit 0512d0d1fc0b54a84964281708036a46ab39c153 0512d0d1fc cgroup: Rename effective limits internal table jscPED-5659 765846b70b cgroup: Restrict effective limits with global resource provision jscPED-5659 e29909088b test: Add effective...
CVE-2024-57890
In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...
CVE-2024-53107
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: prevent integer overflow in pagemapscangetargs The "arg-veclen" variable is a u64 that comes from the user at the start of the function. The "arg-veclen sizeofstruct pageregion" multiplication can lead to integer...
CVE-2024-53107
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: prevent integer overflow in pagemapscangetargs The "arg-veclen" variable is a u64 that comes from the user at the start of the function. The "arg-veclen sizeofstruct pageregion" multiplication can lead to integer...
CVE-2024-53107 fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args()
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: prevent integer overflow in pagemapscangetargs The "arg-veclen" variable is a u64 that comes from the user at the start of the function. The "arg-veclen sizeofstruct pageregion" multiplication can lead to integer...
CVE-2024-31007
Buffer Overflow vulnerability in IrfanView 32bit v.4.66 allows a local attacker to cause a denial of service via a crafted file. Affected component is IrfanView 32bit 4.66 with plugin formats.dll...
SUSE SLES15 Security Update : curl (SUSE-SU-2024:3080-2)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3080-2 advisory. - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str bsc1228535 Tenable has extracted the preceding description block...
UBUNTU-CVE-2024-44965
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...
AZL-48394 CVE-2024-45492 affecting package expat for versions less than 2.6.3-1
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...