CVE-2025-37935 net: ethernet: mtk_eth_soc: fix SER panic with 4GB+ RAM

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix SER panic with 4GB+ RAM If the mtkpollrx function detects the MTKRESETTING flag, it will jump to releasedesc and refill the high word of the SDP on the 4GB RFB. Subsequently, mtkrxclean will process ...

CVE-2023-53026 RDMA/core: Fix ib block iterator counter overflow

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix ib block iterator counter overflow When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry to smaller, aligned to the selected page size...

ROS-20240404-11

A vulnerability in the libcapstrdup function of the Libcap package is related to an overflow if the input string is close to 4 GB. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

GO-2024-2606 SQL injection in github.com/jackc/pgproto3 and github.com/jackc/pgx

An integer overflow in the calculated message size of a query or bind message could allow a single large message to be sent as multiple messages under the attacker's control. This could lead to SQL injection if an attacker can cause a single query or bind message to exceed 4 GB in size...

Integer overflow

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...

Integer overflow

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of...

CVE-2020-15117

In Synergy before version 1.12.0, a Synergy server can be crashed by receiving a kMsgHelloBack packet with a client name length set to 0xffffffff 4294967295 if the servers memory is less than 4 GB. It was verified that this issue does not cause a crash through the exception handler if the availab...

FreeBSD : FreeBSD -- kernel memory disclosure from /dev/midistat (5027b62e-f680-11e9-a87f-a4badb2f4699)

The kernel driver for /dev/midistat implements a handler for read2. This handler is not thread-safe, and a multi-threaded program can exploit races in the handler to cause it to copy out kernel memory outside the boundaries of midistat's data buffer. Impact : The races allow a program to read...

CVE-2018-16301

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:readinfile. To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump...

Buffer overflow

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:readinfile. To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump...

CVE-2018-16301

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:readinfile. To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump...

CVE-2018-16301

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:readinfile. To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump...

Default credentials

The QLogic 4Gb Fibre Channel 5.5.2.6.0 and 4/8Gb SAN 7.10.1.20.0 modules for IBM BladeCenter have an undocumented support account with a support password, an undocumented diags account with a diags password, and an undocumented prom account with a prom password...

CVE-2018-18202

The CVE-2018-18202 issue affects the IBM BladeCenter QLogic 4Gb Fibre Channel modules (versions 5.5.2.6.0 and 4/8Gb SAN 7.10.1.20.0). It stems from undocumented accounts (support, diags, and prom) with passwords, potentially enabling unauthenticated network access to the device. NVD/Red Hat entri...

CVE-2017-15119

The Network Block Device NBD server in Quick Emulator QEMU before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from...

Open Source Full Featured Network Operating System: OpenSwitch

Open Source Full Featured Network Operating System OpenSwitch provides a fully-featured L2/L3 control plane stack, traditional and programmatic, declarative control plane. The 24×7 nature of global digital economy and the explosion of data have changed how we think about data center networking...

VirtualBox Guest-To-Host Out-Of-Bounds Write Exploit

Exploit for multiple platform in category dos / poc VirtualBox: guest-to-host out-of-bounds write via virtio-net CVE-2017-3575 This is a vulnerability that affects VirtualBox VMs that use a virtio network adapter which is a non-standard configuration. It permits the guest kernel to write up to 4G...

The World's First $9 Computer is Shipping Today!

Remember Project: C.H.I.P. ? A $9 Linux-based, super-cheap computer that raised some $2 Million beyond a pledge goal of just $50,000 on Kickstarter will be soon in your pockets. Four months ago, Dave Rauchwerk, CEO of Next Thing Co., utilized the global crowd-funding corporation ‘Kickstarter’ for...

Integer overflow

Integer overflow in hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."...

Low unzip security and bug fix update

5.51-9.EL4.5 - Resolves: 230558 problem in patch4 unzipped file permissions 5.51-8.EL4.5 - fix problem with 4GB files which are not compressed 5.51-7.EL4.5 - fix 164927 - TOCTOU issue in unzip - fix 178960 - unzip long filename buffer overflow - fix 199104 - add large file support return Lon's 4G...