2586 matches found
CVE-2024-58000
In the Linux kernel, the following vulnerability has been resolved: iouring: prevent reg-wait speculations With ENTEREXTARGREG instead of passing a user pointer with arguments for the waiting loop the user can specify an offset into a pre-mapped region of memory, in which case the offset, offset ...
DEBIAN-CVE-2022-49478
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw-unitnumber is initialized with -1 and then if init table walk fails...
CVE-2022-49478
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw-unitnumber is initialized with -1 and then if init table walk fails...
DEBIAN-CVE-2022-49122
In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...
UBUNTU-CVE-2022-49122
In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...
CVE-2022-49720 block: Fix handling of offline queues in blk_mq_alloc_request_hctx()
In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of range for type 'long...
CVE-2022-49720
In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of range for type 'long...
CVE-2022-49478 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw-unitnumber is initialized with -1 and then if init table walk fails...
CVE-2022-49478
CVE-2022-49478 affects the Linux kernel via the media: pvrusb2 driver, specifically a faulty check in pvr2_i2c_core_init that permits an array index of -1 to be used. The issue arises when hdw->unit_number is initialized to -1 and may remain unchanged if the init-table walk fails, leading to o...
CVE-2022-49478 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw-unitnumber is initialized with -1 and then if init table walk fails...
CVE-2022-49478
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw-unitnumber is initialized with -1 and then if init table walk fails...
CVE-2022-49471 rtw89: cfo: check mac_id to avoid out-of-bounds
In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check macid to avoid out-of-bounds Somehow, hardware reports incorrect macid and pollute memory. Check index before we access the array. UBSAN: array-index-out-of-bounds in rtw89/phy.c:2517:23 index 188 is out of rang...
CVE-2022-49471 rtw89: cfo: check mac_id to avoid out-of-bounds
In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check macid to avoid out-of-bounds Somehow, hardware reports incorrect macid and pollute memory. Check index before we access the array. UBSAN: array-index-out-of-bounds in rtw89/phy.c:2517:23 index 188 is out of rang...
CVE-2022-49170
CVE-2022-49170 concerns the F2FS implementation in the Linux kernel. The root cause was a missing sanity check on curseg->alloc_type, which could widen an array-bounds access of sbi->block_count[] (UBSAN: array-index-out-of-bounds) when mounting/operating a corrupted image. The issue manife...
CVE-2022-49170 f2fs: fix to do sanity check on curseg->alloc_type
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg-alloctype As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215657 - Overview UBSAN: array-index-out-of-bounds in fs/f2fs/segment.c:3460:2 when mount and operat...
CVE-2022-49170 f2fs: fix to do sanity check on curseg->alloc_type
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg-alloctype As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215657 - Overview UBSAN: array-index-out-of-bounds in fs/f2fs/segment.c:3460:2 when mount and operat...
CVE-2022-49170
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg-alloctype As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215657 - Overview UBSAN: array-index-out-of-bounds in fs/f2fs/segment.c:3460:2 when mount and operat...
CVE-2022-49122
CVE-2022-49122 is a Linux kernel vulnerability affecting the dm ioctl path where user-supplied data could act as an index and enable Spectre v1 gadget behavior. The fix, described in connected advisories, prevents leakage of kernel memory to userspace by applying array_index_nospec to index handl...
CVE-2022-49122
In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fixed the issue of reading from a negative array index. Avoid using negative values for clkidex as an index into the array pptable-DpmDescriptor. V2: Fixed the return check for clkindex by Tim Huang...