CVE-2024-46804 drm/amd/display: Add array index check for hdcp ddc access

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access Why Coverity reports OVERRUN warning. Do not check if array index valid. How Check msgid valid and valid array index...

CVE-2024-46804 drm/amd/display: Add array index check for hdcp ddc access

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access Why Coverity reports OVERRUN warning. Do not check if array index valid. How Check msgid valid and valid array index...

CVE-2024-46804

CVE-2024-46804 affects the Linux kernel’s DRM/AMD display path, specifically HDCP DDC access. The vulnerability stems from an array index overrun due to not validating the index, which could lead to overrun/W earlier reports. The fix adds proper checks: validate the message id (msg_id) and ensure...

CVE-2024-46804 drm/amd/display: Add array index check for hdcp ddc access

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access Why Coverity reports OVERRUN warning. Do not check if array index valid. How Check msgid valid and valid array index...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not avoiding the use of negative values when dealing with array indexes. No details of the vulnerability are...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking the validity of gpioid before using it as an array index...

kernel: vt_ioctl: fix array_index_nospec in vt_setactivate

A vulnerability was found in the Linux kernel's vtioctl subsystem, where the vtsetactivate function can lead to a transient integer underflow due to improper handling of the vsa.console value. The vulnerability arises when an out-of-bounds value is decreased before being sanitized using...

The vulnerability of the array_index_nospec function in the DMA-BUF driver of the Linux operating system allows a hacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the arrayindexnospec function in the Linux kernel’s DMA-buf driver is related to a memory leak. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

DEBIAN-CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

UBUNTU-CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

DEBIAN-CVE-2024-46728

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index for auxrdinterval before using auxrdinterval has size of 7 and should be checked. This fixes 3 OVERRUN and 1 INTEGEROVERFLOW issues reported by Coverity...

CVE-2024-46730 drm/amd/display: Ensure array index tg_inst won't be -1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure array index tginst won't be -1 WHY & HOW tginst will be a negative if timinggeneratorcount equals 0, which should be checked before used. This fixes 2 OVERRUN issues reported by Coverity...

CVE-2024-46730 drm/amd/display: Ensure array index tg_inst won't be -1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure array index tginst won't be -1 WHY & HOW tginst will be a negative if timinggeneratorcount equals 0, which should be checked before used. This fixes 2 OVERRUN issues reported by Coverity...

CVE-2024-46730

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure array index tginst won't be -1 WHY & HOW tginst will be a negative if timinggeneratorcount equals 0, which should be checked before used. This fixes 2 OVERRUN issues reported by Coverity...

CLSA-2024-1726058957 java-1.8.0-openjdk: Fix of 6 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs: - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: Infinite loop vunlerability in SymbolTable - CVE-2024-21140: Int overflow/underflow in Range Check Elimination RCE - CVE-2024-21144: Invalid header...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2024:3183-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3183-1 advisory. - Update to Java 8.0 Service Refresh 8 Fix Pack 30 bsc1228346 - CVE-2024-21147: Fixed an array index overflow in...

SUSE SLES15 / openSUSE 15 Security Update : java-1_8_0-ibm (SUSE-SU-2024:3162-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3162-1 advisory. - Update to Java 8.0 Service Refresh 8 Fix Pack 30 bsc1228346 - CVE-2024-21147: Fixed an array index overflow in...

SUSE-SU-2024:3162-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 8 Fix Pack 30 bsc1228346 - CVE-2024-21147: Fixed an array index overflow in RangeCheckElimination. bsc1228052 - CVE-2024-21145: Fixed an out-of-bounds access in 2D image handling. bsc1228051 -...

CVE-2024-44993

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix out-of-bounds read in v3dcsdjobrun When enabling UBSAN on Raspberry Pi 5, we get the following warning: 387.894977 UBSAN: array-index-out-of-bounds in drivers/gpu/drm/v3d/v3dsched.c:320:3 387.903868 index 7 is out of...