7654 matches found
CVE-2024-40789
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected...
CVE-2024-40789
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected...
CVE-2024-40780
CVE-2024-40780 is an out-of-bounds read in WebKitGTK/webkit2gtk. The issue may cause a crash when processing malicious web content. Concrete details in connected sources show affected packages across distributions (Debian webkit2gtk, Fedora webkit2gtk, Debian DSA/DLA advisories, and Amazon Linux ...
CVE-2024-40780
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process cra...
CVE-2024-40779
CVE-2024-40779 corresponds to an out-of-bounds read in WebKitGTK/WebKit2GTK. The issue is described as being mitigated by improved bounds checking and is fixed in various Apple OS components (e.g., iOS, iPadOS, macOS Sonoma), and is also acknowledged in Linux distributions via webkit2gtk advisori...
CVE-2024-41097
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacrubind Syzbot is still reporting quite an old issue 1 that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be used at urb sumbitting...
CVE-2024-41097 usb: atm: cxacru: fix endpoint checking in cxacru_bind()
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacrubind Syzbot is still reporting quite an old issue 1 that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be used at urb sumbitting...
CVE-2024-41097
CVE-2024-41097 concerns the Linux kernel USB ATM cxacru driver. The issue stemmed from incomplete endpoint checking during cxacru_bind(), which could cause wrong endpoint types to be used when submitting URBs. The patch adds verification that required endpoint types are present for both IN and OU...
CVE-2024-41097 usb: atm: cxacru: fix endpoint checking in cxacru_bind()
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacrubind Syzbot is still reporting quite an old issue 1 that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be used at urb sumbitting...
CVE-2024-41097 usb: atm: cxacru: fix endpoint checking in cxacru_bind()
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacrubind Syzbot is still reporting quite an old issue 1 that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be used at urb sumbitting...
CVE-2024-41039 firmware: cs_dsp: Fix overflow checking of wmfw header
In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw header, to prevent overrunning the buffer. The original code tested that the firmware data buffer...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...
CVE-2024-41015
In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2checkdirentry This adds sanity checks for ocfs2direntry to make sure all members of ocfs2direntry don't stray beyond valid memory region...
DEBIAN-CVE-2024-41015
In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2checkdirentry This adds sanity checks for ocfs2direntry to make sure all members of ocfs2direntry don't stray beyond valid memory region...
CVE-2024-41018
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attrnames and oatbl Added out-of-bound checking for ane ATTRNAMEENTRY...
CVE-2024-41014
In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlogrecoverprocessdata There is a lack of verification of the space occupied by fixed members of xlogopheader in the xlogrecoverprocessdata. We can create a crafted image to trigger an out of bounds re...
DEBIAN-CVE-2024-41013
In the Linux kernel, the following vulnerability has been resolved: xfs: don't walk off the end of a directory data block This adds sanity checks for xfsdir2dataunused and xfsdir2dataentry to make sure don't stray beyond valid memory region. Before patching, the loop simply checks that the start...
CVE-2024-41018 fs/ntfs3: Add a check for attr_names and oatbl
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attrnames and oatbl Added out-of-bound checking for ane ATTRNAMEENTRY...
CVE-2024-41018 fs/ntfs3: Add a check for attr_names and oatbl
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attrnames and oatbl Added out-of-bound checking for ane ATTRNAMEENTRY...
CVE-2024-41018 fs/ntfs3: Add a check for attr_names and oatbl
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attrnames and oatbl Added out-of-bound checking for ane ATTRNAMEENTRY...