10 matches found
SUSE CVE-2026-46064
In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...
CVE-2026-46064
CVE-2026-46064 affects the Linux kernel’s ibmasm_send_i2o_message, where the copy size is derived from user-controlled dot_command_header fields and not validated against allocation size. This can let an attacker perform a heap over-read by memcpy_toio(), reaching up to ~65 KB beyond the allocate...
EUVD-2026-32446
In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...
CVE-2023-4515
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed "ksmbd: validate command payload size", except for SMB2OPLOCKBREAKHE command, the request size of other commands is not checked, it's not expected. Fix it by add check f...
DEBIAN-CVE-2023-4515
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed "ksmbd: validate command payload size", except for SMB2OPLOCKBREAKHE command, the request size of other commands is not checked, it's not expected. Fix it by add check f...
CVE-2023-4515
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed "ksmbd: validate command payload size", except for SMB2OPLOCKBREAKHE command, the request size of other commands is not checked, it's not expected. Fix it by add check f...
CVE-2023-4515 ksmbd: validate command request size
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed "ksmbd: validate command payload size", except for SMB2OPLOCKBREAKHE command, the request size of other commands is not checked, it's not expected. Fix it by add check f...
Qualcomm 多款产品安全漏洞
The Qualcomm Qca chip and others are products of Qualcomm Incorporated.The Qualcomm Qca chip is a Bluetooth module chip.The Qualcomm Sd chip is a processor.The Qualcomm Wcd chip is an Aqstic™ audio codec. A security vulnerability exists in multiple Qualcomm products that originated when improper...
CVE-2021-30261
Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...
CVE-2021-30261
CVE-2021-30261 : Qualcomm/Qualcomm-derived Snapdragon components are affected by an input validation flaw in the HLOS beacon template update path. The vulnerability stems from lack of input command size validation, enabling possible integer and heap overflow in affected Qualcomm chips. The CNNVD ...