CVE-2024-26761

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

CVE-2024-26761 cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

CVE-2024-26761 cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

CVE-2024-26761

CVE-2024-26761 : Linux kernel fix in the cxl/pci HDM setup to prevent a system hang when the DVSEC CXL range is not found in a CFMWS window. If the Host Physical Address (HPA) is not a System Physical Address (SPA), the CXL range may not map to a CFMWS window, causing the HDM decoder to be disabl...

CVE-2024-26761

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

CVE-2024-26761 cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

PT-2024-40685 · Git +1 · Openh264

Name of the Vulnerable Software and Affected Versions: Open-source software affected versions not specified Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the WelsDec::CWelsDecoder class, specifically in the ReorderPicturesInDisplay,...

Amazon Linux 2023 : squid (ALAS2023-2024-578)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-578 advisory. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing...

CVE-2024-21463 Buffer Copy Without Checking Size of Input in Audio

Memory corruption while processing Codec2 during v13k decoder pitch synthesis...

CVE-2024-21463 Buffer Copy Without Checking Size of Input in Audio

Memory corruption while processing Codec2 during v13k decoder pitch synthesis...

CVE-2024-21463

CVE-2024-21463 describes memory corruption in Codec2 during v13k decoder pitch synthesis, affecting Qualcomm chipsets (closed‑source components) per the provided records. The vulnerability is triggered in the Codec2 processing path, leading to potential impact on confidentiality, integrity, and a...

PT-2024-18886 · Unknown · V13K Decoder

Name of the Vulnerable Software and Affected Versions: v13k decoder affected versions not specified Description: The issue is related to memory corruption that occurs while processing Codec2 during v13k decoder pitch synthesis. Recommendations: At the moment, there is no information about a newer...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets, which originates from a memory corruption that occurs when processing Codec2 during tone synthesis in the v13k decoder...

MGASA-2024-0102 Updated squid packages fix security vulnerabilities

Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squ...

OESA-2024-1335 cri-o security update

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. Security Fixes: A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.CVE-2022-41723...

Fedora 38 : ofono (2024-e8a02e129e)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e8a02e129e advisory. Backport upstream fixes for CVE-2023-4233 and CVE-2023-4234 Tenable has extracted the preceding description block directly from the Fedora security...

RHEL 9 : squid (RHSA-2024:1515)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1515 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP and HTTP data objects. Security Fixes: squid: Denial of Service in...

PT-2024-10418

Name of the Vulnerable Software and Affected Versions FFmpeg version 6.1.1 Description The issue is related to an integer overflow in the FFmpeg CAF decoder. This could potentially allow an attacker to cause a denial of service. Recommendations For version 6.1.1, consider updating to a newer...

DEBIAN-CVE-2024-29025

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The HttpPostRequestDecoder can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits ...

UBUNTU-CVE-2024-29025

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The HttpPostRequestDecoder can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits ...