9 matches found
DEBIAN-CVE-2024-46852
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
AZL-49809 CVE-2024-46852 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
UBUNTU-CVE-2024-46852
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
CVE-2024-46852
CVE-2024-46852 — Linux kernel CMA heap off-by-one fix : The issue occurred when a mapping larger than the buffer size could be created via mremap, allowing an overflow bypass in dma_buf_mmap_internal. The CMA heap fault handler incorrectly bound the fault offset by 1 when validating the end of th...
CVE-2024-46852 dma-buf: heaps: Fix off-by-one in CMA heap fault handler
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
CVE-2024-46852 dma-buf: heaps: Fix off-by-one in CMA heap fault handler
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
Low: gawk
Issue Overview: A heap out-of-bounds read flaw was found in builtin.c in the gawk package which may result in a crash of the software. CVE-2023-4156 Affected Packages: gawk Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between A...
CVE-2017-10782
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!RtlpFreeHeap+0x00000000000003ca."...
CVE-2017-10732
IrfanView version 4.44 32bit might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!RtlpAllocateHeap+0x0000000000000429."...