131 matches found
CVE-2024-35917
In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfplt pointer arithmetic Kui-Feng Lee reported a crash on s390x triggered by the dummystops/dummyinitptrarg test 1: 0x2 bpfstructopstestrun+0x156/0x250 sysbpf+0xa1a/0xd00 s390xsysbpf+0x44/0x50 dosyscall+0x244/0x300...
CVE-2024-35917
In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfplt pointer arithmetic Kui-Feng Lee reported a crash on s390x triggered by the dummystops/dummyinitptrarg test 1: 0x2 bpfstructopstestrun+0x156/0x250 sysbpf+0xa1a/0xd00 s390xsysbpf+0x44/0x50 dosyscall+0x244/0x300...
CVE-2024-35917 s390/bpf: Fix bpf_plt pointer arithmetic
In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfplt pointer arithmetic Kui-Feng Lee reported a crash on s390x triggered by the dummystops/dummyinitptrarg test 1: 0x2 bpfstructopstestrun+0x156/0x250 sysbpf+0xa1a/0xd00 s390xsysbpf+0x44/0x50 dosyscall+0x244/0x300...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing access to null pointers...
DEBIAN-CVE-2024-35842
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normallink string It's not granted that all entries of struct sofconnstream declare a normallink a non-SOF, direct link string, and this is the case for SoCs that support only SOF...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing null pointers in strcmp...
SUSE CVE-2024-26723
In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix crash when adding interface under a lag There is a crash when adding one of the lan966x interfaces under a lag interface. The issue can be reproduced like this: ip link add name bond0 type bond miimon 100 mode...
CVE-2024-26723
In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix crash when adding interface under a lag There is a crash when adding one of the lan966x interfaces under a lag interface. The issue can be reproduced like this: ip link add name bond0 type bond miimon 100 mode...
DEBIAN-CVE-2024-26723
In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix crash when adding interface under a lag There is a crash when adding one of the lan966x interfaces under a lag interface. The issue can be reproduced like this: ip link add name bond0 type bond miimon 100 mode...
BIT-TENSORFLOW-2021-29583 Heap buffer overflow and undefined behavior in `FusedBatchNorm`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FusedBatchNorm is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The...
GHSA-P4M5-32PR-2HQR PyPop C extensions possible vulnerability: missing arguments and redundant null pointers
Impact Code scanning revealed possible vulnerability in C extensions for PyPop: incorrect function calls missing arguments or wrongly typed arguments and redundant null pointers. Patches The problem has been patched and fixed in the latest release of PyPop: 1.0.2. Please upgrade your PyPop...
PyPop C extensions possible vulnerability: missing arguments and redundant null pointers
Impact Code scanning revealed possible vulnerability in C extensions for PyPop: incorrect function calls missing arguments or wrongly typed arguments and redundant null pointers. Patches The problem has been patched and fixed in the latest release of PyPop: 1.0.2. Please upgrade your PyPop...
PT-2024-40388 · Pypi · Pypop
Name of the Vulnerable Software and Affected Versions: PyPop versions prior to 1.0.2 Description: Code scanning revealed a possible issue in C extensions for PyPop, involving incorrect function calls, such as missing arguments or wrongly typed arguments, and redundant null pointers...
PT-2024-6076 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a crash when adding a lan966x interface under a lag interface in the Linux kernel. This can be reproduced by running specific commands, such as "ip link add nam...
PT-2023-34823 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 5.15.90 Description: A potential issue exists where sdata can be NULL during AMPDU start in the mac80211 wifi component. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
PT-2025-52948
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/msm/dpu subsystem where unallocated resources can be returned. Specifically, if a topology requests resources not created by the system, the dpu r...
Unicorn Engine Denial of Service Vulnerability
Unicorn Engine is an application. A lightweight, multi-platform, multi-architecture CPU simulator framework based on QEMU. Unicorn Engine v2.0.0-rc7 and earlier versions have a denial of service vulnerability that stems from qemuramfree dereferencing null pointers. An attacker could exploit this...
FIS GT.M Denial of Service Vulnerability (CNVD-2022-32800)
FIS GT.M is a database platform. A security vulnerability exists in FIS GT.M versions prior to V7.0-000, which stems from a lack of parameter validation when calling memcpy in strtok in srunix/ztimeoutroutines.c. The vulnerability can be exploited to attempt to read a null pointer. An attacker ca...
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.
...
多款Qualcomm产品代码问题漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. The Qualcomm chip has a code issue vulnerability that stems from...