211 matches found
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bondoptionarpiptargetsset CVE-2024-39487 In the Linux kernel, the following vulnerability has been resolved: ima: Avoid blocking in RCU read-side critical section CVE-2024-40947 ...
kernel: smb: client: fix potential OOBs in smb2_parse_contexts()
A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts...
kernel: smb: client: fix potential OOBs in smb2_parse_contexts()
A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts...
kernel: smb: client: fix potential OOBs in smb2_parse_contexts()
A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts...
SUSE CVE-2021-47243
In the Linux kernel, the following vulnerability has been resolved: schcake: Fix out of bounds when parsing TCP options and header The TCP option parser in cake qdisc cakegettcpopt and caketcphmaydrop could read one byte out of bounds. When the length is 1, the execution flow gets into the loop,...
kernel: smb: client: fix potential OOBs in smb2_parse_contexts()
A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts...
kernel: smb: client: fix potential OOBs in smb2_parse_contexts()
A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts...
AZL-47639 CVE-2023-52755 affecting package kernel for versions less than 6.6.3.1-1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab out of bounds write in smbinheritdacl slab out-of-bounds write is caused by that offsets is bigger than pntsd allocation size. This patch add the check to validate 3 offsets using allocation size...
DEBIAN-CVE-2023-52755
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab out of bounds write in smbinheritdacl slab out-of-bounds write is caused by that offsets is bigger than pntsd allocation size. This patch add the check to validate 3 offsets using allocation size...
freerdp: missing offset validation leading to Out Of Bound Read
A flaw was found in FreeRDP. In the libfreerdp/codec/rfx.c file, there is no offset validation in tile-quantIdxY, tile-quantIdxCb, and tile-quantIdxCr. As a result, crafted input can lead to an out-of-bounds read, which may result in a crash...
SUSE CVE-2023-52434
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2parsecontexts Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. This fixes following oops when accessing invalid create contexts from server: BUG: unabl...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from not checking the offset of variables...
DEBIAN-CVE-2023-52434
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2parsecontexts Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. This fixes following oops when accessing invalid create contexts from server: BUG: unabl...
kernel: bus: mhi: host: Range check CHDBOFF and ERDBOFF
A missing bounds check flaw was found in the Linux kernel's Modem Host Interface bus driver in the channel doorbell offset validation logic. A local user can trigger this issue on systems with MHI devices typically Qualcomm modems or wireless cards by using a device that provides malformed or...
Fedora 39 : freerdp (2023-74108ca60d)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-74108ca60d advisory. Update to 2.11.1 ---- Update to 2.11.0 CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-4018...
Fedora 37 : freerdp (2023-5e6796cb83)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5e6796cb83 advisory. Update to 2.11.1 ---- Update to 2.11.0 CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-4018...
Out-of-bounds Write
libfreerdp.so is vulnerable to Out-of-bounds Write. The vulnerability is due to a missing offset validation check in the cleardecompressbandsdata function leading to Denial Of Service DoS attacks...
Fedora 38 : freerdp (2023-10e43bcebb)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-10e43bcebb advisory. Update to 2.11.1 ---- Update to 2.11.0 CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-4018...
CVE-2023-39353
A flaw was found in FreeRDP. In the libfreerdp/codec/rfx.c file, there is no offset validation in tile-quantIdxY, tile-quantIdxCb, and tile-quantIdxCr. As a result, crafted input can lead to an out-of-bounds read, which may result in a crash...
SUSE CVE-2023-39352
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values rect-left and rect-top are exactly equal to surface-width and...