AlmaLinux 9 : java-17-openjdk (ALSA-2024:4568)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4568 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessive...

CVE-2024-26665 tunnels: fix out of bounds access when building IPv6 PMTU error

In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in docsum+0x220/0x240 Read of size 4 at addr...

PT-2023-12030 · Imagination Technologies +1 · Powervr +1

Name of the Vulnerable Software and Affected Versions: Android SoC versions affected versions not specified Description: A missing size check in the PowerVR kernel driver's PVRSRVBridgePhysmemImportSparseDmaBuf function could lead to an integer overflow, allowing out-of-bounds heap access. This...

PYSEC-2021-774

TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in tf.rawops.QuantizeV2, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. Th...

Updated ffmpeg package fixes security vulnerability

The mjpegdecodeapp function in libavcodec/mjpegdec.c in FFMpeg before 2.0.7 allows remote attackers to cause a denial of service out-of-bounds heap access and possibly have other unspecified impact via vectors related to LJIF tags in an MJPEG file CVE-2014-9316. The decodeihdrchunk function in...