CVE-2024-42136

CVE-2024-42136 affects the Linux kernel cdrom subsystem. The issue stems from an arithmetic path in last_media_change that could trigger a signed integer overflow under UBSAN when running syzkaller; the issue is resolved by rearranging the check to avoid any arithmetic, preventing the overflow. T...

CVE-2024-41000

In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: 62.982337 ------------ cut here ------------ 62.985692 cgroup: Invalid name 62.986211...

CVE-2024-41000 block/ioctl: prefer different overflow check

In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: 62.982337 ------------ cut here ------------ 62.985692 cgroup: Invalid name 62.986211...

CVE-2024-41000 block/ioctl: prefer different overflow check

In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: 62.982337 ------------ cut here ------------ 62.985692 cgroup: Invalid name 62.986211...

CVE-2024-41000 block/ioctl: prefer different overflow check

In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: 62.982337 ------------ cut here ------------ 62.985692 cgroup: Invalid name 62.986211...

CVE-2024-41000

In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: 62.982337 ------------ cut here ------------ 62.985692 cgroup: Invalid name 62.986211...

CVE-2024-41000

CVE-2024-41000 : Linux kernel: block/ioctl: prefer different overflow check. UBSAN signed-overflow triggered by overflow in signed arithmetic during ioctl handling; fixed by reworking the overflow check to avoid performing an actual overflow in the check itself. The issue is linked to reintroduci...

CVE-2023-52832

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211gettxpower We can get a UBSAN warning if ieee80211gettxpower returns the INTMIN value mac80211 internally uses for "unset power level". UBSAN: signed-integer-overflow in...

DEBIAN-CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

GHSA-PPX5-Q359-PVWJ vyper's range(start, start + N) reverts for negative numbers

Summary When looping over a range of the form rangestart, start + N, if start is negative, the execution will always revert. Details This issue is caused by an incorrect assertion inserted by the code generation of the range stmt.parseForrange:...

CVE-2024-32481 vyper's range(start, start + N) reverts for negative numbers

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a range of the form rangestart, start + N, if start is negative, the execution will always revert. This issue is caused by an incorrect assertion...

CVE-2024-32481 vyper's range(start, start + N) reverts for negative numbers

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a range of the form rangestart, start + N, if start is negative, the execution will always revert. This issue is caused by an incorrect assertion...

CVE-2024-32481

Vyper (Pythonic EVM language) is affected by CVE-2024-32481 in versions from 0.3.8 up to, but not including, 0.4.0b1. The vulnerability arises when looping with range(start, start + N) where start is negative; an incorrect assertion in the code generation of the range statement (stmt.parse_For_ra...

CVE-2024-24563

CVE-2024-24563 affects Vyper, where arrays can be indexed by signed integers even though defined for unsigned indices. The typechecker permits signed integers as array indexes, and with very large arrays, bounds checks can pass for negative values, leading to potential unpredictable behavior, acc...

kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()

A flaw was found in the Linux kernel’s TCP implementation in the function tcpaddbacklog. When calculating the maximum acceptable backlog for TCP sockets, the sum of the receive buffer skrcvbuf, the send buffer sksndbuf, and a fixed constant may exceed the maximum value of a signed integer due to...

kernel: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghesestatuspoolinit Change numghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc to fail. The overflow happens in ghesestatuspoolinit when calculating len duri...

Denial Of Service (DoS)

libsndfile.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a signed integer overflow in the mat4readheader function of mat4.c, which allows an attacker to cause an application crash...

signed integer overflow in filters/mux_isom.c:5716:20

Description The signed integer overflow in MP4Box, and the program will eventually crash due to double-free,. It is uncertain whether the signed integer overflow is directly related to double-free Version $ ./bin/gcc/MP4Box -version MP4Box - GPAC version 2.3-DEV-revrelease c 2000-2023 Telecom Par...

SUSE CVE-2022-33065

Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts...

CVE-2022-33065

Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts...