163 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy The string ‘s’ provided by the user space could easily have a length of zero. If this is left unchecked, it will first result in an OOB read in the form of if str0 - ...
PT-2026-2884
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.54-syzkaller-00144-g5f0270f1ba00 Description The Linux kernel contains an issue in the ext4 filesystem related to string handling within the parse apply sb mount options function. The strscpy pad function is...
kernel: x86/mce: Work around an erratum on fast string copy instructions
In the Linux kernel, the following vulnerability has been resolved: x86/mce: Work around an erratum on fast string copy instructions A rare kernel panic scenario can happen when the following conditions are met due to an erratum on fast string copy instructions: 1 An uncorrected error. 2 That err...
UBUNTU-CVE-2023-46586
cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 before 1.0 lacks '\0' termination of the path for CGI scripts because strncpy is misused...
usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()
...
CVE-2024-42257 ext4: use memtostr_pad() for s_volume_name
In the Linux kernel, the following vulnerability has been resolved: ext4: use memtostrpad for svolumename As with the other strings in struct ext4superblock, svolumename is not NUL terminated. The other strings were marked in commit 072ebb3bffe6 "ext4: add nonstring annotations to ext4.h". Using...
DEBIAN-CVE-2024-42236
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' could trivially have the length zero. Left unchecked this will firstly result in an OOB read in the form if str0 - 1 == '\n' followed...
UBUNTU-CVE-2024-42236
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' could trivially have the length zero. Left unchecked this will firstly result in an OOB read in the form if str0 - 1 == '\n' followed...
CLSA-2024-1718903513 cups: Fix of 2 CVEs
CVE-2023-32360: require authentication for CUPS-Get-Document. - CVE-2023-32324: fix cupsstrlcpy to exit immediately if a length of the source string is zero...
CLSA-2024-1718903288 cups: Fix of 2 CVEs
CVE-2023-32360: require authentication for CUPS-Get-Document. - CVE-2023-32324: fix cupsstrlcpy to exit immediately if a length of the source string is zero...
DEBIAN-CVE-2021-47262
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message Use the string machinery provided by the tracing subystem to make a copy of the string literals consumed by the "nested VM-Enter failed" tracepoint. A complet...
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.
...
Out-of-bounds Read
onnx is vulnerable to an Out-of-bounds Read. The vulnerability is due to missing buffer size checks which results in an off by one string copy within the ONNXASSERT and ONNXASSERTM functions...
GHSA-H8WV-9H96-M4HR Onnx Out-of-bounds Read vulnerability
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNXASSERT and ONNXASSERTM functions have an off by one string copy...
CVE-2024-27319
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNXASSERT and ONNXASSERTM functions have an off by one string copy...
PYSEC-2024-223
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNXASSERT and ONNXASSERTM functions have an off by one string copy...
Out-of-bounds
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNXASSERT and ONNXASSERTM functions have an off by one string copy...
CVE-2024-27319
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNXASSERT and ONNXASSERTM functions have an off by one string copy...
CVE-2023-39444
Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds...
CVE-2023-38649
Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concer...