76 matches found
CVE-2024-49995
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-49995
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-49995
...
CVE-2024-49995
...
CVE-2024-49995
CVE-2024-49995 affects Linux kernels and is described as a string buffer overrun in the TIPC subsystem. Public advisories (e.g., Siemens/ICS, CISA, and Amazon Linux livepatch notes) identify the issue as resolved by updating to patched kernel versions or applying kernel livepatches (e.g., 4.14.35...
CVE-2024-42257 ext4: use memtostr_pad() for s_volume_name
In the Linux kernel, the following vulnerability has been resolved: ext4: use memtostrpad for svolumename As with the other strings in struct ext4superblock, svolumename is not NUL terminated. The other strings were marked in commit 072ebb3bffe6 "ext4: add nonstring annotations to ext4.h". Using...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from the use of the strscpy function instead of the memtostrpad function...
CVE-2024-26889
A buffer overflow flaw was found in struct hcidevinfo in the variable name8 in the Linkkux Kernel. If an attacker crafts an exploit copying more than the size of the name8, it results in a buffer overflow and a denial of service...
DEBIAN-CVE-2024-26889
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix possible buffer overflow struct hcidevinfo has a fixed size name8 field so in the event that hdev-name is bigger than that strcpy would attempt to write past its size, so this fixes this problem by switchi...
CVE-2024-26889
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix possible buffer overflow struct hcidevinfo has a fixed size name8 field so in the event that hdev-name is bigger than that strcpy would attempt to write past its size, so this fixes this problem by switchi...
UBUNTU-CVE-2024-26889
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix possible buffer overflow struct hcidevinfo has a fixed size name8 field so in the event that hdev-name is bigger than that strcpy would attempt to write past its size, so this fixes this problem by switchi...
CVE-2024-26889 Bluetooth: hci_core: Fix possible buffer overflow
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix possible buffer overflow struct hcidevinfo has a fixed size name8 field so in the event that hdev-name is bigger than that strcpy would attempt to write past its size, so this fixes this problem by switchi...
CVE-2024-26889 Bluetooth: hci_core: Fix possible buffer overflow
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix possible buffer overflow struct hcidevinfo has a fixed size name8 field so in the event that hdev-name is bigger than that strcpy would attempt to write past its size, so this fixes this problem by switchi...
kernel: mm/page_owner: use strscpy() instead of strlcpy()
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...
kernel: mm/page_owner: use strscpy() instead of strlcpy()
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...
GSD-2022-1002421 video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow
video: fbdev: nvidiafb: Use strscpy to prevent buffer overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.276 by commit...