Lucene search
K

2521 matches found

RedhatCVE
RedhatCVE
added 2025/02/10 9:56 p.m.8 views

CVE-2025-1151

A flaw was found in the ld linker utility of GNU Binutils. A specially-crafted payload may be able to trigger a memory leak, which can lead to an application crash or other undefined behavior...

3.1CVSS3.5AI score0.0056EPSS
Exploits1References8
AstraLinux
AstraLinux
added 2025/02/06 4:28 p.m.3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: objtool, spi: amd: Fix out-of-bounds stack access in amdsetspifreq If speedhz AMDSPIMINHZ, amdsetspifreq iterates over the entire amdspifreq array without breaking out early, causing 'i' to go beyond the array bounds. Fix that by...

7.8CVSS7.7AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:50 a.m.7 views

CVE-2021-37659

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all binary cwise operations that don't require broadcasting e.g., gradients of binary cwise operations. The implementatio...

7.8CVSS6.5AI score0.00176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:49 a.m.9 views

CVE-2021-37662

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can generate undefined behavior via a reference binding to nullptr in BoostedTreesCalculateBestGainsPerFeature and similar attack can occur in BoostedTreesCalculateBestFeatureSplitV2. The...

7.8CVSS6.5AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:47 a.m.8 views

CVE-2021-37657

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixDiagV. The implementation has incomplete validation that the value of k is a valid...

7.8CVSS6.7AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:47 a.m.5 views

CVE-2021-37663

TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in tf.rawops.QuantizeV2, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. Th...

7.8CVSS6.6AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:46 a.m.7 views

CVE-2021-37676

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.SparseFillEmptyRows. The shape inference implementation does not validate that the input arguments are not empt...

7.8CVSS6.5AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:46 a.m.8 views

CVE-2021-37658

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixSetDiagV. The implementation has incomplete validation that the value of k is a...

7.8CVSS6.7AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:45 a.m.8 views

CVE-2021-37667

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.UnicodeEncode. The implementation reads the first dimension of the inputsplits tensor before validating that th...

7.8CVSS6.5AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:18 p.m.12 views

CVE-2022-23562

Tensorflow is an Open Source Machine Learning Framework. The implementation of Range suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

8.8CVSS6.7AI score0.00578EPSS
Exploits0References1
OSV
OSV
added 2025/01/31 12:15 p.m.7 views

AZL-56406 CVE-2025-21680 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in getimixentries Passing a sufficient amount of imix entries leads to invalid access to the pktdev-imixentries array because of the incorrect boundary check. UBSAN: array-index-out-of-bounds in...

7.8CVSS6.6AI score0.00208EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/01/29 8:0 a.m.6 views

vdpa: solidrun: Fix UB bug with devres

...

7.8CVSS7.7AI score0.00214EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/01/13 6:50 a.m.8 views

CVE-2024-53680

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

5.5CVSS7.1AI score0.00224EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/01/12 12:15 a.m.3 views

SUSE CVE-2024-53680

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

5.8CVSS6.8AI score0.00224EPSS
Exploits0References17
NVD
NVD
added 2025/01/11 1:15 p.m.8 views

CVE-2024-53680

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

5.5CVSS0.00224EPSS
Exploits0References9
OSV
OSV
added 2025/01/11 1:15 p.m.5 views

DEBIAN-CVE-2024-53680

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

5.5CVSS6AI score0.00224EPSS
Exploits0References1
OSV
OSV
added 2025/01/11 1:15 p.m.2 views

UBUNTU-CVE-2024-53680

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

5.5CVSS6.4AI score0.00224EPSS
Exploits0References38
CVE
CVE
added 2025/01/11 12:25 p.m.1384 views

CVE-2024-53680

CVE-2024-53680: Linux kernel ipvs: fix for undefined behavior from an uninitialized on-stack 64-byte buffer in ip_vs_protocol_init() that stores protocol names and feeds it to strnlen() under Fortify, risking a boot-time panic or module load oops when ipvs is built-in. The issue stems from leavin...

5.5CVSS6.8AI score0.00224EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2025/01/11 12:25 p.m.6 views

CVE-2024-53680 ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

5.5CVSS6.3AI score0.00224EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/01/11 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an uninitialized stack buffer in the ipvsprotocolinit function, which could lead to undefined behavior ...

5.5CVSS6.7AI score0.00224EPSS
Exploits0References9
Rows per page
Query Builder